Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          2Jw+BL9/6w+tQIxxlECK63VxQr5pDL/rr3HM55ezs7M=
Subject key identifier:   F2:69:4D:1D:B1:04:55:4D:2C:6D:7C:7F:75:14:8D:BE:30:3C:EA:30
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       0196C53A9C9A58B7578D4A36BF7E882C600B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          04F4
Signing time:             Mon 12 May 2025 16:01:14 +0000
Manifest this update:     Mon 12 May 2025 16:01:14 +0000
Manifest next update:     Tue 13 May 2025 16:01:14 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: 6NaaznRZkul3U2WNJLylOeBkL9G9xSyBvGynfMt/E4g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:3a:9c:9a:58:b7:57:8d:4a:36:bf:7e:88:2c:60:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: May 12 16:01:14 2025 GMT
            Not After : May 13 16:01:14 2025 GMT
        Subject: CN=f2694d1db104554d2c6d7c7f75148dbe303cea30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:78:b2:82:f1:e3:45:8b:91:ed:a1:2b:b9:ed:
                    54:5a:68:d8:e1:66:af:7f:5e:90:5c:38:de:98:cf:
                    d7:c2:80:37:8f:cd:ef:33:14:68:ad:d6:61:cf:94:
                    26:50:40:72:24:b2:c3:d5:74:b3:a6:b3:3c:4b:3f:
                    82:80:a1:53:de:06:1a:cc:23:b9:cb:87:d6:ee:97:
                    ff:0f:a6:ca:f4:27:92:aa:60:1a:f0:2e:a0:2e:7d:
                    e5:2a:4c:ad:d4:e9:fb:8b:a3:5d:74:69:d1:e2:12:
                    cb:4a:21:c5:b5:49:bb:11:73:4c:d2:b7:15:d1:9b:
                    f7:74:c8:2e:a3:d6:8e:08:28:d7:e5:c3:32:b4:34:
                    43:62:5d:1d:b7:ca:48:09:2d:42:e6:cb:1b:eb:af:
                    02:57:30:f8:cc:60:96:ba:c9:88:59:35:8c:10:cf:
                    86:0b:a5:66:bf:1f:39:dd:4e:49:37:23:20:b7:51:
                    23:6f:a4:cd:53:81:f9:f9:31:32:04:9d:1b:0c:c4:
                    5c:3c:7f:13:e7:d4:ff:df:aa:39:d1:7e:f7:e9:42:
                    3b:77:16:50:fb:54:04:11:a6:58:2c:12:df:55:08:
                    c1:2c:91:e8:5a:48:fc:08:9e:16:71:39:bf:30:62:
                    a4:e4:c2:3d:e9:86:8d:6a:7f:e8:8e:70:04:52:08:
                    fc:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:69:4D:1D:B1:04:55:4D:2C:6D:7C:7F:75:14:8D:BE:30:3C:EA:30
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:fe:42:9e:24:bb:dd:a3:3c:99:34:d1:6a:90:d9:f9:ff:bf:
         b5:3a:e2:54:f7:a7:1b:14:1a:31:3c:1f:94:a5:f8:46:50:c6:
         00:0d:52:27:78:ae:9b:31:5a:7c:c6:c7:34:f0:4e:6a:f3:9e:
         26:c6:eb:fb:21:8e:29:20:81:57:4b:a0:0d:e6:80:a3:68:45:
         75:87:7f:20:e3:55:25:93:2a:ae:f6:8a:73:b5:fb:7c:b8:a4:
         e7:c5:3e:18:91:46:d3:89:66:c2:52:d5:9b:ba:68:79:7f:17:
         c3:f1:22:22:7c:ff:77:9a:a2:47:80:09:3f:88:e0:a1:68:aa:
         38:c5:f5:b0:3d:ff:e7:40:b0:4a:8e:ab:9a:a7:46:21:b2:5b:
         ed:da:a0:b3:d4:b4:e0:6f:a1:ce:3f:87:45:09:fa:af:7e:d2:
         36:2d:68:8c:ac:dc:fd:42:94:55:d9:b7:62:26:ef:8c:ab:61:
         54:4d:ee:e0:bd:87:bd:bd:2a:fa:fb:06:b6:c2:74:fa:18:fc:
         83:85:cb:b8:fc:52:24:7c:f1:2b:c7:05:0c:4c:45:26:0f:fb:
         cd:77:b6:a4:c3:90:d1:2d:f3:48:c1:c6:59:09:c7:a1:25:86:
         17:fc:71:24:eb:ac:fe:1e:8a:58:1e:05:78:fb:7a:cc:7e:9b:
         51:25:50:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOpyaWLdXjUo2v36ILGALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjUwNTEyMTYwMTE0WhcNMjUwNTEzMTYwMTE0WjAzMTEwLwYDVQQD
EyhmMjY5NGQxZGIxMDQ1NTRkMmM2ZDdjN2Y3NTE0OGRiZTMwM2NlYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXiygvHjRYuR7aErue1UWmjY4Wav
f16QXDjemM/XwoA3j83vMxRordZhz5QmUEByJLLD1XSzprM8Sz+CgKFT3gYazCO5
y4fW7pf/D6bK9CeSqmAa8C6gLn3lKkyt1On7i6NddGnR4hLLSiHFtUm7EXNM0rcV
0Zv3dMguo9aOCCjX5cMytDRDYl0dt8pICS1C5ssb668CVzD4zGCWusmIWTWMEM+G
C6Vmvx853U5JNyMgt1Ejb6TNU4H5+TEyBJ0bDMRcPH8T59T/36o50X736UI7dxZQ
+1QEEaZYLBLfVQjBLJHoWkj8CJ4WcTm/MGKk5MI96YaNan/ojnAEUgj85wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJpTR2xBFVNLG18f3UUjb4wPOowMB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR/5CniS7
3aM8mTTRapDZ+f+/tTriVPenGxQaMTwflKX4RlDGAA1SJ3iumzFafMbHNPBOavOe
Jsbr+yGOKSCBV0ugDeaAo2hFdYd/IONVJZMqrvaKc7X7fLik58U+GJFG04lmwlLV
m7poeX8Xw/EiInz/d5qiR4AJP4jgoWiqOMX1sD3/50CwSo6rmqdGIbJb7dqgs9S0
4G+hzj+HRQn6r37SNi1ojKzc/UKUVdm3YibvjKthVE3u4L2Hvb0q+vsGtsJ0+hj8
g4XLuPxSJHzxK8cFDExFJg/7zXe2pMOQ0S3zSMHGWQnHoSWGF/xxJOus/h6KWB4F
ePt6zH6bUSVQIw==
-----END CERTIFICATE-----