Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft
File:                     CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft (raw, json)
Hash identifier:          gUmBWFzt1hteZ6SWy3zHY3bIty1rLnyBgpEk+Lx9RIU=
Subject key identifier:   BB:CE:56:A1:38:41:68:67:D1:05:2B:A1:BF:C7:02:7D:D1:43:42:D6
Authority key identifier: 0A:85:D3:79:72:6C:8F:C0:96:D2:7E:88:FD:A1:17:B3:B2:65:4E:59
Certificate issuer:       /CN=0a85d379726c8fc096d27e88fda117b3b2654e59
Certificate serial:       0196BFA57D243305202365653583F947DA75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CoXTeXJsj8CW0n6I_aEXs7JlTlk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft
Manifest number:          0331
Signing time:             Sun 11 May 2025 14:00:15 +0000
Manifest this update:     Sun 11 May 2025 14:00:15 +0000
Manifest next update:     Mon 12 May 2025 14:00:15 +0000
Files and hashes:         1: CoXTeXJsj8CW0n6I_aEXs7JlTlk.crl (hash: BrHPWaODjzsMpF8zgX5CeA8u/lWmtsvUoUCxq8Lfvl4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CoXTeXJsj8CW0n6I_aEXs7JlTlk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 14:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:a5:7d:24:33:05:20:23:65:65:35:83:f9:47:da:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a85d379726c8fc096d27e88fda117b3b2654e59
        Validity
            Not Before: May 11 14:00:15 2025 GMT
            Not After : May 12 14:00:15 2025 GMT
        Subject: CN=bbce56a138416867d1052ba1bfc7027dd14342d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4b:df:19:b7:5c:d0:39:a1:01:bc:f9:82:02:
                    ea:b1:f6:db:46:9d:4d:4d:2e:89:03:de:7d:67:82:
                    b2:52:ec:ad:cb:c8:59:3f:01:9d:b9:e8:7d:fa:41:
                    e9:aa:dd:2d:87:d5:50:89:70:34:c0:55:2a:94:02:
                    19:fb:e5:d6:b5:76:27:1a:4a:d5:ab:bd:3f:26:63:
                    cc:23:88:69:21:09:f2:96:f7:f2:6e:80:22:83:a5:
                    d6:1f:5e:3c:24:4f:22:fc:8a:d0:1b:7a:20:5f:8b:
                    f3:69:fa:c3:96:ed:d8:2d:0d:e4:1f:f7:49:5a:62:
                    9e:0b:5a:7f:a4:fb:f3:c7:d9:e8:c9:4e:90:cf:d7:
                    0c:9b:be:91:12:3f:97:47:9f:0a:6e:ee:c2:f3:ee:
                    c4:9c:8b:01:53:7d:d9:c2:16:c8:1a:d4:d2:d2:d6:
                    cb:72:f4:ae:f6:ba:1c:d0:16:c8:cf:94:51:52:9f:
                    08:fd:ed:fa:87:e7:8e:b1:83:2a:dd:55:d5:81:3d:
                    bf:92:f0:f3:b4:1b:85:8a:cb:28:03:46:60:98:14:
                    34:56:40:4d:5e:d9:80:03:fe:26:26:60:db:c7:9d:
                    d2:88:68:c0:3b:ad:a0:79:ae:ad:7b:f5:19:53:fc:
                    1d:27:57:13:98:df:ef:a3:03:d8:3c:2c:a7:50:cf:
                    7e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:CE:56:A1:38:41:68:67:D1:05:2B:A1:BF:C7:02:7D:D1:43:42:D6
