Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          4ivipMULju4aAF6b1CFt+2hZGembIIYwS/aqeOmvlyA=
Subject key identifier:   D2:DF:D3:2B:C6:D8:AF:F5:04:1C:B9:B3:34:23:24:B5:8D:F9:23:04
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       01969F76476E29F30C7D18504102A2123887
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          05BF
Signing time:             Mon 05 May 2025 08:00:50 +0000
Manifest this update:     Mon 05 May 2025 08:00:50 +0000
Manifest next update:     Tue 06 May 2025 08:00:50 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: Dx6jGGbzHjZQA0ZIdx9sXns+q3ylGJihdHw7RzpRXj8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 08:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:76:47:6e:29:f3:0c:7d:18:50:41:02:a2:12:38:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: May  5 08:00:50 2025 GMT
            Not After : May  6 08:00:50 2025 GMT
        Subject: CN=d2dfd32bc6d8aff5041cb9b3342324b58df92304
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0b:60:c3:ea:5d:ac:45:d1:1b:f9:ab:60:78:
                    0a:0a:bb:43:c3:df:2f:b1:75:43:3c:09:a7:5e:00:
                    8c:7f:07:ca:d8:05:1e:6b:9f:e1:77:86:ea:94:cf:
                    07:ee:c0:33:74:5b:5d:8c:23:89:46:92:c6:62:51:
                    ce:12:39:34:a1:76:10:a5:b6:36:ce:b7:70:82:f2:
                    82:c9:eb:0c:3a:aa:b6:56:35:8e:d2:17:2b:06:8c:
                    86:ea:11:1d:c4:0a:e3:a3:75:ef:03:f1:6d:9b:f6:
                    80:52:6c:16:63:c5:3c:36:ec:01:4e:6c:bd:1d:55:
                    5c:2a:7e:ee:90:de:06:3b:53:79:21:2b:e2:b7:b6:
                    bf:bc:58:85:83:03:e5:5e:84:30:f1:33:32:9c:97:
                    47:2c:dd:2c:4b:f1:8c:3a:ed:ff:a5:5d:21:41:c3:
                    63:17:bf:c9:b0:b2:53:79:cc:46:f4:9c:7f:e2:31:
                    80:5e:93:9d:3a:60:df:01:d4:5b:2b:d0:bf:e1:b1:
                    42:50:8e:6f:f4:cc:d4:56:e5:cb:1f:69:63:7f:c4:
                    58:32:3c:44:dd:88:79:fe:89:da:e1:37:1c:99:30:
                    02:66:f3:58:ef:e1:a9:24:93:e3:6c:2f:a4:f1:a3:
                    ac:e7:40:c6:e6:a9:90:f4:53:af:93:f9:dd:19:37:
                    e9:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:DF:D3:2B:C6:D8:AF:F5:04:1C:B9:B3:34:23:24:B5:8D:F9:23:04
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:3f:7a:e4:db:ee:57:79:ab:6e:14:4b:be:4b:72:f9:48:d8:
         96:cc:86:1a:fe:40:d7:84:a2:0e:1b:43:89:6f:80:4c:75:f7:
         35:33:04:32:c8:f5:c5:32:70:a1:9e:49:36:2a:ef:70:28:b2:
         f0:07:26:71:f6:5c:38:cb:ca:3e:db:a9:06:d0:1e:fd:27:44:
         74:38:80:e4:1d:a4:ec:3a:d3:7a:40:06:71:66:d4:15:de:42:
         c0:41:8a:a8:31:81:3d:18:5d:17:e5:7e:b2:1f:e2:0d:9f:07:
         68:2b:64:ad:97:a4:01:90:f3:9a:8b:42:d0:95:26:d3:2d:4d:
         45:26:54:60:35:86:cb:00:8c:6a:47:28:e9:8c:0e:08:65:0a:
         1f:f0:14:4c:f5:b1:b2:06:df:01:85:17:64:33:7e:d0:ff:4c:
         58:1f:1b:27:7c:68:3b:17:ea:09:e9:4a:7b:fb:15:7d:e8:e5:
         0a:b9:67:6e:b2:e3:ef:80:f9:36:83:0d:10:95:ba:87:e5:92:
         a2:ce:a9:f1:18:32:cc:1b:bc:93:f8:66:0b:d3:83:11:32:10:
         8e:c7:07:17:24:77:f9:73:1e:82:33:88:47:c8:18:a8:2d:e3:
         31:74:23:e6:48:8f:0a:9f:1c:11:a7:99:7b:51:84:b9:79:0c:
         41:98:a0:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafdkduKfMMfRhQQQKiEjiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUwNTA1MDgwMDUwWhcNMjUwNTA2MDgwMDUwWjAzMTEwLwYDVQQD
EyhkMmRmZDMyYmM2ZDhhZmY1MDQxY2I5YjMzNDIzMjRiNThkZjkyMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQtgw+pdrEXRG/mrYHgKCrtDw98v
sXVDPAmnXgCMfwfK2AUea5/hd4bqlM8H7sAzdFtdjCOJRpLGYlHOEjk0oXYQpbY2
zrdwgvKCyesMOqq2VjWO0hcrBoyG6hEdxArjo3XvA/Ftm/aAUmwWY8U8NuwBTmy9
HVVcKn7ukN4GO1N5ISvit7a/vFiFgwPlXoQw8TMynJdHLN0sS/GMOu3/pV0hQcNj
F7/JsLJTecxG9Jx/4jGAXpOdOmDfAdRbK9C/4bFCUI5v9MzUVuXLH2ljf8RYMjxE
3Yh5/ona4TccmTACZvNY7+GpJJPjbC+k8aOs50DG5qmQ9FOvk/ndGTfpBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLf0yvG2K/1BBy5szQjJLWN+SMEMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsD965Nvu
V3mrbhRLvkty+UjYlsyGGv5A14SiDhtDiW+ATHX3NTMEMsj1xTJwoZ5JNirvcCiy
8AcmcfZcOMvKPtupBtAe/SdEdDiA5B2k7DrTekAGcWbUFd5CwEGKqDGBPRhdF+V+
sh/iDZ8HaCtkrZekAZDzmotC0JUm0y1NRSZUYDWGywCMakco6YwOCGUKH/AUTPWx
sgbfAYUXZDN+0P9MWB8bJ3xoOxfqCelKe/sVfejlCrlnbrLj74D5NoMNEJW6h+WS
os6p8RgyzBu8k/hmC9ODETIQjscHFyR3+XMegjOIR8gYqC3jMXQj5kiPCp8cEaeZ
e1GEuXkMQZigUQ==
-----END CERTIFICATE-----