Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          hNZ/6hvkvHnc2EKYDp0zL/Z90YiQ3+ezqQ8h3jHzppQ=
Subject key identifier:   09:63:38:9A:9C:53:7E:D2:9D:88:EE:86:1E:CC:D5:B8:3C:5F:A5:E1
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       0196BE259D703A85636633CACC56EEC55BB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          02DE
Signing time:             Sun 11 May 2025 07:00:58 +0000
Manifest this update:     Sun 11 May 2025 07:00:58 +0000
Manifest next update:     Mon 12 May 2025 07:00:58 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: F55qLv0frkL01Bxcjj3kmnKQ2v6cfDeoGJ+xf/q+i4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:25:9d:70:3a:85:63:66:33:ca:cc:56:ee:c5:5b:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: May 11 07:00:58 2025 GMT
            Not After : May 12 07:00:58 2025 GMT
        Subject: CN=0963389a9c537ed29d88ee861eccd5b83c5fa5e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:77:be:0d:c8:5f:5a:77:a4:4f:dd:52:8f:ba:
                    fa:69:40:7e:2c:e2:64:6b:e7:22:fc:bb:c6:a4:d1:
                    21:8f:ee:97:5f:82:4f:09:8d:11:09:0f:e9:34:cc:
                    fd:f9:f9:71:6d:11:0c:4f:0b:ba:d9:a2:fc:7f:88:
                    7a:05:f8:ab:6b:1f:58:37:28:4c:3b:d0:1b:df:c2:
                    5c:10:e6:7d:80:a6:40:8f:dc:f0:8d:db:91:a1:4c:
                    3e:21:59:f2:5d:c7:c2:d4:92:a6:73:51:81:e4:91:
                    4f:09:fc:40:42:85:19:38:fb:43:7e:dc:b8:52:91:
                    84:54:45:59:02:6d:b6:bb:62:2e:b5:40:91:b6:d9:
                    75:a2:bb:37:ee:ec:bc:4e:bd:11:7a:4a:77:d0:20:
                    48:3c:e6:25:d6:e6:9b:ae:8d:bf:a1:71:eb:1e:60:
                    a8:53:41:5d:6e:e0:aa:bb:80:f3:fa:84:51:48:d6:
                    11:33:c6:01:47:a9:89:ef:0d:3c:3e:97:19:53:2d:
                    75:28:d3:01:6f:17:82:62:8e:28:a3:e8:b2:b3:b3:
                    aa:f1:e3:d1:55:04:fe:7c:48:0f:0f:13:9d:91:fc:
                    d8:c7:b1:16:88:17:c7:59:9f:d0:27:c9:e6:3f:64:
                    60:4a:3c:ae:a8:02:9f:0d:6c:5a:94:97:73:9f:2f:
                    d5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:63:38:9A:9C:53:7E:D2:9D:88:EE:86:1E:CC:D5:B8:3C:5F:A5:E1
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:f0:d9:9a:19:5c:ac:3d:bf:2d:f8:3d:d2:ca:63:54:1a:6c:
         fd:d1:24:1f:a5:0b:e8:8e:1f:94:95:9e:51:51:62:d0:fb:44:
         d4:10:52:2c:10:c0:6d:88:82:e0:fc:95:0b:14:40:50:68:fe:
         6c:a9:ac:4f:59:83:b1:d1:e6:30:48:f1:04:d9:4e:f7:d7:04:
         1a:34:80:99:37:d6:df:7f:f8:01:2e:9e:b3:03:7d:a8:28:2c:
         7b:a0:67:9f:11:b5:15:91:1c:33:41:d9:40:57:c5:b6:90:9f:
         ce:fa:1e:7c:93:7c:f5:c2:30:02:db:10:42:d7:21:03:12:fd:
         b7:77:7d:ad:a7:f3:20:66:84:ca:1b:8e:4a:2d:f4:66:24:6d:
         b8:43:db:29:20:18:72:75:03:b6:76:90:b2:a9:da:06:7c:9d:
         f3:dd:d6:b7:a9:bf:de:78:8a:2f:53:ec:6d:4d:8c:d7:68:00:
         8b:d8:e9:59:4b:14:c3:fa:23:82:2e:d7:27:40:86:d4:1a:9e:
         47:68:84:09:eb:97:ec:77:ed:cd:7c:9f:90:87:9b:9b:af:82:
         ce:9d:10:db:93:d0:f9:11:05:dd:67:56:32:22:72:1d:1d:9e:
         bb:5e:26:c2:da:1a:10:09:ff:cb:68:c3:d3:b9:d3:cb:82:40:
         d1:94:57:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+JZ1wOoVjZjPKzFbuxVuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjUwNTExMDcwMDU4WhcNMjUwNTEyMDcwMDU4WjAzMTEwLwYDVQQD
EygwOTYzMzg5YTljNTM3ZWQyOWQ4OGVlODYxZWNjZDViODNjNWZhNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHe+DchfWnekT91Sj7r6aUB+LOJk
a+ci/LvGpNEhj+6XX4JPCY0RCQ/pNMz9+flxbREMTwu62aL8f4h6Bfirax9YNyhM
O9Ab38JcEOZ9gKZAj9zwjduRoUw+IVnyXcfC1JKmc1GB5JFPCfxAQoUZOPtDfty4
UpGEVEVZAm22u2IutUCRttl1ors37uy8Tr0Rekp30CBIPOYl1uabro2/oXHrHmCo
U0FdbuCqu4Dz+oRRSNYRM8YBR6mJ7w08PpcZUy11KNMBbxeCYo4oo+iys7Oq8ePR
VQT+fEgPDxOdkfzYx7EWiBfHWZ/QJ8nmP2RgSjyuqAKfDWxalJdzny/VAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAljOJqcU37SnYjuhh7M1bg8X6XhMB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARPDZmhlc
rD2/Lfg90spjVBps/dEkH6UL6I4flJWeUVFi0PtE1BBSLBDAbYiC4PyVCxRAUGj+
bKmsT1mDsdHmMEjxBNlO99cEGjSAmTfW33/4AS6eswN9qCgse6BnnxG1FZEcM0HZ
QFfFtpCfzvoefJN89cIwAtsQQtchAxL9t3d9rafzIGaEyhuOSi30ZiRtuEPbKSAY
cnUDtnaQsqnaBnyd893Wt6m/3niKL1PsbU2M12gAi9jpWUsUw/ojgi7XJ0CG1Bqe
R2iECeuX7HftzXyfkIebm6+Czp0Q25PQ+REF3WdWMiJyHR2eu14mwtoaEAn/y2jD
07nTy4JA0ZRXug==
-----END CERTIFICATE-----