Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.mft
File:                     XhG23vM9-aR3sofFIN7ExPYLOo8.mft (raw, json)
Hash identifier:          XF12m2BAtQtT/X78HjWjBs9OBwnPxB1WrfT1w/6l+fo=
Subject key identifier:   1F:AE:AF:0E:7C:75:E1:12:B9:60:A5:FB:C4:F6:EF:37:2C:77:BF:51
Authority key identifier: 5E:11:B6:DE:F3:3D:F9:A4:77:B2:87:C5:20:DE:C4:C4:F6:0B:3A:8F
Certificate issuer:       /CN=5e11b6def33df9a477b287c520dec4c4f60b3a8f
Certificate serial:       01964D7DD47612860244E7A39C9594E564AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XhG23vM9-aR3sofFIN7ExPYLOo8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.mft
Manifest number:          0A26
Signing time:             Sat 19 Apr 2025 10:00:14 +0000
Manifest this update:     Sat 19 Apr 2025 10:00:14 +0000
Manifest next update:     Sun 20 Apr 2025 10:00:14 +0000
Files and hashes:         1: XhG23vM9-aR3sofFIN7ExPYLOo8.crl (hash: iDGDbsFIUOi+tJsfbapJfAR1EUwPF/8ErlGI8Mnkrwc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XhG23vM9-aR3sofFIN7ExPYLOo8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7d:d4:76:12:86:02:44:e7:a3:9c:95:94:e5:64:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e11b6def33df9a477b287c520dec4c4f60b3a8f
        Validity
            Not Before: Apr 19 10:00:14 2025 GMT
            Not After : Apr 20 10:00:14 2025 GMT
        Subject: CN=1faeaf0e7c75e112b960a5fbc4f6ef372c77bf51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:90:ad:0c:13:c3:36:f8:4e:bc:1a:a5:c7:3f:
                    63:48:ce:e3:52:63:4f:87:09:be:eb:c6:d8:ac:0e:
                    7a:85:a8:2b:3a:51:73:2a:92:1a:a9:13:3e:78:57:
                    f2:0b:2b:f5:a2:91:b9:1a:ee:95:a8:e5:6e:d1:55:
                    ff:22:19:1b:b3:fb:12:be:ae:aa:61:a9:0c:f8:8a:
                    d6:1e:ab:15:01:a2:48:29:18:35:59:49:ed:90:f0:
                    0d:d5:fc:34:17:5d:07:6d:f1:71:be:6b:9c:37:b8:
                    44:0d:68:3e:f8:7b:97:20:84:40:5d:ad:f6:c3:04:
                    c7:16:75:80:2d:44:c4:a1:d7:db:1a:36:c0:05:15:
                    15:7d:1e:8f:96:de:f0:73:a4:d6:b0:ed:6e:d0:82:
                    c5:c4:4d:8c:38:d6:b8:94:08:74:39:a0:02:cf:a6:
                    71:67:cf:95:de:05:e9:47:89:f5:3f:7b:cf:cf:9c:
                    9e:8d:60:96:9d:5f:ab:ac:58:89:9a:e5:81:20:3f:
                    b6:d1:95:de:2c:f0:32:16:16:18:41:d9:d6:10:69:
                    56:73:80:eb:2b:54:77:8c:f1:d9:80:d6:c9:9c:1b:
                    d6:d7:5f:9f:28:3f:c1:08:33:fa:0a:12:1c:cb:23:
                    e4:ee:6d:29:56:2c:fa:3d:28:87:75:0f:1c:61:e5:
                    1c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:AE:AF:0E:7C:75:E1:12:B9:60:A5:FB:C4:F6:EF:37:2C:77:BF:51
            X509v3 Authority Key Identifier:
