Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
File:                     kXWIXPl40u9mE3YhRTC57WjFtFg.mft (raw, json)
Hash identifier:          lRo4VVEtQAKroNGSKhJzZYxaXCHHWOEDwvNPFNoIneU=
Subject key identifier:   2B:41:97:47:4D:FF:4F:AF:FE:59:4C:27:44:DF:26:7E:96:99:F8:5F
Authority key identifier: 91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58
Certificate issuer:       /CN=9175885cf978d2ef661376214530b9ed68c5b458
Certificate serial:       0196BB5B31B7CC0B19264CEB97C871D2F3DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
Manifest number:          0850
Signing time:             Sat 10 May 2025 18:00:37 +0000
Manifest this update:     Sat 10 May 2025 18:00:37 +0000
Manifest next update:     Sun 11 May 2025 18:00:37 +0000
Files and hashes:         1: kXWIXPl40u9mE3YhRTC57WjFtFg.crl (hash: KVcbpsAwuSNpPi6IN/TLW0uOlg5eDakFTw5t6mjXq0Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:5b:31:b7:cc:0b:19:26:4c:eb:97:c8:71:d2:f3:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9175885cf978d2ef661376214530b9ed68c5b458
        Validity
            Not Before: May 10 18:00:37 2025 GMT
            Not After : May 11 18:00:37 2025 GMT
        Subject: CN=2b4197474dff4faffe594c2744df267e9699f85f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:99:48:a7:92:c5:b8:52:2e:04:0b:2e:6b:db:
                    eb:b3:02:56:df:40:b5:e2:e6:76:d3:ce:95:56:e5:
                    f7:a2:ad:ed:21:6e:28:c5:31:7e:e2:81:1a:75:fc:
                    25:ad:f9:12:c0:54:a1:6e:14:46:85:32:fa:e3:b0:
                    74:57:b2:fd:1e:12:e7:75:07:84:cb:ba:04:26:f0:
                    ef:1b:77:c1:51:5b:50:75:b4:a9:c7:99:f5:b6:a8:
                    21:41:15:37:19:28:d9:48:49:35:3b:14:7f:be:ba:
                    d4:2b:50:84:66:c6:1f:da:35:ae:a1:a9:9a:15:b5:
                    db:68:24:e8:88:50:b4:bd:91:39:f6:55:1a:6c:93:
                    07:bf:34:c8:fd:78:f4:32:e3:06:3a:48:5e:3e:67:
                    8c:b3:bb:c9:a7:df:b1:4b:bc:15:10:8f:00:b2:b1:
                    c2:a0:4f:2c:06:26:e0:20:4d:9d:94:63:57:b0:a0:
                    0e:28:53:f8:f4:ff:bc:8c:9d:ce:59:ff:a2:da:66:
                    b9:48:db:ee:a7:5f:fc:0f:ed:7d:b1:7f:2f:8b:32:
                    f4:63:e5:06:51:86:ea:50:0c:8f:3e:19:31:62:1d:
                    63:30:2a:a2:f3:23:1b:9f:a6:7f:c5:19:02:70:7b:
                    cf:36:46:49:bf:55:74:c7:d7:9c:86:40:e9:08:39:
                    c4:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:41:97:47:4D:FF:4F:AF:FE:59:4C:27:44:DF:26:7E:96:99:F8:5F
            X509v3 Authority Key Identifier:
                keyid:91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:22:ac:14:4f:ed:bb:91:67:08:21:e5:1a:86:b8:f7:53:ec:
         44:01:01:0e:a2:3e:ac:9e:6b:4c:ec:a2:8a:be:5b:95:5e:9f:
         fd:e0:60:df:34:63:81:40:9c:d9:a7:21:dd:dd:9e:90:2c:ca:
         02:fd:49:36:3d:4e:f2:d7:7e:dc:88:f1:1f:84:19:d3:c7:ed:
         2b:63:2d:a6:a7:a4:a9:f1:f8:ac:da:6a:18:08:1c:33:f8:11:
         40:40:79:1f:99:5b:f8:5b:b2:03:d8:8c:2c:b1:8b:13:7b:2b:
         11:fd:95:f2:1f:b3:68:e9:b1:51:c9:39:95:90:dc:f6:57:70:
         70:c2:36:2c:b8:85:b0:84:db:2b:19:55:e1:24:ae:ec:ed:9e:
         c0:3d:2c:57:29:e1:f8:7b:ae:0c:22:bc:c4:e3:08:34:fe:b6:
         36:e6:6b:c9:b9:f8:58:5b:1c:e7:2f:17:86:22:12:d6:44:8c:
         f9:91:f7:f3:56:f4:91:18:0b:69:80:76:39:e8:85:47:1e:23:
         4a:70:1f:e7:73:5e:c6:e6:eb:96:57:dd:4d:d7:5e:e8:1e:59:
         bd:53:ba:d1:75:85:45:ed:c3:2f:45:95:62:88:92:c9:92:a2:
         71:14:25:c8:c6:35:46:91:aa:fe:41:13:fc:cb:98:96:23:b0:
         e0:a6:6a:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7WzG3zAsZJkzrl8hx0vPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzU4ODVjZjk3OGQyZWY2NjEzNzYyMTQ1MzBiOWVkNjhj
NWI0NTgwHhcNMjUwNTEwMTgwMDM3WhcNMjUwNTExMTgwMDM3WjAzMTEwLwYDVQQD
EygyYjQxOTc0NzRkZmY0ZmFmZmU1OTRjMjc0NGRmMjY3ZTk2OTlmODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5lIp5LFuFIuBAsua9vrswJW30C1
4uZ2086VVuX3oq3tIW4oxTF+4oEadfwlrfkSwFShbhRGhTL647B0V7L9HhLndQeE
y7oEJvDvG3fBUVtQdbSpx5n1tqghQRU3GSjZSEk1OxR/vrrUK1CEZsYf2jWuoama
FbXbaCToiFC0vZE59lUabJMHvzTI/Xj0MuMGOkhePmeMs7vJp9+xS7wVEI8AsrHC
oE8sBibgIE2dlGNXsKAOKFP49P+8jJ3OWf+i2ma5SNvup1/8D+19sX8vizL0Y+UG
UYbqUAyPPhkxYh1jMCqi8yMbn6Z/xRkCcHvPNkZJv1V0x9echkDpCDnEPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtBl0dN/0+v/llMJ0TfJn6WmfhfMB8GA1UdIwQY
MBaAFJF1iFz5eNLvZhN2IUUwue1oxbRYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQt
MWI5NTgxOWNmYzljLzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQtMWI5NTgxOWNmYzlj
LzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOyKsFE/t
u5FnCCHlGoa491PsRAEBDqI+rJ5rTOyiir5blV6f/eBg3zRjgUCc2ach3d2ekCzK
Av1JNj1O8td+3IjxH4QZ08ftK2MtpqekqfH4rNpqGAgcM/gRQEB5H5lb+FuyA9iM
LLGLE3srEf2V8h+zaOmxUck5lZDc9ldwcMI2LLiFsITbKxlV4SSu7O2ewD0sVynh
+HuuDCK8xOMINP62NuZrybn4WFsc5y8XhiIS1kSM+ZH381b0kRgLaYB2OeiFRx4j
SnAf53NexubrllfdTdde6B5ZvVO60XWFRe3DL0WVYoiSyZKicRQlyMY1RpGq/kET
/MuYliOw4KZqaw==
-----END CERTIFICATE-----