Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
File:                     XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft (raw, json)
Hash identifier:          duugQ1hfm13r0/M1AzWTmRwnw+7k3lHW2pNiqVu3T8k=
Subject key identifier:   22:89:12:D7:93:DE:BE:98:0E:76:96:5F:44:B0:A1:2A:7D:FC:DD:F5
Authority key identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
Certificate issuer:       /CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
Certificate serial:       01958BBB2495D527C2DAE38B93391F490C8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
Manifest number:          1494
Signing time:             Wed 12 Mar 2025 19:00:52 +0000
Manifest this update:     Wed 12 Mar 2025 19:00:52 +0000
Manifest next update:     Thu 13 Mar 2025 19:00:52 +0000
Files and hashes:         1: XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl (hash: cKhPPPLFgWLdcGqHennvgJhDn2jC4jW4rEiUw+pEkNc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:bb:24:95:d5:27:c2:da:e3:8b:93:39:1f:49:0c:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
        Validity
            Not Before: Mar 12 19:00:52 2025 GMT
            Not After : Mar 13 19:00:52 2025 GMT
        Subject: CN=228912d793debe980e76965f44b0a12a7dfcddf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:48:34:ad:b9:a5:8c:49:81:c7:83:62:b0:00:
                    7a:6f:d0:69:d3:be:49:be:51:82:54:ec:a9:33:01:
                    fe:db:a1:54:eb:46:05:c3:8a:b0:ce:a0:8e:5a:76:
                    06:58:8d:ae:d6:42:7c:22:8d:47:9b:33:63:e5:7d:
                    1d:5a:74:1c:99:40:39:f2:1a:43:24:fb:29:c2:22:
                    8d:46:79:c6:94:19:77:68:28:0c:9f:0c:1c:35:d8:
                    21:fa:15:41:f2:45:fa:56:00:44:d8:e1:ae:ca:6a:
                    69:13:9f:5f:4d:6d:e5:fd:d3:ef:76:d7:a2:d9:6c:
                    55:7d:2c:46:98:4c:8f:94:87:8f:5a:f9:ef:90:6c:
                    28:9b:3e:92:12:e4:02:dd:50:e5:d8:8e:db:af:92:
                    f3:25:64:76:e2:32:81:ff:39:02:cb:f0:e5:10:40:
                    6e:7d:b7:cc:91:f4:56:d0:ee:8a:66:c0:3b:bb:d9:
                    93:e7:f4:32:1a:47:5b:b3:c6:d8:23:2b:9e:ee:13:
                    58:c6:d6:1e:ad:ed:3c:5c:b9:fe:30:28:44:9c:ac:
                    f6:7c:49:e5:93:62:a1:48:9c:e2:eb:9c:f0:5a:a8:
                    71:14:c4:9d:3c:f6:6b:41:62:23:23:ac:bd:2d:78:
                    6a:26:5a:1b:02:14:ac:4f:1c:88:28:5a:f1:4d:f6:
                    d0:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:89:12:D7:93:DE:BE:98:0E:76:96:5F:44:B0:A1:2A:7D:FC:DD:F5
            X509v3 Authority Key Identifier:
                keyid:5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:ea:72:63:c5:01:ee:5a:bb:bf:f8:cb:28:23:ae:e7:e3:f1:
         2c:0a:cb:e9:c0:9e:8e:88:c8:38:ee:a5:34:8f:eb:01:3c:d0:
         80:eb:bd:b3:88:4d:a3:de:5b:58:11:6e:b3:45:1e:ca:a4:bc:
         ee:37:ff:30:34:b1:69:da:41:b6:42:1d:60:20:8d:fc:e7:a9:
         44:7d:99:3e:2e:98:4d:7a:7f:f8:2b:b9:a3:35:ef:6d:1f:8a:
         c3:af:05:6f:53:79:51:15:8e:f3:bd:5d:88:ca:3a:cd:1f:f9:
         7e:d3:b7:85:5b:e2:6d:31:6c:5a:91:08:ed:38:9b:59:d0:ee:
         19:a7:83:c1:75:2a:cf:8d:d2:59:cc:ad:68:a8:bd:8d:1a:c0:
         3f:a9:0d:64:1a:96:0b:4a:09:ae:1a:cb:1d:52:9f:89:e1:22:
         8c:82:02:26:48:d3:79:bb:7c:b2:35:73:71:8b:e9:56:7f:5e:
         c7:89:7d:1a:81:7c:03:56:a2:ef:cd:39:f3:1c:93:b4:7c:1f:
         46:3c:a6:f9:c8:d0:ea:5c:e5:35:d4:ae:c7:01:c7:c5:82:bb:
         aa:2d:e0:c8:a7:24:8a:83:7c:5f:a9:68:1e:4e:68:90:44:61:
         77:18:89:95:af:f6:c1:81:d6:08:bb:04:c2:8c:97:87:50:ab:
         6a:28:7c:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLuySV1SfC2uOLkzkfSQyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg1ZjFkZDRkMDM0NjQ4MGYwMDk4NzRhOGY1NjcwZTMx
MDg1YzIwHhcNMjUwMzEyMTkwMDUyWhcNMjUwMzEzMTkwMDUyWjAzMTEwLwYDVQQD
EygyMjg5MTJkNzkzZGViZTk4MGU3Njk2NWY0NGIwYTEyYTdkZmNkZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg0rbmljEmBx4NisAB6b9Bp075J
vlGCVOypMwH+26FU60YFw4qwzqCOWnYGWI2u1kJ8Io1HmzNj5X0dWnQcmUA58hpD
JPspwiKNRnnGlBl3aCgMnwwcNdgh+hVB8kX6VgBE2OGuymppE59fTW3l/dPvdtei
2WxVfSxGmEyPlIePWvnvkGwomz6SEuQC3VDl2I7br5LzJWR24jKB/zkCy/DlEEBu
fbfMkfRW0O6KZsA7u9mT5/QyGkdbs8bYIyue7hNYxtYere08XLn+MChEnKz2fEnl
k2KhSJzi65zwWqhxFMSdPPZrQWIjI6y9LXhqJlobAhSsTxyIKFrxTfbQbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKJEteT3r6YDnaWX0SwoSp9/N31MB8GA1UdIwQY
MBaAFF6oXx3U0DRkgPAJh0qPVnDjEIXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgt
NTkwYzVmMWIwMWIzLzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgtNTkwYzVmMWIwMWIz
LzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhupyY8UB
7lq7v/jLKCOu5+PxLArL6cCejojIOO6lNI/rATzQgOu9s4hNo95bWBFus0UeyqS8
7jf/MDSxadpBtkIdYCCN/OepRH2ZPi6YTXp/+Cu5ozXvbR+Kw68Fb1N5URWO871d
iMo6zR/5ftO3hVvibTFsWpEI7TibWdDuGaeDwXUqz43SWcytaKi9jRrAP6kNZBqW
C0oJrhrLHVKfieEijIICJkjTebt8sjVzcYvpVn9ex4l9GoF8A1ai78058xyTtHwf
Rjym+cjQ6lzlNdSuxwHHxYK7qi3gyKckioN8X6loHk5okERhdxiJla/2wYHWCLsE
woyXh1Craih8Tw==
-----END CERTIFICATE-----