Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft
File:                     XJF3tPVOZX44dlbmc6-MDuCmCRc.mft (raw, json)
Hash identifier:          mvQNPoT9z6Nx2wHXM62CcoMoIpXjBkmybbEz/1pBRB8=
Subject key identifier:   0C:32:31:42:0A:8E:4E:E9:E6:9E:D9:A5:B5:B7:FF:FD:48:5B:2F:09
Authority key identifier: 5C:91:77:B4:F5:4E:65:7E:38:76:56:E6:73:AF:8C:0E:E0:A6:09:17
Certificate issuer:       /CN=5c9177b4f54e657e387656e673af8c0ee0a60917
Certificate serial:       0196B8237625A47EB0321BCE19FC9D3697FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XJF3tPVOZX44dlbmc6-MDuCmCRc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft
Manifest number:          D8
Signing time:             Sat 10 May 2025 03:00:53 +0000
Manifest this update:     Sat 10 May 2025 03:00:53 +0000
Manifest next update:     Sun 11 May 2025 03:00:53 +0000
Files and hashes:         1: XJF3tPVOZX44dlbmc6-MDuCmCRc.crl (hash: 4W47j9bK8Y1A7K6ZPStFtF0DnzLbCEPOU2JlJC4XsOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XJF3tPVOZX44dlbmc6-MDuCmCRc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 03:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:23:76:25:a4:7e:b0:32:1b:ce:19:fc:9d:36:97:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c9177b4f54e657e387656e673af8c0ee0a60917
        Validity
            Not Before: May 10 03:00:53 2025 GMT
            Not After : May 11 03:00:53 2025 GMT
        Subject: CN=0c3231420a8e4ee9e69ed9a5b5b7fffd485b2f09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0c:9d:48:2e:9e:bb:bb:fe:84:bd:93:64:0f:
                    ba:22:e5:3a:16:d1:46:e3:e4:a1:f1:d7:f8:1b:87:
                    ae:d1:56:0a:c8:92:ef:12:c7:16:0d:c9:54:82:38:
                    7b:27:18:ea:5b:26:f7:ab:35:36:19:f0:b4:20:48:
                    f7:b1:6f:63:3d:75:69:0f:e5:25:97:2c:37:a8:66:
                    2d:f2:13:fa:f4:a3:a2:8b:56:7d:23:b3:e2:f5:95:
                    c8:2e:86:60:20:a6:c1:7c:f4:1a:df:09:da:f3:6d:
                    f3:2a:ca:45:0b:66:17:54:79:1d:85:32:36:9b:94:
                    f6:23:0f:13:f8:70:51:4d:54:77:e5:7e:6c:62:f4:
                    c6:4a:1c:4e:a3:b5:7e:22:8a:9e:09:19:56:e6:d6:
                    f5:ff:ff:42:a8:30:62:e2:9c:9e:0d:bd:81:9d:07:
                    8d:6b:b9:07:e6:a5:cb:c6:ee:71:df:54:00:52:51:
                    83:a5:78:61:8f:60:58:46:82:aa:c5:78:4c:da:45:
                    1b:58:46:4c:17:bd:a4:50:c7:17:c5:0a:a7:1e:0f:
                    d3:13:8b:aa:3f:11:b4:85:e3:d1:ac:9c:fd:95:d6:
                    42:82:46:30:16:56:c3:2f:a2:9a:c0:95:f1:9a:df:
                    29:2a:42:bb:e0:02:02:29:86:e4:aa:61:c2:47:e2:
                    7c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:32:31:42:0A:8E:4E:E9:E6:9E:D9:A5:B5:B7:FF:FD:48:5B:2F:09
