Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          WIZJfKsZT03qdcVQ80Y4+kyR+gkHN6VBWVAKXAz9vp0=
Subject key identifier:   23:66:C2:10:DF:D9:43:C8:DD:59:87:EB:3E:CE:36:09:66:CE:9B:88
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       0196B6D938455C519DCFF077981CF04F0297
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          0178
Signing time:             Fri 09 May 2025 21:00:11 +0000
Manifest this update:     Fri 09 May 2025 21:00:11 +0000
Manifest next update:     Sat 10 May 2025 21:00:11 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: EGAGAHB6gBIRmrHEKbjkV8tYgmxzpgqjyDN7TBQqYCI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b6:d9:38:45:5c:51:9d:cf:f0:77:98:1c:f0:4f:02:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: May  9 21:00:11 2025 GMT
            Not After : May 10 21:00:11 2025 GMT
        Subject: CN=2366c210dfd943c8dd5987eb3ece360966ce9b88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:77:94:5c:77:8e:86:30:37:e2:a9:71:3e:ea:
                    d2:37:3c:13:39:1f:c3:4c:bc:b0:43:6b:a2:62:eb:
                    b4:51:25:b1:23:3a:87:9c:e6:8b:a9:df:8d:ac:f9:
                    3e:5b:1d:a6:dd:1d:e7:20:90:8b:09:ca:e5:3c:15:
                    44:a7:9c:ec:cb:11:a9:f3:64:b5:dd:8b:a5:7f:0a:
                    1d:6c:76:ab:12:4b:05:b7:bb:0f:52:a8:62:1a:73:
                    f0:2d:14:2f:74:26:ed:f7:77:f7:0b:1f:0b:38:19:
                    30:03:18:0f:63:e7:55:83:97:55:46:a8:94:d5:17:
                    a7:92:a0:3b:dd:f3:1e:30:b4:f2:cf:57:19:ea:82:
                    60:bd:e9:02:5f:27:5e:52:3b:3d:10:9f:89:f6:c7:
                    29:e7:7e:10:74:f8:3f:82:f2:f6:00:8a:2d:02:93:
                    98:1a:56:f2:cf:e7:ad:fb:3c:7c:02:90:9c:ce:c1:
                    18:ad:d0:31:81:cb:83:73:07:bc:bd:21:00:06:9b:
                    14:51:b6:6b:db:4d:92:ed:e5:84:bd:ad:d8:3c:a7:
                    4a:75:27:e0:64:fe:0f:5b:71:9f:03:11:9a:9f:f9:
                    71:88:2f:a0:9e:07:30:e8:4f:34:0c:0e:cb:97:79:
                    d4:5b:b7:f7:49:e3:b5:2b:53:11:b1:f9:08:60:99:
                    96:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:66:C2:10:DF:D9:43:C8:DD:59:87:EB:3E:CE:36:09:66:CE:9B:88
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:bf:b4:dd:08:e2:a0:d8:e5:ba:1c:b9:60:bc:6d:fb:58:28:
         40:dc:21:34:0c:9b:c6:98:34:9c:de:d3:79:1d:3d:40:fc:67:
         ab:af:50:65:88:63:17:29:39:bc:7e:12:b5:fb:1e:1b:52:2a:
         f9:93:2b:03:50:3e:c3:93:82:06:c6:09:0b:cf:64:79:6d:cc:
         4d:dd:02:31:7f:61:af:7e:2d:dc:ce:e8:89:17:74:ae:02:b2:
         16:f8:d4:63:e8:7a:2d:02:9c:21:2a:24:96:35:96:e2:b1:5e:
         a1:61:df:ff:2b:b1:03:da:79:56:2a:db:33:c6:56:c0:9c:f2:
         c5:c7:bd:b6:89:14:b0:fb:0c:00:5b:cc:56:2b:ee:84:50:f3:
         4d:0a:e3:2c:95:d2:ed:95:0a:8f:3b:26:25:07:0d:e0:a6:8b:
         43:2c:ab:57:cc:35:ac:3d:eb:a8:46:e4:fd:12:b0:2a:16:9c:
         eb:53:73:56:72:f3:aa:99:cd:54:68:b8:2a:62:dd:c0:a6:94:
         47:40:4f:3f:8b:07:95:32:8a:b0:ab:ac:3f:f0:ce:b1:da:4e:
         b3:14:b7:ea:9d:e6:33:4a:52:f8:85:33:d2:cd:a1:b9:2b:1d:
         66:b7:30:da:59:5f:8a:14:f0:89:55:66:1c:71:1b:a6:ba:91:
         ad:e8:23:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa22ThFXFGdz/B3mBzwTwKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjUwNTA5MjEwMDExWhcNMjUwNTEwMjEwMDExWjAzMTEwLwYDVQQD
EygyMzY2YzIxMGRmZDk0M2M4ZGQ1OTg3ZWIzZWNlMzYwOTY2Y2U5Yjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlneUXHeOhjA34qlxPurSNzwTOR/D
TLywQ2uiYuu0USWxIzqHnOaLqd+NrPk+Wx2m3R3nIJCLCcrlPBVEp5zsyxGp82S1
3YulfwodbHarEksFt7sPUqhiGnPwLRQvdCbt93f3Cx8LOBkwAxgPY+dVg5dVRqiU
1RenkqA73fMeMLTyz1cZ6oJgvekCXydeUjs9EJ+J9scp534QdPg/gvL2AIotApOY
Glbyz+et+zx8ApCczsEYrdAxgcuDcwe8vSEABpsUUbZr202S7eWEva3YPKdKdSfg
ZP4PW3GfAxGan/lxiC+gngcw6E80DA7Ll3nUW7f3SeO1K1MRsfkIYJmWOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNmwhDf2UPI3VmH6z7ONglmzpuIMB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAb+03Qji
oNjluhy5YLxt+1goQNwhNAybxpg0nN7TeR09QPxnq69QZYhjFyk5vH4StfseG1Iq
+ZMrA1A+w5OCBsYJC89keW3MTd0CMX9hr34t3M7oiRd0rgKyFvjUY+h6LQKcISok
ljWW4rFeoWHf/yuxA9p5VirbM8ZWwJzyxce9tokUsPsMAFvMVivuhFDzTQrjLJXS
7ZUKjzsmJQcN4KaLQyyrV8w1rD3rqEbk/RKwKhac61NzVnLzqpnNVGi4KmLdwKaU
R0BPP4sHlTKKsKusP/DOsdpOsxS36p3mM0pS+IUz0s2huSsdZrcw2llfihTwiVVm
HHEbprqRregjvw==
-----END CERTIFICATE-----