Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
File:                     XWU9B97R6Nf08uoEvTaELFsS8V4.mft (raw, json)
Hash identifier:          uLyyNQUI3uT8OBto6xbAAwK9fXG2eQArTL2mvJ2abBQ=
Subject key identifier:   FF:5C:3E:BC:96:B4:8B:27:7B:EF:4F:BF:80:DB:02:60:18:C3:85:1A
Authority key identifier: 5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E
Certificate issuer:       /CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
Certificate serial:       0196A6F8564F3C118BABB056ED9D92E7D4EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
Manifest number:          0D50
Signing time:             Tue 06 May 2025 19:00:14 +0000
Manifest this update:     Tue 06 May 2025 19:00:14 +0000
Manifest next update:     Wed 07 May 2025 19:00:14 +0000
Files and hashes:         1: XWU9B97R6Nf08uoEvTaELFsS8V4.crl (hash: n/nua2a3sFvf6/5QHi881T+lfwHvvEy8Jdjk3fqFMIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 19:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a6:f8:56:4f:3c:11:8b:ab:b0:56:ed:9d:92:e7:d4:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
        Validity
            Not Before: May  6 19:00:14 2025 GMT
            Not After : May  7 19:00:14 2025 GMT
        Subject: CN=ff5c3ebc96b48b277bef4fbf80db026018c3851a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:09:23:81:37:75:42:e9:ef:09:0a:cf:28:c8:
                    59:9f:64:c1:40:8e:4b:13:36:c5:2a:06:24:61:02:
                    71:b8:6e:7e:f0:90:7c:d7:6a:29:5f:9b:01:9f:ee:
                    3c:c0:2b:de:91:17:e2:4f:76:2d:db:52:e6:40:97:
                    78:65:dd:85:cf:7a:cc:af:32:10:c4:1b:f8:85:3c:
                    0e:a2:0f:e8:2d:d0:dc:aa:2f:11:f9:64:ce:77:ad:
                    34:dd:19:5b:60:3b:a0:a4:22:61:aa:a6:9c:37:e1:
                    3f:39:be:8d:99:bd:a4:1d:cd:c8:a3:f7:2a:6c:62:
                    4a:8e:d2:f5:33:54:33:84:cc:f4:50:1b:18:19:bf:
                    60:89:6d:4c:32:c6:bd:ce:be:a7:2c:79:4e:0b:57:
                    af:11:7c:4c:f2:66:7a:4b:9d:a3:f7:c3:3c:27:3c:
                    98:ff:be:f7:0b:25:b1:35:9a:c2:65:4a:d8:3d:1b:
                    09:88:95:5b:3f:dc:44:44:77:74:9d:7d:4a:ba:04:
                    16:9c:a7:a0:f5:ac:43:23:9d:1b:44:96:c6:b0:ff:
                    2f:d4:e0:1f:4c:95:ec:0c:a0:60:af:de:f8:36:ae:
                    b8:e6:ca:89:11:ec:84:aa:a1:c4:1a:e7:52:ed:c9:
                    5b:aa:29:18:0b:27:b4:45:b7:ef:10:f7:32:57:59:
                    7b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:5C:3E:BC:96:B4:8B:27:7B:EF:4F:BF:80:DB:02:60:18:C3:85:1A
            X509v3 Authority Key Identifier:
                keyid:5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:8a:2d:51:97:ec:7e:9c:3e:22:c6:60:b7:4b:a7:5a:36:68:
         88:25:7b:82:cb:17:cb:10:77:51:37:ef:7e:e3:e9:8f:89:1e:
         cd:74:b3:80:d3:35:5a:2b:b4:36:fb:0f:a8:3e:eb:ff:8c:d1:
         64:8d:33:66:23:67:c5:9d:f8:69:76:5e:5e:a9:50:88:54:48:
         14:d4:06:df:12:b4:16:ab:a4:84:18:05:77:27:5e:f9:c5:fa:
         77:65:16:ba:21:ec:0f:f9:7c:57:bf:fd:c4:2b:c7:53:01:d1:
         07:ed:e2:f9:1a:cf:ba:0c:05:71:00:68:68:b1:73:d9:88:d1:
         35:ae:74:98:44:34:d9:6d:16:96:29:1d:ca:d3:9a:7c:83:d4:
         e3:c4:2d:54:2a:8e:a4:92:26:24:6c:f2:db:41:81:d3:75:e5:
         b1:3d:a3:5d:5b:91:9b:d5:aa:08:35:8b:d4:ed:a1:f8:55:23:
         03:4a:b1:58:5b:ec:56:17:e1:ef:56:4d:8e:2f:20:cc:83:3d:
         7b:7f:06:33:bd:77:1c:d0:a8:f9:9f:9b:d5:31:84:47:b8:e2:
         04:5e:0e:33:98:54:05:e2:68:43:29:e0:15:ec:8c:79:a5:14:
         73:ae:f3:60:57:44:8c:26:54:46:50:45:79:4f:81:3f:38:cc:
         61:9e:e3:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZam+FZPPBGLq7BW7Z2S59TuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNjUzZDA3ZGVkMWU4ZDdmNGYyZWEwNGJkMzY4NDJjNWIx
MmYxNWUwHhcNMjUwNTA2MTkwMDE0WhcNMjUwNTA3MTkwMDE0WjAzMTEwLwYDVQQD
EyhmZjVjM2ViYzk2YjQ4YjI3N2JlZjRmYmY4MGRiMDI2MDE4YzM4NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQkjgTd1QunvCQrPKMhZn2TBQI5L
EzbFKgYkYQJxuG5+8JB812opX5sBn+48wCvekRfiT3Yt21LmQJd4Zd2Fz3rMrzIQ
xBv4hTwOog/oLdDcqi8R+WTOd6003RlbYDugpCJhqqacN+E/Ob6Nmb2kHc3Io/cq
bGJKjtL1M1QzhMz0UBsYGb9giW1MMsa9zr6nLHlOC1evEXxM8mZ6S52j98M8JzyY
/773CyWxNZrCZUrYPRsJiJVbP9xERHd0nX1KugQWnKeg9axDI50bRJbGsP8v1OAf
TJXsDKBgr974Nq645sqJEeyEqqHEGudS7clbqikYCye0RbfvEPcyV1l7dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9cPryWtIsne+9Pv4DbAmAYw4UaMB8GA1UdIwQY
MBaAFF1lPQfe0ejX9PLqBL02hCxbEvFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGIt
MjE0NWNhNzVlMzgzLzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGItMjE0NWNhNzVlMzgz
LzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf4otUZfs
fpw+IsZgt0unWjZoiCV7gssXyxB3UTfvfuPpj4kezXSzgNM1Wiu0NvsPqD7r/4zR
ZI0zZiNnxZ34aXZeXqlQiFRIFNQG3xK0FqukhBgFdyde+cX6d2UWuiHsD/l8V7/9
xCvHUwHRB+3i+RrPugwFcQBoaLFz2YjRNa50mEQ02W0WlikdytOafIPU48QtVCqO
pJImJGzy20GB03XlsT2jXVuRm9WqCDWL1O2h+FUjA0qxWFvsVhfh71ZNji8gzIM9
e38GM713HNCo+Z+b1TGER7jiBF4OM5hUBeJoQyngFeyMeaUUc67zYFdEjCZURlBF
eU+BPzjMYZ7jUw==
-----END CERTIFICATE-----