Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File:                     XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier:          0GgzZt9JxtxwTSt68Aby5PsFxhYeuD41Monmdcrk4rw=
Subject key identifier:   3E:DD:51:95:A0:05:48:09:8F:A9:4C:00:AA:53:CF:1A:DD:4F:C4:F1
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer:       /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial:       0196C7291B7210243A600A67EE48332BA413
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number:          1537
Signing time:             Tue 13 May 2025 01:01:22 +0000
Manifest this update:     Tue 13 May 2025 01:01:22 +0000
Manifest next update:     Wed 14 May 2025 01:01:22 +0000
Files and hashes:         1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: 8TBMvb3rdLQuWNofDpD5nq64G9nL/KiqJhKs/7L+VmM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:29:1b:72:10:24:3a:60:0a:67:ee:48:33:2b:a4:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
        Validity
            Not Before: May 13 01:01:22 2025 GMT
            Not After : May 14 01:01:22 2025 GMT
        Subject: CN=3edd5195a00548098fa94c00aa53cf1add4fc4f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ee:32:8f:fd:28:2b:d8:8c:7b:fe:77:6f:3a:
                    26:40:c7:38:02:2b:ec:c7:86:c6:4b:85:eb:ba:af:
                    c5:f1:61:ec:87:7f:e7:41:f1:66:23:89:58:5b:e0:
                    f2:cb:fe:8f:b6:a7:af:d4:e4:c6:65:64:fc:c3:f6:
                    40:ff:c9:6c:9a:a7:e4:2a:10:85:03:b7:70:b2:3b:
                    2d:66:56:cf:3e:f2:07:a9:3e:eb:44:36:c0:85:e2:
                    de:69:a9:2b:c8:a9:64:c0:f6:67:9b:9c:68:12:56:
                    e7:4e:7a:b8:8b:88:16:e3:26:ae:80:32:4d:b0:aa:
                    7e:dc:5d:56:40:8b:54:d6:34:07:31:ce:14:c3:1f:
                    5a:1a:5b:97:04:f0:fc:70:f7:51:9b:65:29:81:df:
                    f9:68:09:64:f7:d5:61:ba:68:9b:75:87:8f:35:bb:
                    81:fa:50:64:0e:82:3c:8b:06:cf:24:1d:7b:2c:51:
                    6e:1f:e6:38:ee:4e:a5:81:51:b1:46:d0:60:87:3c:
                    39:e4:3f:d7:77:e0:5e:62:a5:e9:a4:84:bb:f5:59:
                    21:0e:19:42:38:01:92:b4:7e:29:eb:9e:de:87:5a:
                    90:30:60:7f:87:4f:ca:e8:a9:ce:a7:2e:d7:86:00:
                    13:87:90:31:fa:c2:8a:8d:a9:e4:7f:d6:0c:d8:d8:
                    0c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:DD:51:95:A0:05:48:09:8F:A9:4C:00:AA:53:CF:1A:DD:4F:C4:F1
            X509v3 Authority Key Identifier:
                keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:a9:a9:ca:13:fb:6a:74:66:33:34:d1:56:98:fc:35:dd:a6:
         3f:bb:ec:a3:51:23:45:21:a7:df:db:d0:52:59:97:d3:19:80:
         4c:9e:eb:d4:e9:e8:29:9e:39:c6:4a:39:66:00:cc:50:06:d6:
         23:b0:9a:53:26:59:d8:e2:73:a6:15:c3:4f:9c:cf:4e:60:7e:
         5d:4b:8a:1b:f3:ec:f5:d0:a7:37:5a:fc:b0:c9:f0:65:63:26:
         14:1c:7b:a5:cd:d0:fc:51:48:f7:a8:64:b0:10:f6:e0:aa:18:
         4f:81:40:1a:57:bf:8d:05:92:f9:fa:d3:c8:dd:01:ea:ae:93:
         23:4f:2b:3c:0a:c7:7a:8d:b8:16:02:73:6c:31:26:a1:19:15:
         a8:12:e0:80:93:4d:4f:63:8f:64:40:e0:62:7d:58:71:d2:75:
         cc:a4:10:d2:94:be:ce:f2:aa:54:ac:e8:73:96:d3:c1:cc:0e:
         0d:d1:58:23:75:cd:d9:8c:ab:a6:86:65:96:a1:fb:59:e8:6d:
         b4:3e:fe:7f:fe:e8:44:e8:87:01:1d:f5:fe:cb:15:c9:8e:73:
         25:98:3d:77:14:16:16:29:ab:f7:b6:34:03:13:b2:aa:90:3a:
         6b:21:33:ab:8a:58:86:cb:ce:b6:8e:07:a0:49:d7:4e:b3:cd:
         f3:55:38:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHKRtyECQ6YApn7kgzK6QTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjUwNTEzMDEwMTIyWhcNMjUwNTE0MDEwMTIyWjAzMTEwLwYDVQQD
EygzZWRkNTE5NWEwMDU0ODA5OGZhOTRjMDBhYTUzY2YxYWRkNGZjNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+4yj/0oK9iMe/53bzomQMc4Aivs
x4bGS4Xruq/F8WHsh3/nQfFmI4lYW+Dyy/6Ptqev1OTGZWT8w/ZA/8lsmqfkKhCF
A7dwsjstZlbPPvIHqT7rRDbAheLeaakryKlkwPZnm5xoElbnTnq4i4gW4yaugDJN
sKp+3F1WQItU1jQHMc4Uwx9aGluXBPD8cPdRm2Upgd/5aAlk99VhumibdYePNbuB
+lBkDoI8iwbPJB17LFFuH+Y47k6lgVGxRtBghzw55D/Xd+BeYqXppIS79VkhDhlC
OAGStH4p657eh1qQMGB/h0/K6KnOpy7XhgATh5Ax+sKKjankf9YM2NgMtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7dUZWgBUgJj6lMAKpTzxrdT8TxMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyKmpyhP7
anRmMzTRVpj8Nd2mP7vso1EjRSGn39vQUlmX0xmATJ7r1OnoKZ45xko5ZgDMUAbW
I7CaUyZZ2OJzphXDT5zPTmB+XUuKG/Ps9dCnN1r8sMnwZWMmFBx7pc3Q/FFI96hk
sBD24KoYT4FAGle/jQWS+frTyN0B6q6TI08rPArHeo24FgJzbDEmoRkVqBLggJNN
T2OPZEDgYn1YcdJ1zKQQ0pS+zvKqVKzoc5bTwcwODdFYI3XN2YyrpoZllqH7Weht
tD7+f/7oROiHAR31/ssVyY5zJZg9dxQWFimr97Y0AxOyqpA6ayEzq4pYhsvOto4H
oEnXTrPN81U44Q==
-----END CERTIFICATE-----