Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
File:                     Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft (raw, json)
Hash identifier:          O40oE9P0Kzs2J+wRQuSiO0wXTR3++R+CWIIuGECSrDQ=
Subject key identifier:   BF:E8:4B:F4:D5:B0:03:47:35:27:AC:17:A8:1B:DB:F7:C0:B8:01:33
Authority key identifier: 4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14
Certificate issuer:       /CN=4b177c450d2035067baa26920b8a4bd36c7b3314
Certificate serial:       0196CEE2A25E13E2CDF1E935244B6B26F8C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
Manifest number:          0C4F
Signing time:             Wed 14 May 2025 13:01:21 +0000
Manifest this update:     Wed 14 May 2025 13:01:21 +0000
Manifest next update:     Thu 15 May 2025 13:01:21 +0000
Files and hashes:         1: Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl (hash: 3IbcyCvrcJbU/kf61LKaOaa3WWcYua4nPLgtKLvUdh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 13:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ce:e2:a2:5e:13:e2:cd:f1:e9:35:24:4b:6b:26:f8:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b177c450d2035067baa26920b8a4bd36c7b3314
        Validity
            Not Before: May 14 13:01:21 2025 GMT
            Not After : May 15 13:01:21 2025 GMT
        Subject: CN=bfe84bf4d5b003473527ac17a81bdbf7c0b80133
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:73:96:ad:36:6b:1d:d7:1c:13:6d:9f:7b:2b:
                    3a:4c:37:43:0d:35:36:34:11:d0:d1:85:a7:3f:13:
                    c7:90:35:48:e5:30:6a:d2:23:05:03:5a:ef:cd:4b:
                    bc:27:fe:55:f1:00:f9:5c:7d:b8:4a:d1:8e:a4:75:
                    01:88:0b:70:be:17:ac:53:87:dd:4d:09:7f:6d:a1:
                    99:8e:80:08:f5:10:43:03:2b:7c:2d:72:e8:ce:96:
                    f9:2e:f8:8e:92:f6:2a:39:46:81:85:3e:57:35:e0:
                    29:7a:0a:8c:13:0e:18:52:69:ec:30:8f:b3:2c:ae:
                    6f:20:08:7c:fb:38:73:10:45:79:d6:92:55:41:1b:
                    bd:84:c2:85:1e:57:86:e4:94:62:de:bc:24:53:b1:
                    b3:16:63:72:19:3c:8f:2f:85:15:df:34:79:12:87:
                    3a:bd:bb:ea:3f:36:8d:53:57:de:d7:e6:19:c5:86:
                    0c:f7:5c:05:2f:d4:0b:c2:4d:2c:e7:56:39:30:d2:
                    ce:b6:1d:aa:29:1f:1d:3d:88:7f:47:b8:09:81:e9:
                    75:a2:3d:f8:f5:45:e7:5e:df:77:50:92:d4:6a:77:
                    a3:e0:bf:90:02:01:0e:d2:d4:05:1e:48:a6:f0:1d:
                    dc:76:55:e4:12:4e:75:0b:e9:b4:5a:93:56:77:68:
                    a1:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:E8:4B:F4:D5:B0:03:47:35:27:AC:17:A8:1B:DB:F7:C0:B8:01:33
            X509v3 Authority Key Identifier:
                keyid:4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:14:f7:fa:55:b1:85:76:bf:32:05:ad:dd:f4:a4:dc:00:51:
         a3:7d:b1:d0:8d:c4:5b:5c:ac:3f:3f:e1:28:da:a8:3a:fa:23:
         e5:99:d1:24:a6:bd:e4:c6:4f:47:e9:f9:e6:2d:2d:3b:c0:79:
         23:bc:6e:75:93:73:fd:81:20:06:59:3f:2f:95:e2:13:e4:dd:
         3a:98:da:c6:c1:e8:74:e0:01:10:35:a9:77:9c:7b:37:59:83:
         6b:ff:ee:e4:6c:1c:7d:09:a2:63:b9:b9:48:0b:28:66:2b:18:
         13:01:6b:96:18:39:f8:7d:3b:9d:35:ce:e5:cd:a0:07:51:c9:
         35:cf:a1:91:f1:a5:1d:0a:78:64:43:38:af:62:aa:bf:cd:d8:
         39:57:b2:8d:46:be:3a:85:49:d1:70:1d:24:1b:9a:58:70:96:
         1a:fe:25:4a:3b:d4:04:b9:54:e6:9d:7d:0b:b3:57:45:48:14:
         4e:78:37:0e:5f:80:f3:82:1f:22:e6:cf:9e:3e:61:c6:b8:be:
         66:bb:32:ec:9e:c9:cb:9b:93:54:19:af:ca:08:d5:d7:80:b1:
         a9:95:75:50:7b:73:47:2e:74:df:4e:07:83:c9:59:31:c2:f6:
         4a:2e:0a:bd:77:69:2f:16:7c:1a:7f:1e:44:55:09:48:9d:72:
         4d:18:64:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbO4qJeE+LN8ek1JEtrJvjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMTc3YzQ1MGQyMDM1MDY3YmFhMjY5MjBiOGE0YmQzNmM3
YjMzMTQwHhcNMjUwNTE0MTMwMTIxWhcNMjUwNTE1MTMwMTIxWjAzMTEwLwYDVQQD
EyhiZmU4NGJmNGQ1YjAwMzQ3MzUyN2FjMTdhODFiZGJmN2MwYjgwMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23OWrTZrHdccE22feys6TDdDDTU2
NBHQ0YWnPxPHkDVI5TBq0iMFA1rvzUu8J/5V8QD5XH24StGOpHUBiAtwvhesU4fd
TQl/baGZjoAI9RBDAyt8LXLozpb5LviOkvYqOUaBhT5XNeApegqMEw4YUmnsMI+z
LK5vIAh8+zhzEEV51pJVQRu9hMKFHleG5JRi3rwkU7GzFmNyGTyPL4UV3zR5Eoc6
vbvqPzaNU1fe1+YZxYYM91wFL9QLwk0s51Y5MNLOth2qKR8dPYh/R7gJgel1oj34
9UXnXt93UJLUanej4L+QAgEO0tQFHkim8B3cdlXkEk51C+m0WpNWd2ihBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/oS/TVsANHNSesF6gb2/fAuAEzMB8GA1UdIwQY
MBaAFEsXfEUNIDUGe6omkguKS9NsezMUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUt
OGQ3YjczNmE2OTVjLzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUtOGQ3YjczNmE2OTVj
LzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAexT3+lWx
hXa/MgWt3fSk3ABRo32x0I3EW1ysPz/hKNqoOvoj5ZnRJKa95MZPR+n55i0tO8B5
I7xudZNz/YEgBlk/L5XiE+TdOpjaxsHodOABEDWpd5x7N1mDa//u5GwcfQmiY7m5
SAsoZisYEwFrlhg5+H07nTXO5c2gB1HJNc+hkfGlHQp4ZEM4r2Kqv83YOVeyjUa+
OoVJ0XAdJBuaWHCWGv4lSjvUBLlU5p19C7NXRUgUTng3Dl+A84IfIubPnj5hxri+
Zrsy7J7Jy5uTVBmvygjV14CxqZV1UHtzRy50304Hg8lZMcL2Si4KvXdpLxZ8Gn8e
RFUJSJ1yTRhktg==
-----END CERTIFICATE-----