Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          FuO8kjs8HXh8yOFwKW1NvEFdogCc15+Ncza4zZBgHKA=
Subject key identifier:   AF:2F:FD:0A:65:55:09:31:40:F8:7B:99:D3:B4:64:AD:33:50:3A:BB
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       0196B66BA6AFA64477BB3D0FFB8E48C4D0BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          1342
Signing time:             Fri 09 May 2025 19:00:30 +0000
Manifest this update:     Fri 09 May 2025 19:00:30 +0000
Manifest next update:     Sat 10 May 2025 19:00:30 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: 5kAk+c7KgzY7qEOUbmWSjjp3AwKebmRX7gsq0kON8K0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b6:6b:a6:af:a6:44:77:bb:3d:0f:fb:8e:48:c4:d0:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: May  9 19:00:30 2025 GMT
            Not After : May 10 19:00:30 2025 GMT
        Subject: CN=af2ffd0a6555093140f87b99d3b464ad33503abb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:9b:a6:e3:8c:2c:0b:27:db:1e:c6:b0:1b:ab:
                    c6:9e:8a:1c:30:92:d8:49:e4:5a:47:2c:6f:7d:de:
                    12:3a:43:07:b0:35:0f:e0:97:f4:6d:75:ed:4d:83:
                    60:de:48:fd:0c:9b:06:af:6d:be:4b:69:fa:0f:9c:
                    72:ec:15:59:a8:83:ff:b5:3d:44:ad:06:c5:12:c4:
                    f2:0f:92:a5:db:31:4c:4c:d9:15:f2:e0:48:63:93:
                    d7:dd:af:3e:fb:2a:ec:cd:4a:11:76:b0:d5:8a:6b:
                    d6:6b:18:10:6c:80:ed:e1:7b:a8:f9:c0:5d:29:10:
                    e6:76:2f:b8:4c:af:aa:46:d2:3c:d2:70:bb:65:42:
                    fa:f5:4f:62:ca:48:69:06:61:65:3a:67:f9:6f:56:
                    fc:a3:34:63:d5:db:f5:3b:56:57:4d:5a:ba:3b:55:
                    a5:18:53:3f:44:3b:da:d2:da:c7:5d:c7:13:a2:62:
                    ec:fa:e9:15:8f:95:9a:dd:8d:10:62:a8:f0:73:66:
                    35:c6:01:12:27:19:13:74:ab:18:79:e7:f0:39:ce:
                    e1:f8:dc:eb:dd:68:75:fb:f7:7f:92:e9:70:59:b2:
                    6c:60:42:19:db:da:4d:37:21:e7:c9:d2:a4:97:98:
                    15:c1:7e:9c:cc:a4:42:32:11:eb:d1:23:32:9a:4c:
                    b1:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:2F:FD:0A:65:55:09:31:40:F8:7B:99:D3:B4:64:AD:33:50:3A:BB
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:f3:bb:10:6b:98:0d:3d:7c:0b:60:06:d1:18:ba:e2:f2:a8:
         cf:6a:47:b5:9f:a2:3b:14:18:01:a8:45:2f:63:25:4c:97:2b:
         fd:9c:3b:7b:55:53:df:0a:e6:2e:c1:b1:e8:ad:82:3a:de:0b:
         19:f6:5c:f1:5f:14:31:76:d9:f3:c1:9e:33:db:17:84:20:8c:
         eb:84:e5:c5:d2:a7:39:6f:7f:4d:3d:c2:dc:7c:4e:21:db:fe:
         c2:3b:52:8a:cc:d7:e6:be:c7:47:6d:b1:14:1c:4d:ee:b6:09:
         f7:44:ac:b6:19:c9:7a:61:71:22:d5:c1:66:ba:36:ea:c5:08:
         61:82:8d:58:e1:ca:a3:1a:d7:4b:7b:b2:2c:ce:89:62:d2:f1:
         f1:c1:8c:db:ee:bd:ec:c9:56:d1:be:57:cf:38:75:12:11:aa:
         d3:7e:95:8b:17:8d:ed:7b:cc:73:1e:a5:0c:d1:2f:ff:95:74:
         73:d9:7a:1c:04:72:96:dd:a5:4a:f7:6f:44:ac:41:ec:5b:8b:
         76:f2:2f:21:72:7d:d5:7d:a4:86:16:4a:4e:6e:c4:d5:0b:66:
         94:81:2a:e5:0f:b7:17:00:b5:3f:5d:bb:9b:47:58:d0:1b:a5:
         a9:c8:f9:31:a6:cd:bc:5f:e6:37:d6:df:79:cc:93:e7:8f:21:
         53:b7:20:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa2a6avpkR3uz0P+45IxNC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjUwNTA5MTkwMDMwWhcNMjUwNTEwMTkwMDMwWjAzMTEwLwYDVQQD
EyhhZjJmZmQwYTY1NTUwOTMxNDBmODdiOTlkM2I0NjRhZDMzNTAzYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5um44wsCyfbHsawG6vGnoocMJLY
SeRaRyxvfd4SOkMHsDUP4Jf0bXXtTYNg3kj9DJsGr22+S2n6D5xy7BVZqIP/tT1E
rQbFEsTyD5Kl2zFMTNkV8uBIY5PX3a8++yrszUoRdrDVimvWaxgQbIDt4Xuo+cBd
KRDmdi+4TK+qRtI80nC7ZUL69U9iykhpBmFlOmf5b1b8ozRj1dv1O1ZXTVq6O1Wl
GFM/RDva0trHXccTomLs+ukVj5Wa3Y0QYqjwc2Y1xgESJxkTdKsYeefwOc7h+Nzr
3Wh1+/d/kulwWbJsYEIZ29pNNyHnydKkl5gVwX6czKRCMhHr0SMymkyxlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8v/QplVQkxQPh7mdO0ZK0zUDq7MB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUPO7EGuY
DT18C2AG0Ri64vKoz2pHtZ+iOxQYAahFL2MlTJcr/Zw7e1VT3wrmLsGx6K2COt4L
GfZc8V8UMXbZ88GeM9sXhCCM64TlxdKnOW9/TT3C3HxOIdv+wjtSiszX5r7HR22x
FBxN7rYJ90SsthnJemFxItXBZro26sUIYYKNWOHKoxrXS3uyLM6JYtLx8cGM2+69
7MlW0b5Xzzh1EhGq036VixeN7XvMcx6lDNEv/5V0c9l6HARylt2lSvdvRKxB7FuL
dvIvIXJ91X2khhZKTm7E1QtmlIEq5Q+3FwC1P127m0dY0Bulqcj5MabNvF/mN9bf
ecyT548hU7cg1Q==
-----END CERTIFICATE-----