            X509v3 Authority Key Identifier:
                keyid:5C:91:77:B4:F5:4E:65:7E:38:76:56:E6:73:AF:8C:0E:E0:A6:09:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XJF3tPVOZX44dlbmc6-MDuCmCRc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:84:5c:62:81:4e:3b:e3:cd:1d:76:b3:74:c6:80:61:4a:ea:
         7c:76:59:cd:e9:25:6a:e4:ec:02:57:40:ba:a4:01:d1:d6:0b:
         5d:03:2c:12:0b:41:87:eb:fc:41:0c:80:bd:7e:3b:9a:a0:13:
         75:3f:0d:af:cf:99:55:94:36:d5:85:84:6f:eb:e8:ea:6e:a9:
         46:98:55:8c:5d:2a:cd:db:de:94:a9:c4:06:80:2b:9e:7e:53:
         c2:39:a5:38:2d:4c:d1:98:fc:3f:c6:40:b7:93:04:6d:55:5b:
         a9:c6:b7:48:5a:32:11:c8:12:e2:ab:ad:32:b0:d6:00:7b:63:
         ea:ef:e0:47:ed:7a:9b:a0:fe:a1:d4:5e:e3:c7:91:39:7e:c0:
         13:ef:1e:57:b8:42:68:85:af:fa:0a:ed:86:fe:96:2c:7d:24:
         69:49:1f:cb:a0:9b:79:9c:56:e3:bd:4e:26:95:7b:25:59:a1:
         a5:f2:1d:a2:92:fb:03:68:c7:84:b4:6f:32:21:f9:28:51:09:
         aa:6e:82:cf:9f:f8:8c:6c:7c:f5:1c:e5:39:95:3d:76:47:14:
         a6:59:b4:f3:f8:76:ac:d4:47:45:b4:73:14:7f:9d:a2:cb:d6:
         74:53:25:05:ed:c5:0e:76:a5:b4:26:5c:14:31:8b:af:08:1a:
         21:af:c7:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4I3YlpH6wMhvOGfydNpf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjOTE3N2I0ZjU0ZTY1N2UzODc2NTZlNjczYWY4YzBlZTBh
NjA5MTcwHhcNMjUwNTEwMDMwMDUzWhcNMjUwNTExMDMwMDUzWjAzMTEwLwYDVQQD
EygwYzMyMzE0MjBhOGU0ZWU5ZTY5ZWQ5YTViNWI3ZmZmZDQ4NWIyZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwydSC6eu7v+hL2TZA+6IuU6FtFG
4+Sh8df4G4eu0VYKyJLvEscWDclUgjh7JxjqWyb3qzU2GfC0IEj3sW9jPXVpD+Ul
lyw3qGYt8hP69KOii1Z9I7Pi9ZXILoZgIKbBfPQa3wna823zKspFC2YXVHkdhTI2
m5T2Iw8T+HBRTVR35X5sYvTGShxOo7V+IoqeCRlW5tb1//9CqDBi4pyeDb2BnQeN
a7kH5qXLxu5x31QAUlGDpXhhj2BYRoKqxXhM2kUbWEZMF72kUMcXxQqnHg/TE4uq
PxG0hePRrJz9ldZCgkYwFlbDL6KawJXxmt8pKkK74AICKYbkqmHCR+J8twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwyMUIKjk7p5p7ZpbW3//1IWy8JMB8GA1UdIwQY
MBaAFFyRd7T1TmV+OHZW5nOvjA7gpgkXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEpGM3RQVk9aWDQ0ZGxibWM2LU1EdUNtQ1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9jYTUyZjAtZDNiMy00MmM1LThhN2It
NmRjMzY5ZGZmNTNmLzEvWEpGM3RQVk9aWDQ0ZGxibWM2LU1EdUNtQ1JjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9jYTUyZjAtZDNiMy00MmM1LThhN2ItNmRjMzY5ZGZmNTNm
LzEvWEpGM3RQVk9aWDQ0ZGxibWM2LU1EdUNtQ1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARoRcYoFO
O+PNHXazdMaAYUrqfHZZzeklauTsAldAuqQB0dYLXQMsEgtBh+v8QQyAvX47mqAT
dT8Nr8+ZVZQ21YWEb+vo6m6pRphVjF0qzdvelKnEBoArnn5TwjmlOC1M0Zj8P8ZA
t5MEbVVbqca3SFoyEcgS4qutMrDWAHtj6u/gR+16m6D+odRe48eROX7AE+8eV7hC
aIWv+grthv6WLH0kaUkfy6CbeZxW471OJpV7JVmhpfIdopL7A2jHhLRvMiH5KFEJ
qm6Cz5/4jGx89RzlOZU9dkcUplm08/h2rNRHRbRzFH+dosvWdFMlBe3FDnaltCZc
FDGLrwgaIa/HPg==
-----END CERTIFICATE-----