Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          XSR8rpUnFsR9UWbXmX4zRO7LE5G16JuoQrBqJw9dKYE=
Subject key identifier:   54:98:BA:D5:65:78:2E:71:24:C1:6A:4B:8E:D7:39:95:F1:28:81:0C
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       0196A1D24C94C2B9B607292123F6E857FC25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          0A08
Signing time:             Mon 05 May 2025 19:00:36 +0000
Manifest this update:     Mon 05 May 2025 19:00:36 +0000
Manifest next update:     Tue 06 May 2025 19:00:36 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: RNAYhIL+LaM0tavJm22mvKEfrK7crTymo4beB83z6ac=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a1:d2:4c:94:c2:b9:b6:07:29:21:23:f6:e8:57:fc:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: May  5 19:00:36 2025 GMT
            Not After : May  6 19:00:36 2025 GMT
        Subject: CN=5498bad565782e7124c16a4b8ed73995f128810c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:0b:07:1c:b1:7a:fe:9b:4b:96:47:d9:06:1c:
                    6e:7f:70:34:ef:ba:a5:2d:ad:08:e7:40:f2:a2:76:
                    db:54:df:3d:82:20:01:b4:96:a2:95:45:c0:0e:a1:
                    04:6e:86:80:08:55:08:37:f8:2c:fb:1b:96:f4:73:
                    c8:8d:e6:fa:8c:68:2c:a9:5a:52:45:ff:8b:40:23:
                    b6:f2:3b:14:88:c5:22:0f:a6:7d:f5:de:1e:6b:78:
                    37:ce:ba:70:c1:b1:10:a5:1a:1e:fa:36:11:57:33:
                    ee:76:0b:86:d4:50:c4:c2:06:8d:2f:09:1b:73:1e:
                    ac:a8:13:6d:89:6e:79:3e:29:ba:0b:24:ee:c5:39:
                    c0:11:1b:5c:82:35:9b:df:ca:94:ef:2b:28:97:57:
                    a8:6b:e3:d4:f4:01:24:e7:0b:d9:f1:62:24:d5:e8:
                    bb:cf:75:c1:aa:37:bf:ac:d8:2b:ad:8f:28:c3:31:
                    cf:10:db:fe:38:e7:32:1d:f1:56:57:1f:e2:8d:94:
                    43:8b:6b:64:4e:f9:44:d0:ec:42:27:d5:17:c5:53:
                    5d:4a:14:98:ea:08:95:34:3d:e9:dd:5a:9b:43:15:
                    87:e7:7f:08:dc:cd:b2:c8:1c:80:49:18:9e:73:c3:
                    85:10:a3:dd:68:75:ab:dc:13:a9:ff:e6:c1:ba:0f:
                    ab:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:98:BA:D5:65:78:2E:71:24:C1:6A:4B:8E:D7:39:95:F1:28:81:0C
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:6a:f4:80:07:7d:f1:cd:c4:52:d7:af:df:52:6c:6a:bb:fc:
         34:f5:d3:2e:3b:71:20:d7:47:e4:9e:eb:38:d6:9b:9c:81:5a:
         fe:dd:b6:65:69:ba:3e:bc:66:54:06:26:76:a4:2f:66:c9:b6:
         0a:d3:c3:b5:b0:54:7e:10:96:eb:21:9d:08:20:5f:c1:f9:06:
         ba:a1:44:d0:fb:95:61:57:86:43:1c:04:4d:50:f9:a5:c1:16:
         b4:5a:57:69:e4:b0:6c:98:a5:5b:4b:44:b6:3c:d9:81:c5:d8:
         04:83:1f:67:cc:80:e0:0a:e6:74:db:3a:d1:a4:32:51:54:13:
         0d:c6:79:91:04:14:9f:3e:a3:a7:bf:d2:ab:c1:87:27:92:79:
         63:2a:6a:f1:16:63:14:ca:bb:cd:71:b9:f6:e9:fd:ad:66:0c:
         0e:8e:10:47:3b:c0:3f:29:66:0b:7a:49:c3:18:cc:da:62:39:
         ec:80:30:88:38:fa:f8:e7:8c:ee:07:1e:91:e1:d4:7e:85:07:
         35:31:f4:0d:ac:86:50:05:86:9f:bc:ff:be:20:d8:95:a2:f6:
         62:b9:8d:a9:d8:f3:f6:ed:48:3b:c6:ee:91:e1:75:cb:1a:85:
         5e:36:b8:38:7d:ba:a6:68:a3:0b:cc:e3:2c:0e:2f:b1:bf:fb:
         b4:6b:64:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZah0kyUwrm2BykhI/boV/wlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjUwNTA1MTkwMDM2WhcNMjUwNTA2MTkwMDM2WjAzMTEwLwYDVQQD
Eyg1NDk4YmFkNTY1NzgyZTcxMjRjMTZhNGI4ZWQ3Mzk5NWYxMjg4MTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugsHHLF6/ptLlkfZBhxuf3A077ql
La0I50DyonbbVN89giABtJailUXADqEEboaACFUIN/gs+xuW9HPIjeb6jGgsqVpS
Rf+LQCO28jsUiMUiD6Z99d4ea3g3zrpwwbEQpRoe+jYRVzPudguG1FDEwgaNLwkb
cx6sqBNtiW55Pim6CyTuxTnAERtcgjWb38qU7ysol1eoa+PU9AEk5wvZ8WIk1ei7
z3XBqje/rNgrrY8owzHPENv+OOcyHfFWVx/ijZRDi2tkTvlE0OxCJ9UXxVNdShSY
6giVND3p3VqbQxWH538I3M2yyByASRiec8OFEKPdaHWr3BOp/+bBug+rTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSYutVleC5xJMFqS47XOZXxKIEMMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWr0gAd9
8c3EUtev31Jsarv8NPXTLjtxINdH5J7rONabnIFa/t22ZWm6PrxmVAYmdqQvZsm2
CtPDtbBUfhCW6yGdCCBfwfkGuqFE0PuVYVeGQxwETVD5pcEWtFpXaeSwbJilW0tE
tjzZgcXYBIMfZ8yA4ArmdNs60aQyUVQTDcZ5kQQUnz6jp7/Sq8GHJ5J5Yypq8RZj
FMq7zXG59un9rWYMDo4QRzvAPylmC3pJwxjM2mI57IAwiDj6+OeM7gcekeHUfoUH
NTH0DayGUAWGn7z/viDYlaL2YrmNqdjz9u1IO8bukeF1yxqFXja4OH26pmijC8zj
LA4vsb/7tGtkAQ==
-----END CERTIFICATE-----