Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          SmdhHINSJrxLf05vlYnIuFsVQaLLKwXcONme2YV/iDQ=
Subject key identifier:   68:95:72:7A:23:4D:28:B0:F4:A6:96:EC:6F:7F:15:AA:F8:37:4C:5A
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       01969E639C9CFBC87CBF18C08CEDCBC4645F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          06DB
Signing time:             Mon 05 May 2025 03:00:50 +0000
Manifest this update:     Mon 05 May 2025 03:00:50 +0000
Manifest next update:     Tue 06 May 2025 03:00:50 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: Vutmtqq+++/FuxvzJ5HPB8neGT+N9tVdEnc1lLhN3es=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:63:9c:9c:fb:c8:7c:bf:18:c0:8c:ed:cb:c4:64:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: May  5 03:00:50 2025 GMT
            Not After : May  6 03:00:50 2025 GMT
        Subject: CN=6895727a234d28b0f4a696ec6f7f15aaf8374c5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:0a:65:d2:fd:31:23:10:bb:0d:f7:cc:59:07:
                    af:36:2e:87:d4:ae:77:ac:f3:fd:0f:09:67:ca:0e:
                    3f:3b:46:46:63:ec:57:59:f7:c5:02:e8:20:5b:b1:
                    e2:fe:c1:9a:dc:80:d0:7b:d0:33:b4:7b:ea:66:8b:
                    59:9a:77:c1:dc:20:13:8d:52:f8:95:4a:9d:fc:d2:
                    47:27:0e:a0:66:30:79:59:d5:08:2f:34:c6:52:21:
                    21:99:f5:14:c2:84:d7:15:8c:76:fe:99:b4:18:a4:
                    2a:a0:ae:23:fe:cf:25:88:9b:5c:e1:fc:af:88:ac:
                    a1:27:1b:76:b2:3c:88:bc:f2:7b:b1:dc:0f:2b:a9:
                    e6:75:24:27:86:19:a8:16:7b:c8:36:55:02:5d:70:
                    f4:02:d4:18:66:4f:c2:99:38:bc:2c:23:69:60:8a:
                    77:6e:5d:46:ba:15:2b:6e:80:58:f5:37:1e:2b:ce:
                    0e:d1:d6:fe:af:18:9d:ab:89:0f:fb:60:18:57:b6:
                    bf:82:5d:c0:86:4c:11:a7:f2:07:0d:7f:31:1f:f1:
                    3f:d1:a0:17:a3:ad:fa:f0:29:dd:42:94:83:85:fb:
                    0c:21:57:66:6f:9f:0d:e4:2d:bb:77:48:b2:15:d5:
                    43:e9:9e:e9:b5:c7:e0:27:c0:bd:6e:58:fb:91:7e:
                    89:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:95:72:7A:23:4D:28:B0:F4:A6:96:EC:6F:7F:15:AA:F8:37:4C:5A
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:93:df:53:a5:b7:fc:69:35:d9:73:b3:42:b0:07:22:60:ac:
         45:e6:2a:94:c3:f0:81:70:c6:94:89:5e:5a:2b:b7:2e:1e:36:
         91:3d:08:4f:aa:2c:bf:4d:6a:6d:43:75:97:f0:e6:08:a0:65:
         0a:e9:dc:73:8e:e9:d7:7a:c7:08:9e:9a:7c:08:93:99:6d:b5:
         e4:c4:cf:a0:ab:22:22:f9:85:ca:71:fb:c0:43:0d:ce:4b:1a:
         c9:9f:41:14:d8:67:ce:ce:35:97:e9:27:ae:99:a4:c9:be:81:
         1a:a5:15:e0:da:e8:67:7f:08:94:dc:d2:55:03:0b:fe:4d:e9:
         2d:1a:0e:b2:4d:5e:ea:62:38:df:86:17:b2:75:64:02:38:a1:
         40:e1:94:6e:39:79:5b:16:8c:35:bd:cb:e8:b2:7d:8f:42:99:
         7c:5b:f8:db:8c:0b:46:ad:d4:5f:a7:ab:f2:e1:41:6e:6f:30:
         a4:05:35:1d:db:de:3f:78:b7:54:19:54:62:60:6e:98:3c:a1:
         3d:6e:c5:2f:ba:f8:4e:38:a1:b0:46:8e:62:33:b1:cb:48:6f:
         7d:31:f5:3d:ff:99:75:36:70:af:1a:ae:c2:04:98:38:76:90:
         e5:84:22:f2:b4:71:68:cc:2b:28:6f:05:24:41:6b:35:fe:f8:
         7e:c6:b9:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaeY5yc+8h8vxjAjO3LxGRfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjUwNTA1MDMwMDUwWhcNMjUwNTA2MDMwMDUwWjAzMTEwLwYDVQQD
Eyg2ODk1NzI3YTIzNGQyOGIwZjRhNjk2ZWM2ZjdmMTVhYWY4Mzc0YzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArApl0v0xIxC7DffMWQevNi6H1K53
rPP9Dwlnyg4/O0ZGY+xXWffFAuggW7Hi/sGa3IDQe9AztHvqZotZmnfB3CATjVL4
lUqd/NJHJw6gZjB5WdUILzTGUiEhmfUUwoTXFYx2/pm0GKQqoK4j/s8liJtc4fyv
iKyhJxt2sjyIvPJ7sdwPK6nmdSQnhhmoFnvINlUCXXD0AtQYZk/CmTi8LCNpYIp3
bl1GuhUrboBY9TceK84O0db+rxidq4kP+2AYV7a/gl3AhkwRp/IHDX8xH/E/0aAX
o6368CndQpSDhfsMIVdmb58N5C27d0iyFdVD6Z7ptcfgJ8C9blj7kX6JfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiVcnojTSiw9KaW7G9/Far4N0xaMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAJPfU6W3
/Gk12XOzQrAHImCsReYqlMPwgXDGlIleWiu3Lh42kT0IT6osv01qbUN1l/DmCKBl
Cuncc47p13rHCJ6afAiTmW215MTPoKsiIvmFynH7wEMNzksayZ9BFNhnzs41l+kn
rpmkyb6BGqUV4NroZ38IlNzSVQML/k3pLRoOsk1e6mI434YXsnVkAjihQOGUbjl5
WxaMNb3L6LJ9j0KZfFv424wLRq3UX6er8uFBbm8wpAU1HdveP3i3VBlUYmBumDyh
PW7FL7r4TjihsEaOYjOxy0hvfTH1Pf+ZdTZwrxquwgSYOHaQ5YQi8rRxaMwrKG8F
JEFrNf74fsa58Q==
-----END CERTIFICATE-----