Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          YQrju7GWVbkbKLojanGiCQMewPD0udBrqxw2EkHR75g=
Subject key identifier:   EB:1E:67:FF:98:46:A2:E4:91:56:48:D9:83:70:38:08:F7:81:05:50
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       0196BD809094A4E52FFED50810B921D3D14D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0B71
Signing time:             Sun 11 May 2025 04:00:41 +0000
Manifest this update:     Sun 11 May 2025 04:00:41 +0000
Manifest next update:     Mon 12 May 2025 04:00:41 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: y1tap2GeCdCD/giTuC1Dd+OQdwUVD2+kmOBoiZD5YSk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 04:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:80:90:94:a4:e5:2f:fe:d5:08:10:b9:21:d3:d1:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: May 11 04:00:41 2025 GMT
            Not After : May 12 04:00:41 2025 GMT
        Subject: CN=eb1e67ff9846a2e4915648d983703808f7810550
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:76:2f:6d:60:6a:c6:6e:f6:84:09:65:54:d3:
                    1d:92:fd:1e:f4:99:0d:7c:75:6e:0b:85:5f:8e:14:
                    80:f8:07:3c:ba:c8:a5:f0:59:31:89:fa:de:49:18:
                    e4:b6:b9:53:fb:9c:fc:48:5d:0e:72:e9:b5:18:ac:
                    2a:bb:f1:03:8a:f3:c9:85:14:4f:66:c3:d6:67:ee:
                    bb:5b:69:21:5c:41:84:85:91:32:cd:e0:44:eb:08:
                    eb:c2:e6:25:da:2e:e8:5d:da:6c:c2:05:1a:6a:ff:
                    db:eb:21:62:42:0b:d3:69:ab:ae:98:ed:a0:71:23:
                    01:b1:65:05:2f:37:dd:e1:9f:03:19:8f:88:49:d6:
                    fb:1a:39:ae:51:7c:3e:db:fc:25:63:34:b1:f7:7b:
                    06:28:90:cb:04:ec:fe:51:14:d2:aa:5f:f2:9c:1c:
                    09:34:08:b3:d6:25:d2:e5:4c:75:b8:47:3a:e3:35:
                    c4:9f:52:6a:0a:63:bf:07:bf:cf:3c:b6:ef:9e:a2:
                    6f:61:d0:ba:3b:bb:72:fc:74:b9:0f:6f:cf:44:4f:
                    47:34:b5:fa:c5:19:c6:f9:bf:9e:e3:b5:32:b0:2c:
                    6b:de:9a:c9:39:7a:d6:a3:cb:c8:25:03:a5:8e:c1:
                    92:73:fc:ba:dc:99:0e:d2:50:a4:6c:b3:74:54:f0:
                    2a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:1E:67:FF:98:46:A2:E4:91:56:48:D9:83:70:38:08:F7:81:05:50
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:1e:46:44:3e:bd:1b:bc:de:62:b2:7b:b6:49:11:e7:7a:5e:
         72:4e:20:ad:7a:39:b4:58:ae:bb:7b:3c:bf:31:b0:81:50:c7:
         2c:06:32:65:2e:5f:f4:c3:5f:0b:04:cc:de:3c:8b:d9:e8:55:
         cf:8b:87:96:9e:a7:ed:e5:4b:21:21:26:c6:48:6b:59:2f:53:
         60:73:d2:e8:21:e4:6a:91:30:e2:ad:0d:10:a4:1f:c1:a0:8c:
         32:e4:15:4a:32:fd:ed:d0:6a:76:33:3e:92:92:bd:cb:fb:c0:
         d9:65:fb:3f:6b:1b:56:08:78:6e:0e:42:e5:53:94:a5:ce:8b:
         3a:5d:1d:ca:d2:78:1b:50:ec:0c:54:d0:88:e7:5c:e5:15:30:
         bb:1f:64:ec:16:16:70:76:cc:2d:05:b4:fc:36:dc:24:6e:8a:
         05:31:4d:c3:e6:64:b0:f6:0c:26:5b:fb:a5:66:6a:2a:52:15:
         22:98:ee:1b:f0:91:ca:32:4e:52:1b:e7:0e:a8:99:6e:66:b2:
         9a:94:75:55:b8:c3:9b:46:73:a6:a4:5b:82:9b:e4:e0:af:c8:
         07:45:06:60:0e:4b:2a:d1:44:5e:4a:94:dd:ce:12:88:72:4c:
         0d:89:9e:20:54:60:b5:d8:7d:31:e1:1c:06:ad:a1:5a:6e:79:
         a3:ac:b7:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gJCUpOUv/tUIELkh09FNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUwNTExMDQwMDQxWhcNMjUwNTEyMDQwMDQxWjAzMTEwLwYDVQQD
EyhlYjFlNjdmZjk4NDZhMmU0OTE1NjQ4ZDk4MzcwMzgwOGY3ODEwNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXYvbWBqxm72hAllVNMdkv0e9JkN
fHVuC4VfjhSA+Ac8usil8FkxifreSRjktrlT+5z8SF0Ocum1GKwqu/EDivPJhRRP
ZsPWZ+67W2khXEGEhZEyzeBE6wjrwuYl2i7oXdpswgUaav/b6yFiQgvTaauumO2g
cSMBsWUFLzfd4Z8DGY+ISdb7GjmuUXw+2/wlYzSx93sGKJDLBOz+URTSql/ynBwJ
NAiz1iXS5Ux1uEc64zXEn1JqCmO/B7/PPLbvnqJvYdC6O7ty/HS5D2/PRE9HNLX6
xRnG+b+e47UysCxr3prJOXrWo8vIJQOljsGSc/y63JkO0lCkbLN0VPAqYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOseZ/+YRqLkkVZI2YNwOAj3gQVQMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANh5GRD69
G7zeYrJ7tkkR53peck4grXo5tFiuu3s8vzGwgVDHLAYyZS5f9MNfCwTM3jyL2ehV
z4uHlp6n7eVLISEmxkhrWS9TYHPS6CHkapEw4q0NEKQfwaCMMuQVSjL97dBqdjM+
kpK9y/vA2WX7P2sbVgh4bg5C5VOUpc6LOl0dytJ4G1DsDFTQiOdc5RUwux9k7BYW
cHbMLQW0/DbcJG6KBTFNw+ZksPYMJlv7pWZqKlIVIpjuG/CRyjJOUhvnDqiZbmay
mpR1VbjDm0ZzpqRbgpvk4K/IB0UGYA5LKtFEXkqU3c4SiHJMDYmeIFRgtdh9MeEc
Bq2hWm55o6y37w==
-----END CERTIFICATE-----