Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
File:                     X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json)
Hash identifier:          NQcvlgoQcrgR0xN5TIycwyt2bXtIqRC50NOOtte9fgk=
Subject key identifier:   82:1C:FB:3E:44:51:28:5E:2F:0F:4F:3C:2E:F7:38:0C:FC:3B:E5:28
Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A
Certificate issuer:       /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
Certificate serial:       0196B5C7469DD21A6FFDB8A73CA4097AFB34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
Manifest number:          22
Signing time:             Fri 09 May 2025 16:00:57 +0000
Manifest this update:     Fri 09 May 2025 16:00:57 +0000
Manifest next update:     Sat 10 May 2025 16:00:57 +0000
Files and hashes:         1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: OfVjDpaZuN2dL+N/v18Ag3b3nHQ1SwvQueOiuj6srDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b5:c7:46:9d:d2:1a:6f:fd:b8:a7:3c:a4:09:7a:fb:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
        Validity
            Not Before: May  9 16:00:57 2025 GMT
            Not After : May 10 16:00:57 2025 GMT
        Subject: CN=821cfb3e4451285e2f0f4f3c2ef7380cfc3be528
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:5b:c6:ca:e5:c0:18:cf:61:19:c4:86:93:f8:
                    80:9a:f5:56:14:5f:be:12:26:fe:fa:70:2c:9d:d8:
                    5c:02:b7:1b:ba:bc:6c:78:26:95:fa:c7:4b:38:32:
                    8b:83:de:97:88:6a:51:7b:99:3a:4e:e8:9d:56:af:
                    15:d4:e5:16:5f:6a:56:f7:85:d7:91:b8:ad:7b:fe:
                    1a:0d:86:f4:b2:a0:99:55:94:e5:1d:2a:6e:98:f5:
                    0a:15:1e:cc:77:0a:91:b0:34:4f:a2:74:f3:90:a3:
                    4d:3e:0c:13:12:b5:1d:66:82:3b:54:48:2d:e5:2e:
                    1c:da:e0:5d:e0:8e:ef:75:fc:af:e3:83:46:b1:11:
                    b3:39:63:dd:6b:ea:33:b3:43:bb:9f:4c:53:81:06:
                    75:4e:32:7a:bf:70:c5:9e:49:44:bc:c3:36:79:a3:
                    22:11:76:c9:25:b0:20:1a:ae:4f:b7:42:2f:e5:be:
                    43:e8:3d:6c:9a:02:7f:ab:23:bd:e5:f1:4d:6f:fe:
                    eb:ab:98:8c:6d:50:43:17:f5:16:c1:fd:8f:1e:52:
                    93:f7:07:cb:e3:2b:11:46:cd:a1:3c:0f:a2:77:a4:
                    a6:ec:ef:03:3e:64:ec:02:a0:e6:aa:da:c9:7e:63:
                    3e:c7:43:11:54:b8:25:e5:ac:af:36:c4:78:b2:ef:
                    c6:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:1C:FB:3E:44:51:28:5E:2F:0F:4F:3C:2E:F7:38:0C:FC:3B:E5:28
            X509v3 Authority Key Identifier:
                keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:cf:ea:61:b6:c7:65:2d:4c:20:43:a8:15:a5:fb:e7:b8:2b:
         71:8e:72:36:80:2b:e7:bd:31:bd:5b:f1:68:f8:eb:35:07:fe:
         e6:98:9e:2d:28:24:f6:39:57:0e:3e:3c:e4:4b:2c:a8:77:a6:
         31:fe:46:f3:32:19:5d:b4:f7:48:ad:8a:aa:8e:d8:17:be:1f:
         f4:1a:37:ec:75:bb:ae:6e:90:8d:eb:b8:08:38:09:6e:e7:4c:
         c9:b9:6a:94:63:cd:8e:4b:f8:56:6f:42:b6:f2:d5:5d:26:ca:
         b0:d2:25:94:ba:55:04:c7:4f:3e:70:bd:fa:cc:8b:28:b7:3a:
         c5:5b:96:2b:79:e9:7f:b7:3a:91:25:7a:dd:7a:ce:cd:f8:0a:
         12:b4:2c:cb:44:66:47:8b:45:e8:31:03:83:82:6c:0a:0f:f3:
         3b:20:4b:5e:c3:f9:9c:6c:49:95:32:6e:c9:31:02:18:0f:32:
         e7:f9:b3:f3:bb:32:8c:84:46:da:f8:7a:9f:46:5a:0a:71:28:
         3a:51:f5:13:a7:4f:4a:96:6a:8c:24:38:12:a6:3c:55:58:8f:
         f5:0a:af:4f:f2:6b:38:87:46:92:cc:0a:e5:00:86:5b:50:15:
         c4:12:38:bd:cf:9f:f7:68:21:74:13:b7:dc:33:63:a1:0a:f0:
         54:3f:e8:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa1x0ad0hpv/binPKQJevs0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy
OTRiN2EwHhcNMjUwNTA5MTYwMDU3WhcNMjUwNTEwMTYwMDU3WjAzMTEwLwYDVQQD
Eyg4MjFjZmIzZTQ0NTEyODVlMmYwZjRmM2MyZWY3MzgwY2ZjM2JlNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFvGyuXAGM9hGcSGk/iAmvVWFF++
Eib++nAsndhcArcburxseCaV+sdLODKLg96XiGpRe5k6TuidVq8V1OUWX2pW94XX
kbite/4aDYb0sqCZVZTlHSpumPUKFR7MdwqRsDRPonTzkKNNPgwTErUdZoI7VEgt
5S4c2uBd4I7vdfyv44NGsRGzOWPda+ozs0O7n0xTgQZ1TjJ6v3DFnklEvMM2eaMi
EXbJJbAgGq5Pt0Iv5b5D6D1smgJ/qyO95fFNb/7rq5iMbVBDF/UWwf2PHlKT9wfL
4ysRRs2hPA+id6Sm7O8DPmTsAqDmqtrJfmM+x0MRVLgl5ayvNsR4su/GlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIc+z5EUSheLw9PPC73OAz8O+UoMB8GA1UdIwQY
MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt
NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh
LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAM/qYbbH
ZS1MIEOoFaX757grcY5yNoAr570xvVvxaPjrNQf+5pieLSgk9jlXDj485EssqHem
Mf5G8zIZXbT3SK2Kqo7YF74f9Bo37HW7rm6Qjeu4CDgJbudMyblqlGPNjkv4Vm9C
tvLVXSbKsNIllLpVBMdPPnC9+syLKLc6xVuWK3npf7c6kSV63XrOzfgKErQsy0Rm
R4tF6DEDg4JsCg/zOyBLXsP5nGxJlTJuyTECGA8y5/mz87syjIRG2vh6n0ZaCnEo
OlH1E6dPSpZqjCQ4EqY8VViP9QqvT/JrOIdGkswK5QCGW1AVxBI4vc+f92ghdBO3
3DNjoQrwVD/oPQ==
-----END CERTIFICATE-----