            X509v3 Authority Key Identifier:
                keyid:0A:85:D3:79:72:6C:8F:C0:96:D2:7E:88:FD:A1:17:B3:B2:65:4E:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoXTeXJsj8CW0n6I_aEXs7JlTlk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d9:d8:74:1d:58:61:67:1a:22:a4:21:d8:26:5b:a3:cc:55:48:
         64:2f:34:1e:9d:71:8a:78:77:cc:c4:33:7d:7f:ec:91:cc:a5:
         e3:f1:d0:92:77:2b:17:27:9e:52:0c:4e:2f:48:4f:8b:ad:e9:
         a6:0b:94:3f:b3:35:44:60:db:75:51:ee:ef:78:76:f8:35:2f:
         b7:4a:90:b6:e1:87:b0:5f:30:0c:3f:1b:24:73:2b:11:81:4a:
         9f:b7:65:b7:70:44:6c:e5:99:a8:59:82:96:ba:56:5c:c2:92:
         1a:3f:46:5c:4b:a9:15:c5:da:3c:3d:c7:69:c7:40:ea:49:0e:
         c2:1f:af:1a:12:a1:ed:63:31:02:4f:7e:5e:96:e5:7f:ce:93:
         1b:02:57:20:03:b0:72:21:4f:c9:d4:cf:8c:e8:93:69:0d:f2:
         0f:70:27:7d:55:3c:5c:5d:a8:c6:a0:17:35:e2:90:2e:67:42:
         da:13:29:55:9d:58:b4:62:ed:64:4b:5a:1e:0e:c3:22:7d:70:
         06:70:43:ff:93:87:f9:57:3b:f2:15:35:66:e8:ae:0b:40:c1:
         4a:a8:3b:f6:59:c7:e0:08:1b:1d:02:ba:3a:56:91:b0:8a:11:
         5d:0d:86:0e:f9:17:b9:84:c2:f1:82:b1:ec:44:6a:10:5e:50:
         ec:3b:b3:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/pX0kMwUgI2VlNYP5R9p1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODVkMzc5NzI2YzhmYzA5NmQyN2U4OGZkYTExN2IzYjI2
NTRlNTkwHhcNMjUwNTExMTQwMDE1WhcNMjUwNTEyMTQwMDE1WjAzMTEwLwYDVQQD
EyhiYmNlNTZhMTM4NDE2ODY3ZDEwNTJiYTFiZmM3MDI3ZGQxNDM0MmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEvfGbdc0DmhAbz5ggLqsfbbRp1N
TS6JA959Z4KyUuyty8hZPwGdueh9+kHpqt0th9VQiXA0wFUqlAIZ++XWtXYnGkrV
q70/JmPMI4hpIQnylvfyboAig6XWH148JE8i/IrQG3ogX4vzafrDlu3YLQ3kH/dJ
WmKeC1p/pPvzx9noyU6Qz9cMm76REj+XR58Kbu7C8+7EnIsBU33ZwhbIGtTS0tbL
cvSu9roc0BbIz5RRUp8I/e36h+eOsYMq3VXVgT2/kvDztBuFissoA0ZgmBQ0VkBN
XtmAA/4mJmDbx53SiGjAO62gea6te/UZU/wdJ1cTmN/vowPYPCynUM9+mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvOVqE4QWhn0QUrob/HAn3RQ0LWMB8GA1UdIwQY
MBaAFAqF03lybI/AltJ+iP2hF7OyZU5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29YVGVYSnNqOENXMG42SV9hRVhzN0psVGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yM2Q1NjAtMjUzYi00ZmUxLTljOWQt
NWU5MmY0NzU1OTA0LzEvQ29YVGVYSnNqOENXMG42SV9hRVhzN0psVGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yM2Q1NjAtMjUzYi00ZmUxLTljOWQtNWU5MmY0NzU1OTA0
LzEvQ29YVGVYSnNqOENXMG42SV9hRVhzN0psVGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2dh0HVhh
ZxoipCHYJlujzFVIZC80Hp1xinh3zMQzfX/skcyl4/HQkncrFyeeUgxOL0hPi63p
pguUP7M1RGDbdVHu73h2+DUvt0qQtuGHsF8wDD8bJHMrEYFKn7dlt3BEbOWZqFmC
lrpWXMKSGj9GXEupFcXaPD3HacdA6kkOwh+vGhKh7WMxAk9+Xpblf86TGwJXIAOw
ciFPydTPjOiTaQ3yD3AnfVU8XF2oxqAXNeKQLmdC2hMpVZ1YtGLtZEtaHg7DIn1w
BnBD/5OH+Vc78hU1ZuiuC0DBSqg79lnH4AgbHQK6OlaRsIoRXQ2GDvkXuYTC8YKx
7ERqEF5Q7DuzNQ==
-----END CERTIFICATE-----