Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
File:                     sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json)
Hash identifier:          9HljBut/yp6tT5TE3CYQRkJv9GTRs1gg1xvqPAMBmjo=
Subject key identifier:   8D:60:CA:CC:12:C9:B1:09:72:8D:EB:32:BE:BF:FE:5B:22:D6:F4:54
Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
Certificate issuer:       /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Certificate serial:       0196A088A8AE37EE167915427F7B34848C4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
Manifest number:          0279
Signing time:             Mon 05 May 2025 13:00:32 +0000
Manifest this update:     Mon 05 May 2025 13:00:32 +0000
Manifest next update:     Tue 06 May 2025 13:00:32 +0000
Files and hashes:         1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: LvjCL+xVP/WD29f61ikxXXEtIqrZN0kOTceCnrHHQI4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:88:a8:ae:37:ee:16:79:15:42:7f:7b:34:84:8c:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
        Validity
            Not Before: May  5 13:00:32 2025 GMT
            Not After : May  6 13:00:32 2025 GMT
        Subject: CN=8d60cacc12c9b109728deb32bebffe5b22d6f454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7c:0c:55:b2:d1:07:b1:f1:c9:b8:80:1a:be:
                    93:ca:cf:5d:23:60:ac:43:b9:1e:7e:7b:6f:0a:a1:
                    00:d7:ac:9a:e6:41:36:85:dd:2e:da:82:19:4e:64:
                    92:8c:5b:f8:47:74:ed:06:65:33:ef:a6:d1:d2:c1:
                    e2:d0:61:02:a6:4b:18:a6:2f:66:c4:30:8a:54:1a:
                    b7:a4:2c:4a:c7:ba:8c:ef:27:77:c4:58:88:3b:f7:
                    5e:aa:3e:33:1c:f2:ca:08:5f:37:a0:c8:aa:26:ef:
                    20:a3:65:27:64:9a:30:21:88:62:be:09:56:0a:e9:
                    a1:aa:95:b8:ad:95:67:4b:c5:93:17:35:0a:8c:39:
                    65:6d:8a:a8:cf:a8:74:1f:31:ce:1f:2b:82:2e:33:
                    d2:32:82:69:d4:e5:26:75:0a:77:8f:86:04:7e:66:
                    3f:ae:e4:53:65:c8:d9:77:00:52:00:b1:78:2d:01:
                    a2:7e:29:a2:b4:9a:00:d3:6e:48:29:02:1a:71:54:
                    57:0e:6e:06:e6:6c:01:d6:e8:a4:87:42:c0:61:cf:
                    e8:fe:b0:d3:54:2e:17:87:be:16:4c:d6:fb:45:fd:
                    5c:f1:6b:e6:49:3d:fa:f6:b2:41:2f:ce:c7:a0:6f:
                    49:73:3b:25:34:80:f2:7d:d9:0e:66:ab:14:30:68:
                    09:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:60:CA:CC:12:C9:B1:09:72:8D:EB:32:BE:BF:FE:5B:22:D6:F4:54
            X509v3 Authority Key Identifier:
                keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:e6:82:ac:83:6b:85:38:03:d5:b4:22:ac:30:bf:c6:66:56:
         c4:89:76:15:bb:ce:ef:b6:1f:b6:c8:0b:87:2f:ab:e9:2f:97:
         ab:9b:ab:ba:82:ac:9f:6e:ad:25:40:b5:30:07:21:25:a4:37:
         cc:0d:d9:b2:26:6c:66:cd:c7:b5:77:47:c4:50:38:da:f0:0a:
         d7:2a:d6:0e:ad:05:3d:8f:fc:ea:0b:81:b7:6b:82:b0:f5:d0:
         22:b4:3d:b5:77:0d:7f:ae:8f:93:d4:d5:ec:74:dc:4f:7e:57:
         bf:06:77:56:b0:30:dd:cf:05:09:eb:65:b6:ba:76:71:7d:ee:
         ef:5f:d1:3b:db:eb:c8:82:ae:f4:0e:ba:8e:38:d4:f9:c8:9f:
         11:dd:d7:d6:76:41:65:7c:24:91:c5:a2:f5:1a:16:83:2a:e9:
         bb:12:2d:a2:88:8f:1d:eb:9c:52:4a:ed:cd:1a:ed:17:b8:31:
         be:f3:22:b2:78:d9:f6:3f:10:43:ea:cd:21:92:11:24:2a:8d:
         ee:47:fe:6a:c6:1e:79:21:7e:eb:fb:a0:ae:c9:7e:f3:c8:a7:
         a3:f7:74:e9:92:ff:7c:0c:a3:05:f3:4c:8a:54:77:f2:2e:21:
         e0:2c:c6:30:f8:fb:02:0d:30:a4:7a:03:84:cc:35:b4:34:c6:
         07:a2:ad:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagiKiuN+4WeRVCf3s0hIxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4
OWYxNmQwHhcNMjUwNTA1MTMwMDMyWhcNMjUwNTA2MTMwMDMyWjAzMTEwLwYDVQQD
Eyg4ZDYwY2FjYzEyYzliMTA5NzI4ZGViMzJiZWJmZmU1YjIyZDZmNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnwMVbLRB7HxybiAGr6Tys9dI2Cs
Q7kefntvCqEA16ya5kE2hd0u2oIZTmSSjFv4R3TtBmUz76bR0sHi0GECpksYpi9m
xDCKVBq3pCxKx7qM7yd3xFiIO/deqj4zHPLKCF83oMiqJu8go2UnZJowIYhivglW
CumhqpW4rZVnS8WTFzUKjDllbYqoz6h0HzHOHyuCLjPSMoJp1OUmdQp3j4YEfmY/
ruRTZcjZdwBSALF4LQGifimitJoA025IKQIacVRXDm4G5mwB1uikh0LAYc/o/rDT
VC4Xh74WTNb7Rf1c8WvmST369rJBL87HoG9JczslNIDyfdkOZqsUMGgJXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1gyswSybEJco3rMr6//lsi1vRUMB8GA1UdIwQY
MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt
ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj
LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjuaCrINr
hTgD1bQirDC/xmZWxIl2FbvO77YftsgLhy+r6S+Xq5uruoKsn26tJUC1MAchJaQ3
zA3ZsiZsZs3HtXdHxFA42vAK1yrWDq0FPY/86guBt2uCsPXQIrQ9tXcNf66Pk9TV
7HTcT35XvwZ3VrAw3c8FCetltrp2cX3u71/RO9vryIKu9A66jjjU+cifEd3X1nZB
ZXwkkcWi9RoWgyrpuxItooiPHeucUkrtzRrtF7gxvvMisnjZ9j8QQ+rNIZIRJCqN
7kf+asYeeSF+6/ugrsl+88ino/d06ZL/fAyjBfNMilR38i4h4CzGMPj7Ag0wpHoD
hMw1tDTGB6Ktlw==
-----END CERTIFICATE-----