Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          tDFvMbOeo6aYLAm9F4mM2XY98IUJbKLOoOvIAoz9J18=
Subject key identifier:   23:82:07:40:91:76:ED:F7:17:BC:EA:18:88:36:77:4C:25:81:96:0C
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       0196B822D256ABA4E45A7941D04E5B9FAEB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          152C
Signing time:             Sat 10 May 2025 03:00:11 +0000
Manifest this update:     Sat 10 May 2025 03:00:11 +0000
Manifest next update:     Sun 11 May 2025 03:00:11 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: 0EGeDb3Zx7El6NWB6SL70aMjV5PG0A7LiOYjo4v1lqY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 03:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:22:d2:56:ab:a4:e4:5a:79:41:d0:4e:5b:9f:ae:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: May 10 03:00:11 2025 GMT
            Not After : May 11 03:00:11 2025 GMT
        Subject: CN=238207409176edf717bcea188836774c2581960c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:cd:51:65:8d:77:84:58:54:e3:26:c7:05:7b:
                    be:be:06:66:c0:7d:75:75:f9:6d:f0:84:24:91:bb:
                    22:3d:29:48:a8:d1:2b:1d:f8:d8:01:14:52:38:bb:
                    bc:7f:c0:16:86:c2:05:96:7a:2d:fe:16:71:b2:09:
                    2c:b1:d8:e3:c6:5f:93:fa:ca:ca:90:e7:03:4e:74:
                    06:6f:55:a8:14:bf:65:b8:fe:01:4f:3e:4e:4e:3e:
                    bb:2b:96:f2:e7:2d:f4:a1:ff:5d:6f:24:87:3e:6d:
                    a9:79:c1:80:ff:d5:7b:d9:31:bc:7f:af:b1:db:a5:
                    87:26:21:17:87:81:e7:44:4c:18:16:7d:39:17:fc:
                    da:33:18:92:f6:4d:b0:74:32:53:cb:35:de:ca:5f:
                    59:41:be:23:dd:69:63:ed:0b:a2:24:ae:bd:46:d6:
                    5c:5e:92:96:4b:14:e4:6c:48:d5:65:2e:72:ec:44:
                    90:95:f3:69:f5:9f:2d:f8:c2:08:ae:43:e2:2d:f5:
                    c5:bf:c0:83:eb:cf:e7:24:6b:8b:d5:07:3a:8f:e7:
                    a4:99:ea:2d:92:d6:b3:05:4f:5f:e6:c4:07:e7:27:
                    ab:97:d9:ee:e0:4f:ea:1c:39:8e:ed:6a:a1:70:e8:
                    6d:4c:69:3d:25:45:c0:f2:16:85:7b:f5:fe:7a:bf:
                    fc:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:82:07:40:91:76:ED:F7:17:BC:EA:18:88:36:77:4C:25:81:96:0C
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:25:f0:3f:9f:78:ac:ab:02:51:d0:5e:b3:ff:e0:a2:d3:01:
         1e:8e:79:eb:e7:0d:f7:f5:55:fd:e6:b0:72:51:34:83:60:1d:
         a1:96:33:c5:cc:5e:cb:ab:29:0f:05:1f:a4:d4:18:93:6a:7c:
         7e:ec:66:6b:06:88:c3:c9:87:34:ed:70:0d:6d:6b:53:4c:0d:
         39:85:7f:45:cf:fb:86:98:bc:02:31:59:a7:26:ef:88:a7:16:
         0c:0d:54:ea:5f:b6:5d:38:86:6d:c6:64:78:ab:f6:a3:e4:ae:
         62:59:b1:6b:4e:36:6d:77:40:08:e2:87:29:d4:2f:9c:83:31:
         19:5a:2f:76:c2:81:3a:aa:f9:2d:ef:e9:3b:67:bc:a0:54:40:
         2b:f8:74:bc:32:9b:a9:5c:21:39:cd:e6:db:4e:61:87:8c:83:
         b8:eb:f0:18:55:4c:23:86:47:16:b3:5a:0c:89:f7:2f:fe:1d:
         5f:6c:38:55:e2:93:86:72:2d:48:02:35:0b:67:03:28:5e:41:
         73:d2:7f:10:3c:1f:3a:17:79:9d:32:31:57:2a:0e:35:2f:69:
         9c:44:30:bd:d2:df:82:7a:3e:94:f7:fd:56:14:a4:62:56:66:
         b9:25:a5:af:33:bc:cf:96:ef:d2:bb:ba:3b:83:f5:b9:71:ee:
         73:36:4c:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4ItJWq6TkWnlB0E5bn66zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjUwNTEwMDMwMDExWhcNMjUwNTExMDMwMDExWjAzMTEwLwYDVQQD
EygyMzgyMDc0MDkxNzZlZGY3MTdiY2VhMTg4ODM2Nzc0YzI1ODE5NjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq81RZY13hFhU4ybHBXu+vgZmwH11
dflt8IQkkbsiPSlIqNErHfjYARRSOLu8f8AWhsIFlnot/hZxsgkssdjjxl+T+srK
kOcDTnQGb1WoFL9luP4BTz5OTj67K5by5y30of9dbySHPm2pecGA/9V72TG8f6+x
26WHJiEXh4HnREwYFn05F/zaMxiS9k2wdDJTyzXeyl9ZQb4j3Wlj7QuiJK69RtZc
XpKWSxTkbEjVZS5y7ESQlfNp9Z8t+MIIrkPiLfXFv8CD68/nJGuL1Qc6j+ekmeot
ktazBU9f5sQH5yerl9nu4E/qHDmO7WqhcOhtTGk9JUXA8haFe/X+er/8vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOCB0CRdu33F7zqGIg2d0wlgZYMMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQSXwP594
rKsCUdBes//gotMBHo556+cN9/VV/eawclE0g2AdoZYzxcxey6spDwUfpNQYk2p8
fuxmawaIw8mHNO1wDW1rU0wNOYV/Rc/7hpi8AjFZpybviKcWDA1U6l+2XTiGbcZk
eKv2o+SuYlmxa042bXdACOKHKdQvnIMxGVovdsKBOqr5Le/pO2e8oFRAK/h0vDKb
qVwhOc3m205hh4yDuOvwGFVMI4ZHFrNaDIn3L/4dX2w4VeKThnItSAI1C2cDKF5B
c9J/EDwfOhd5nTIxVyoONS9pnEQwvdLfgno+lPf9VhSkYlZmuSWlrzO8z5bv0ru6
O4P1uXHuczZMBg==
-----END CERTIFICATE-----