                keyid:5E:11:B6:DE:F3:3D:F9:A4:77:B2:87:C5:20:DE:C4:C4:F6:0B:3A:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XhG23vM9-aR3sofFIN7ExPYLOo8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:3e:42:7f:e5:a9:54:0a:cc:df:7b:7b:18:7c:f6:f4:fb:b8:
         4d:0f:eb:c2:72:1a:fc:b0:a8:2f:87:86:87:53:66:bd:1a:3c:
         24:57:ee:32:4f:57:8b:8e:3b:24:df:0f:5b:e2:a6:57:4f:02:
         63:f2:ef:d2:a1:ed:b4:c6:2a:27:45:6b:44:21:8f:a9:48:75:
         fb:c5:59:77:7e:32:16:6d:d3:e3:b7:9b:a9:56:57:11:ba:32:
         96:48:74:64:b8:87:f7:b3:13:ae:81:f7:ae:89:93:fd:13:3a:
         1b:2e:3e:7f:29:25:78:43:c8:08:dd:a1:11:ac:86:04:d6:43:
         4a:ec:98:48:b5:15:0a:b9:39:0f:5a:4a:79:32:e0:ff:d5:59:
         98:45:72:39:59:a7:1d:a7:55:c0:29:d7:48:70:69:be:a3:5c:
         01:24:1c:86:f1:93:31:00:f0:2f:a9:d5:ae:dd:cc:51:20:77:
         9b:5a:aa:f4:b4:ae:30:bc:57:39:c1:93:65:22:58:eb:62:1c:
         b8:43:c0:7b:34:2c:72:ed:97:7e:4d:f7:6d:09:9f:f0:22:7e:
         18:7b:fe:c8:c3:98:30:03:c9:49:e5:5f:13:b6:fb:be:ae:e1:
         fa:16:5e:32:6f:0c:3b:2d:3b:61:ba:4a:b4:86:86:56:9f:a5:
         18:81:06:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfdR2EoYCROejnJWU5WSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMTFiNmRlZjMzZGY5YTQ3N2IyODdjNTIwZGVjNGM0ZjYw
YjNhOGYwHhcNMjUwNDE5MTAwMDE0WhcNMjUwNDIwMTAwMDE0WjAzMTEwLwYDVQQD
EygxZmFlYWYwZTdjNzVlMTEyYjk2MGE1ZmJjNGY2ZWYzNzJjNzdiZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZCtDBPDNvhOvBqlxz9jSM7jUmNP
hwm+68bYrA56hagrOlFzKpIaqRM+eFfyCyv1opG5Gu6VqOVu0VX/Ihkbs/sSvq6q
YakM+IrWHqsVAaJIKRg1WUntkPAN1fw0F10HbfFxvmucN7hEDWg++HuXIIRAXa32
wwTHFnWALUTEodfbGjbABRUVfR6Plt7wc6TWsO1u0ILFxE2MONa4lAh0OaACz6Zx
Z8+V3gXpR4n1P3vPz5yejWCWnV+rrFiJmuWBID+20ZXeLPAyFhYYQdnWEGlWc4Dr
K1R3jPHZgNbJnBvW11+fKD/BCDP6ChIcyyPk7m0pViz6PSiHdQ8cYeUcdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+urw58deESuWCl+8T27zcsd79RMB8GA1UdIwQY
MBaAFF4Rtt7zPfmkd7KHxSDexMT2CzqPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGhHMjN2TTktYVIzc29mRklON0V4UFlMT284LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jMjhjMzctZjdlYS00ODg2LThlYTgt
NDBjZjNlMDFmMDZmLzEvWGhHMjN2TTktYVIzc29mRklON0V4UFlMT284Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jMjhjMzctZjdlYS00ODg2LThlYTgtNDBjZjNlMDFmMDZm
LzEvWGhHMjN2TTktYVIzc29mRklON0V4UFlMT284LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfj5Cf+Wp
VArM33t7GHz29Pu4TQ/rwnIa/LCoL4eGh1NmvRo8JFfuMk9Xi447JN8PW+KmV08C
Y/Lv0qHttMYqJ0VrRCGPqUh1+8VZd34yFm3T47ebqVZXEboylkh0ZLiH97MTroH3
romT/RM6Gy4+fykleEPICN2hEayGBNZDSuyYSLUVCrk5D1pKeTLg/9VZmEVyOVmn
HadVwCnXSHBpvqNcASQchvGTMQDwL6nVrt3MUSB3m1qq9LSuMLxXOcGTZSJY62Ic
uEPAezQscu2Xfk33bQmf8CJ+GHv+yMOYMAPJSeVfE7b7vq7h+hZeMm8MOy07YbpK
tIaGVp+lGIEGUA==
-----END CERTIFICATE-----