Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
File:                     Xl5k_r-lZnT03hZCn13eSdnOk2g.mft (raw, json)
Hash identifier:          96O/MNNQL1N2rd907gFq6C7kHnQKZbGz9tLt/FOoHGs=
Subject key identifier:   D9:79:DD:F7:31:34:91:4C:EC:D5:4B:62:FC:82:3E:94:1A:80:5D:46
Authority key identifier: 5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68
Certificate issuer:       /CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
Certificate serial:       0196BEC9DBC127622F43F1D83CBBE3BF9C7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
Manifest number:          11C6
Signing time:             Sun 11 May 2025 10:00:22 +0000
Manifest this update:     Sun 11 May 2025 10:00:22 +0000
Manifest next update:     Mon 12 May 2025 10:00:22 +0000
Files and hashes:         1: Xl5k_r-lZnT03hZCn13eSdnOk2g.crl (hash: oSj5S/yjiN6KsOuHXqXPNPp3WLh9Uf/iqXH4Fbaxje8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 10:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:c9:db:c1:27:62:2f:43:f1:d8:3c:bb:e3:bf:9c:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
        Validity
            Not Before: May 11 10:00:22 2025 GMT
            Not After : May 12 10:00:22 2025 GMT
        Subject: CN=d979ddf73134914cecd54b62fc823e941a805d46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:17:36:46:12:a1:aa:30:30:5e:2f:10:d5:0e:
                    97:c7:bc:89:24:37:0b:c0:a8:1c:88:8b:d8:0c:ac:
                    52:4c:ec:0a:f8:1c:75:c6:a0:ee:c9:a4:32:2d:22:
                    2c:af:24:d6:c4:43:54:af:7d:7c:dd:63:67:41:ed:
                    3e:9d:20:45:b8:4e:2c:9e:c5:a9:11:fa:64:e3:d0:
                    34:bf:b7:68:04:2b:e6:25:ae:2f:d6:b3:28:00:1d:
                    0a:ce:ab:33:7e:df:cf:6b:cd:24:0d:3e:e6:e1:39:
                    a0:8e:2d:b9:00:24:47:7a:b7:2b:d3:ad:4a:cd:30:
                    4c:f7:bc:d2:79:95:b0:00:85:8f:6a:a0:95:cc:38:
                    d5:4b:9c:0e:e6:64:01:1c:2d:35:8c:79:b1:75:56:
                    fc:50:ad:96:1a:d4:53:bb:f6:3b:92:55:62:89:24:
                    ad:3d:e6:9d:d6:70:a0:75:79:17:96:e9:d9:e4:11:
                    da:8d:46:12:12:c7:09:db:1c:6a:9f:99:e5:d4:f2:
                    92:c9:35:f4:4f:57:b4:ce:27:8e:6a:e9:a0:ba:75:
                    60:24:4a:e2:b7:ea:c0:24:17:44:8b:78:13:f6:5a:
                    23:cd:19:e2:f5:17:aa:b3:02:d0:ac:be:3c:c3:a4:
                    a7:66:c0:48:1c:b9:ec:83:b9:06:57:eb:f5:fd:35:
                    63:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:79:DD:F7:31:34:91:4C:EC:D5:4B:62:FC:82:3E:94:1A:80:5D:46
            X509v3 Authority Key Identifier:
                keyid:5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:ab:ea:2f:cb:11:d7:8f:1a:df:77:5b:04:4b:0b:7b:42:33:
         f3:24:d4:be:4d:e4:3d:c4:8a:4b:88:b2:1e:56:f2:dc:87:fc:
         96:1b:a3:d3:85:da:33:5f:41:49:1c:20:b4:51:5c:03:4b:fd:
         0d:dc:44:48:7a:33:9c:6e:d0:dd:73:5b:5d:30:07:08:b5:05:
         cb:8c:49:1a:ff:55:a8:ea:64:d2:17:e7:06:e6:44:70:f1:12:
         0e:24:95:79:b6:af:75:85:16:a2:a2:a6:a3:f2:f7:cd:f7:6b:
         49:74:9c:0e:7b:8b:20:72:16:e6:88:94:1a:52:ce:de:24:c5:
         58:0d:7a:5e:ef:1a:69:66:4d:21:0f:d4:2a:f8:bf:fa:de:d4:
         7f:39:06:62:9b:96:65:db:63:ae:d5:ea:38:94:fc:25:e3:35:
         6d:30:80:98:97:da:46:1e:2a:3e:8b:1c:96:30:87:4a:8a:4c:
         f4:b3:2f:bc:ca:9f:33:9e:72:b7:63:df:62:fa:5a:72:0c:20:
         8a:20:b5:63:7a:b9:34:c2:a0:24:91:b1:f8:01:ca:56:82:82:
         4c:e3:3c:6b:4c:ee:3d:8b:1b:f4:8d:4c:ed:f5:f6:0f:0e:12:
         64:15:f5:64:b8:27:e8:e1:8e:8e:fa:5a:17:fc:4a:65:5e:80:
         3f:3e:40:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+ydvBJ2IvQ/HYPLvjv5x6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNWU2NGZlYmZhNTY2NzRmNGRlMTY0MjlmNWRkZTQ5ZDlj
ZTkzNjgwHhcNMjUwNTExMTAwMDIyWhcNMjUwNTEyMTAwMDIyWjAzMTEwLwYDVQQD
EyhkOTc5ZGRmNzMxMzQ5MTRjZWNkNTRiNjJmYzgyM2U5NDFhODA1ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshc2RhKhqjAwXi8Q1Q6Xx7yJJDcL
wKgciIvYDKxSTOwK+Bx1xqDuyaQyLSIsryTWxENUr3183WNnQe0+nSBFuE4snsWp
Efpk49A0v7doBCvmJa4v1rMoAB0Kzqszft/Pa80kDT7m4Tmgji25ACRHercr061K
zTBM97zSeZWwAIWPaqCVzDjVS5wO5mQBHC01jHmxdVb8UK2WGtRTu/Y7klViiSSt
Pead1nCgdXkXlunZ5BHajUYSEscJ2xxqn5nl1PKSyTX0T1e0zieOaumgunVgJEri
t+rAJBdEi3gT9lojzRni9ReqswLQrL48w6SnZsBIHLnsg7kGV+v1/TVjwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNl53fcxNJFM7NVLYvyCPpQagF1GMB8GA1UdIwQY
MBaAFF5eZP6/pWZ09N4WQp9d3knZzpNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUt
MjJmOGQ0YTAyN2FlLzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUtMjJmOGQ0YTAyN2Fl
LzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKqvqL8sR
148a33dbBEsLe0Iz8yTUvk3kPcSKS4iyHlby3If8lhuj04XaM19BSRwgtFFcA0v9
DdxESHoznG7Q3XNbXTAHCLUFy4xJGv9VqOpk0hfnBuZEcPESDiSVebavdYUWoqKm
o/L3zfdrSXScDnuLIHIW5oiUGlLO3iTFWA16Xu8aaWZNIQ/UKvi/+t7UfzkGYpuW
ZdtjrtXqOJT8JeM1bTCAmJfaRh4qPoscljCHSopM9LMvvMqfM55yt2PfYvpacgwg
iiC1Y3q5NMKgJJGx+AHKVoKCTOM8a0zuPYsb9I1M7fX2Dw4SZBX1ZLgn6OGOjvpa
F/xKZV6APz5AhQ==
-----END CERTIFICATE-----