Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
File:                     mdXL9__sUlSnHvex7fem12x1liU.mft (raw, json)
Hash identifier:          fEdr+Is8aliTugHWIR8zAyRoH04QVRrrEkne3YmB/5I=
Subject key identifier:   71:18:BD:4A:68:E9:D9:D3:F6:5C:4F:F6:E3:C2:4A:3D:B7:02:49:8E
Authority key identifier: 99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25
Certificate issuer:       /CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
Certificate serial:       0196B3D95E8E25F67D5D27103F64742A005C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
Manifest number:          152C
Signing time:             Fri 09 May 2025 07:01:29 +0000
Manifest this update:     Fri 09 May 2025 07:01:29 +0000
Manifest next update:     Sat 10 May 2025 07:01:29 +0000
Files and hashes:         1: mdXL9__sUlSnHvex7fem12x1liU.crl (hash: lYfCTH/gasvuRqSHTnyUy2Q+qc59q7WZWQTXK6nvAPM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b3:d9:5e:8e:25:f6:7d:5d:27:10:3f:64:74:2a:00:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
        Validity
            Not Before: May  9 07:01:29 2025 GMT
            Not After : May 10 07:01:29 2025 GMT
        Subject: CN=7118bd4a68e9d9d3f65c4ff6e3c24a3db702498e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:9a:ae:9b:80:ab:e4:26:08:06:2c:16:97:59:
                    5c:38:40:82:2e:ae:79:0a:36:98:08:da:67:5a:d0:
                    7d:42:f8:96:7b:de:00:5d:b9:77:33:c2:64:cc:ee:
                    df:f0:cb:ea:a4:a7:a5:ad:d4:d7:bd:74:16:c6:fa:
                    b0:ad:ca:09:45:21:4a:0e:51:10:69:73:a7:f9:8b:
                    e6:7a:94:33:fc:1a:40:02:fb:0f:96:32:0e:0e:72:
                    c5:da:ee:38:60:6b:a7:84:1b:8c:0d:ce:cf:37:cb:
                    5a:b3:9d:c0:42:2b:f1:83:9f:a6:dd:7b:d2:5e:bd:
                    dd:e6:b8:b8:d9:5f:99:b2:31:43:a8:64:64:9c:b8:
                    01:97:0f:ff:08:f4:66:06:27:89:b7:d5:e4:c2:5e:
                    93:ec:07:b6:d8:e3:75:c1:e5:66:63:b3:e4:2e:a5:
                    f7:62:2f:7e:99:aa:fb:4a:2c:e1:f5:3d:55:1f:a5:
                    b2:d3:2a:50:99:b5:7c:9b:cf:cb:02:24:ed:78:71:
                    ca:70:3c:a6:35:06:73:18:6a:0f:bb:ab:83:50:31:
                    f7:23:19:12:2c:c9:a0:61:80:48:0f:b3:ee:34:c1:
                    f8:a0:8e:3a:61:76:81:dd:1a:e7:09:ea:31:92:15:
                    1d:4e:09:bd:f8:09:3a:4f:ad:7c:73:31:12:2b:84:
                    9c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:18:BD:4A:68:E9:D9:D3:F6:5C:4F:F6:E3:C2:4A:3D:B7:02:49:8E
            X509v3 Authority Key Identifier:
                keyid:99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:5c:75:f8:08:89:6f:2b:85:2e:bc:89:cd:b5:b5:3c:c4:f6:
         02:4d:18:02:b5:9a:52:ce:6b:82:31:5b:13:fc:1e:59:9f:2b:
         36:c0:89:6e:73:e4:87:61:3a:59:46:ae:3f:bc:9e:f9:7a:6f:
         a8:61:ed:6a:8f:e4:86:54:b2:4c:1a:3c:83:de:e4:06:36:e9:
         e4:22:c0:ab:f7:b1:22:c4:75:d9:de:08:94:91:3c:36:1d:d6:
         49:40:45:5f:11:64:16:81:49:24:48:d9:68:b2:89:7e:e0:5b:
         85:2a:b4:94:6b:50:29:22:a8:51:34:46:20:24:d0:49:34:a4:
         3c:0d:46:4f:df:8a:8e:c3:0a:f1:14:1f:eb:50:64:a9:6d:dc:
         6a:5f:c4:d7:01:47:d2:45:f3:2b:6f:0f:64:40:8d:84:16:1a:
         fb:d1:f0:ae:ba:d3:9a:c1:cb:81:68:fe:e4:c7:19:82:ab:8f:
         33:d4:28:04:50:92:f5:0c:7b:cb:7d:15:93:07:c6:2d:ea:b7:
         7f:d8:7e:ee:e2:76:ab:69:9b:14:4c:cf:90:9c:73:aa:a4:45:
         21:5e:2e:a7:c4:94:eb:a8:8b:94:95:75:a1:50:e9:68:f5:47:
         38:71:7c:8a:53:7e:bc:c0:89:43:87:08:22:eb:31:9b:bb:05:
         9e:25:54:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaz2V6OJfZ9XScQP2R0KgBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDVjYmY3ZmZlYzUyNTRhNzFlZjdiMWVkZjdhNmQ3NmM3
NTk2MjUwHhcNMjUwNTA5MDcwMTI5WhcNMjUwNTEwMDcwMTI5WjAzMTEwLwYDVQQD
Eyg3MTE4YmQ0YTY4ZTlkOWQzZjY1YzRmZjZlM2MyNGEzZGI3MDI0OThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5qum4Cr5CYIBiwWl1lcOECCLq55
CjaYCNpnWtB9QviWe94AXbl3M8JkzO7f8MvqpKelrdTXvXQWxvqwrcoJRSFKDlEQ
aXOn+YvmepQz/BpAAvsPljIODnLF2u44YGunhBuMDc7PN8tas53AQivxg5+m3XvS
Xr3d5ri42V+ZsjFDqGRknLgBlw//CPRmBieJt9Xkwl6T7Ae22ON1weVmY7PkLqX3
Yi9+mar7Sizh9T1VH6Wy0ypQmbV8m8/LAiTteHHKcDymNQZzGGoPu6uDUDH3IxkS
LMmgYYBID7PuNMH4oI46YXaB3RrnCeoxkhUdTgm9+Ak6T618czESK4ScLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEYvUpo6dnT9lxP9uPCSj23AkmOMB8GA1UdIwQY
MBaAFJnVy/f/7FJUpx73se33ptdsdZYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQt
YWVhZTZlMzU5M2E3LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQtYWVhZTZlMzU5M2E3
LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ1x1+AiJ
byuFLryJzbW1PMT2Ak0YArWaUs5rgjFbE/weWZ8rNsCJbnPkh2E6WUauP7ye+Xpv
qGHtao/khlSyTBo8g97kBjbp5CLAq/exIsR12d4IlJE8Nh3WSUBFXxFkFoFJJEjZ
aLKJfuBbhSq0lGtQKSKoUTRGICTQSTSkPA1GT9+KjsMK8RQf61BkqW3cal/E1wFH
0kXzK28PZECNhBYa+9HwrrrTmsHLgWj+5McZgquPM9QoBFCS9Qx7y30VkwfGLeq3
f9h+7uJ2q2mbFEzPkJxzqqRFIV4up8SU66iLlJV1oVDpaPVHOHF8ilN+vMCJQ4cI
Iusxm7sFniVUQA==
-----END CERTIFICATE-----