Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
File:                     XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft (raw, json)
Hash identifier:          2r6oTWC76EIiJ7eSmjFcot6KXyspYPL5B3r35bRoYh0=
Subject key identifier:   19:6D:0F:49:20:53:50:7D:8C:EE:49:9A:8B:D4:74:1C:06:50:B6:69
Authority key identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
Certificate issuer:       /CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
Certificate serial:       01964331E65963E22C4ABA037014F602181B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
Manifest number:          14F3
Signing time:             Thu 17 Apr 2025 10:01:05 +0000
Manifest this update:     Thu 17 Apr 2025 10:01:05 +0000
Manifest next update:     Fri 18 Apr 2025 10:01:05 +0000
Files and hashes:         1: XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl (hash: t83TSq5M5ata9UXaC7F0jKtP0k7AHQEsfPAgQ2T2Nj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 10:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:31:e6:59:63:e2:2c:4a:ba:03:70:14:f6:02:18:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
        Validity
            Not Before: Apr 17 10:01:05 2025 GMT
            Not After : Apr 18 10:01:05 2025 GMT
        Subject: CN=196d0f492053507d8cee499a8bd4741c0650b669
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a3:64:94:72:a5:64:c3:d6:7a:d6:80:22:25:
                    ef:e9:bf:3f:91:9f:1f:dc:75:29:6b:18:41:51:2a:
                    cd:68:c1:02:a5:62:5d:11:69:13:e1:36:8e:0a:ff:
                    9f:73:1b:ff:2d:05:b8:6c:23:26:bb:b6:ae:df:ff:
                    3a:68:d3:43:4e:d4:5e:3f:69:2c:d0:be:17:7b:81:
                    fa:f2:e1:fa:7b:ae:c5:d3:b6:4c:e8:d4:5c:b3:e7:
                    af:9c:64:04:77:d0:8c:18:55:64:dd:59:0c:ec:50:
                    38:0b:37:13:06:a4:e4:33:29:63:06:4b:b7:f5:a3:
                    da:34:96:d7:cc:78:f4:24:f1:42:45:67:30:f9:1a:
                    d6:15:dd:dd:8c:42:8b:2a:b7:d2:eb:68:69:e7:57:
                    ff:3b:1b:db:2a:e6:40:29:c8:09:13:ba:41:a6:74:
                    04:3d:91:a4:41:b4:25:92:20:a5:dd:c2:3d:35:f6:
                    1b:71:d2:db:13:90:f0:4c:f2:45:21:4e:eb:a3:9b:
                    9c:0c:bf:70:79:a7:68:4e:fc:76:0c:7c:75:b4:44:
                    57:74:f5:35:77:41:e1:84:d4:66:b4:dc:0b:fe:54:
                    f2:89:87:5e:c8:15:15:25:e9:38:58:f5:1e:95:0e:
                    04:8e:68:8e:45:bb:75:42:fe:1a:b6:d2:88:84:74:
                    61:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:6D:0F:49:20:53:50:7D:8C:EE:49:9A:8B:D4:74:1C:06:50:B6:69
            X509v3 Authority Key Identifier:
                keyid:5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:2a:8a:7f:00:28:48:21:ad:a7:20:40:3c:f9:c0:f6:a2:22:
         c3:d1:1d:d5:69:e3:c8:1b:4f:cc:84:74:59:ad:52:1e:94:1e:
         87:df:ec:95:1f:fa:33:81:ad:d6:8f:a7:ed:ee:1e:86:f7:8a:
         4e:0b:a0:72:3d:87:bc:3b:d2:21:68:2b:dc:a8:73:95:1f:22:
         52:79:da:35:9d:66:e1:48:e4:b6:9c:15:56:12:9c:30:03:86:
         f0:99:cd:a4:e9:a2:dc:f6:cf:44:dd:86:aa:1d:a5:b0:f2:23:
         9c:63:2f:65:59:1b:27:5b:4f:90:cb:0f:41:ac:5d:b2:76:93:
         0d:cb:77:c5:5a:b0:da:c1:7c:b8:c8:13:f3:94:15:4f:0d:8c:
         64:0d:65:90:c4:3a:50:38:bb:6a:57:f9:93:e2:d8:45:a6:ee:
         90:e1:53:3e:b9:99:f5:48:0b:33:5a:46:86:ff:aa:c4:a3:bf:
         ee:94:20:39:20:82:20:1a:7a:af:57:d2:be:62:be:db:c1:b9:
         e1:4d:23:da:f3:92:12:7d:f6:7e:67:1b:65:d6:e1:c8:d1:e2:
         df:23:63:e1:29:3f:1d:42:35:c3:22:15:a8:f6:cf:ed:8a:49:
         34:33:1b:4e:65:82:1a:ef:f1:50:05:a3:66:fb:94:b9:e3:fa:
         f6:19:5c:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZDMeZZY+IsSroDcBT2AhgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg1ZjFkZDRkMDM0NjQ4MGYwMDk4NzRhOGY1NjcwZTMx
MDg1YzIwHhcNMjUwNDE3MTAwMTA1WhcNMjUwNDE4MTAwMTA1WjAzMTEwLwYDVQQD
EygxOTZkMGY0OTIwNTM1MDdkOGNlZTQ5OWE4YmQ0NzQxYzA2NTBiNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaNklHKlZMPWetaAIiXv6b8/kZ8f
3HUpaxhBUSrNaMECpWJdEWkT4TaOCv+fcxv/LQW4bCMmu7au3/86aNNDTtReP2ks
0L4Xe4H68uH6e67F07ZM6NRcs+evnGQEd9CMGFVk3VkM7FA4CzcTBqTkMyljBku3
9aPaNJbXzHj0JPFCRWcw+RrWFd3djEKLKrfS62hp51f/OxvbKuZAKcgJE7pBpnQE
PZGkQbQlkiCl3cI9NfYbcdLbE5DwTPJFIU7ro5ucDL9weadoTvx2DHx1tERXdPU1
d0HhhNRmtNwL/lTyiYdeyBUVJek4WPUelQ4EjmiORbt1Qv4attKIhHRhrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBltD0kgU1B9jO5JmovUdBwGULZpMB8GA1UdIwQY
MBaAFF6oXx3U0DRkgPAJh0qPVnDjEIXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgt
NTkwYzVmMWIwMWIzLzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgtNTkwYzVmMWIwMWIz
LzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAyqKfwAo
SCGtpyBAPPnA9qIiw9Ed1WnjyBtPzIR0Wa1SHpQeh9/slR/6M4Gt1o+n7e4ehveK
Tgugcj2HvDvSIWgr3KhzlR8iUnnaNZ1m4UjktpwVVhKcMAOG8JnNpOmi3PbPRN2G
qh2lsPIjnGMvZVkbJ1tPkMsPQaxdsnaTDct3xVqw2sF8uMgT85QVTw2MZA1lkMQ6
UDi7alf5k+LYRabukOFTPrmZ9UgLM1pGhv+qxKO/7pQgOSCCIBp6r1fSvmK+28G5
4U0j2vOSEn32fmcbZdbhyNHi3yNj4Sk/HUI1wyIVqPbP7YpJNDMbTmWCGu/xUAWj
ZvuUueP69hlcQA==
-----END CERTIFICATE-----