Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          KHyr5OiZ6uxEbTzHyKn36taYTDH7Yr9Sc1eQLVmk+nA=
Subject key identifier:   0A:2A:39:AE:4F:88:C4:2C:05:C2:21:35:F4:FC:A2:68:8F:9C:10:72
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       019578A25AB11FF3CB3731B4D91BD45F8979
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          B0
Signing time:             Sun 09 Mar 2025 02:01:00 +0000
Manifest this update:     Sun 09 Mar 2025 02:01:00 +0000
Manifest next update:     Mon 10 Mar 2025 02:01:00 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: YSrGtVD09P+/Xi+PW5+gX6lrL7qb2drPnT08zoZ6JMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 02:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:78:a2:5a:b1:1f:f3:cb:37:31:b4:d9:1b:d4:5f:89:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Mar  9 02:01:00 2025 GMT
            Not After : Mar 10 02:01:00 2025 GMT
        Subject: CN=0a2a39ae4f88c42c05c22135f4fca2688f9c1072
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:16:8a:f9:c1:cc:50:71:83:43:cf:7b:cb:a3:
                    c3:35:52:04:8c:f6:ff:04:e8:bf:e9:b7:b8:ed:55:
                    5a:bf:c7:c7:46:cf:91:20:d3:92:77:e8:3c:50:c0:
                    5e:19:e2:dd:64:50:99:4b:f8:71:c3:8d:52:eb:28:
                    af:1a:51:28:2d:69:d0:73:ff:1d:dc:f0:ee:18:9f:
                    57:30:f5:65:47:1b:b2:a5:43:89:e5:60:04:e1:f3:
                    01:e0:4d:33:5f:22:5a:08:30:dd:ac:68:dd:ee:72:
                    cc:01:04:06:ae:ca:c5:45:2f:34:8d:d7:cb:99:3d:
                    00:14:d8:92:4c:50:dd:de:8a:db:c7:e6:c6:e4:1b:
                    01:08:60:44:52:5d:0e:86:b0:1b:78:ed:2f:9f:19:
                    0f:21:d3:d6:88:b7:da:17:59:31:1c:d9:62:6b:9f:
                    c9:46:8b:1d:d2:a9:e2:c8:57:d0:82:2b:09:d1:e4:
                    fb:29:ff:7a:4e:bd:bb:6d:2b:76:18:8a:42:9c:1b:
                    dd:4a:db:b0:48:eb:f9:61:1a:38:d8:b1:f9:65:ac:
                    dc:0d:2c:ee:b9:e8:86:2a:5f:13:8e:6e:5f:f3:19:
                    81:d6:dd:37:d5:2f:91:8b:3a:bd:72:8e:fa:af:72:
                    af:78:53:e3:d7:9b:ab:92:1c:42:91:f2:35:32:9b:
                    43:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:2A:39:AE:4F:88:C4:2C:05:C2:21:35:F4:FC:A2:68:8F:9C:10:72
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:69:40:3f:ca:de:f6:a5:d4:ef:05:e1:b7:b8:a2:36:ee:2e:
         dc:d6:c1:9f:24:f2:91:72:02:7d:42:94:cb:fb:7c:62:e1:d6:
         19:02:48:81:40:00:11:be:a3:8f:86:db:93:f3:d8:bb:67:04:
         2e:81:d1:4a:42:18:fb:ff:9e:53:27:0a:14:8e:03:43:73:0a:
         a1:df:f4:44:7b:21:50:13:a8:69:40:48:e8:9d:02:11:ca:74:
         c4:9b:db:58:a2:25:1c:76:a3:21:3f:e5:3c:36:29:8a:31:a3:
         a2:57:fe:7d:76:3a:c2:af:62:3b:c9:73:72:b1:a6:03:c8:6a:
         97:79:e7:e2:62:6a:75:41:bb:99:50:34:43:5c:4d:07:29:d0:
         63:60:81:9a:46:3f:5a:32:aa:0a:c0:6d:e2:23:6c:e8:9a:96:
         95:04:29:f6:c3:04:10:82:79:7d:3c:54:58:c2:88:fa:87:27:
         74:85:13:f4:1a:80:e9:7b:8c:df:bf:fa:4f:df:a5:75:eb:7a:
         fc:fb:1e:56:53:dd:b1:a4:65:df:b1:90:93:c1:74:53:85:a4:
         e1:55:4b:6a:2d:40:86:eb:8e:c7:75:24:8b:f8:31:95:8a:2a:
         e5:2f:ef:4b:61:75:70:f5:8d:01:ca:d1:9b:e8:64:d2:90:77:
         1f:81:08:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV4olqxH/PLNzG02RvUX4l5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUwMzA5MDIwMTAwWhcNMjUwMzEwMDIwMTAwWjAzMTEwLwYDVQQD
EygwYTJhMzlhZTRmODhjNDJjMDVjMjIxMzVmNGZjYTI2ODhmOWMxMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRaK+cHMUHGDQ897y6PDNVIEjPb/
BOi/6be47VVav8fHRs+RINOSd+g8UMBeGeLdZFCZS/hxw41S6yivGlEoLWnQc/8d
3PDuGJ9XMPVlRxuypUOJ5WAE4fMB4E0zXyJaCDDdrGjd7nLMAQQGrsrFRS80jdfL
mT0AFNiSTFDd3orbx+bG5BsBCGBEUl0OhrAbeO0vnxkPIdPWiLfaF1kxHNlia5/J
Rosd0qniyFfQgisJ0eT7Kf96Tr27bSt2GIpCnBvdStuwSOv5YRo42LH5ZazcDSzu
ueiGKl8Tjm5f8xmB1t031S+Rizq9co76r3KveFPj15urkhxCkfI1MptD5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoqOa5PiMQsBcIhNfT8omiPnBByMB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAGlAP8re
9qXU7wXht7iiNu4u3NbBnyTykXICfUKUy/t8YuHWGQJIgUAAEb6jj4bbk/PYu2cE
LoHRSkIY+/+eUycKFI4DQ3MKod/0RHshUBOoaUBI6J0CEcp0xJvbWKIlHHajIT/l
PDYpijGjolf+fXY6wq9iO8lzcrGmA8hql3nn4mJqdUG7mVA0Q1xNBynQY2CBmkY/
WjKqCsBt4iNs6JqWlQQp9sMEEIJ5fTxUWMKI+ocndIUT9BqA6XuM37/6T9+ldet6
/PseVlPdsaRl37GQk8F0U4Wk4VVLai1AhuuOx3Uki/gxlYoq5S/vS2F1cPWNAcrR
m+hk0pB3H4EIJQ==
-----END CERTIFICATE-----