Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
File:                     XAAsRHm7TJbiI0OZznH1YDRSmdA.mft (raw, json)
Hash identifier:          dHfKN7V6bTG6EpPMC42owdpnilRPo22jz5tX7TG2A7A=
Subject key identifier:   B8:C7:D9:84:EC:34:40:60:8D:20:D0:BF:5C:13:D9:33:57:13:27:82
Authority key identifier: 5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0
Certificate issuer:       /CN=5c002c4479bb4c96e2234399ce71f560345299d0
Certificate serial:       0196B3D845ACA3CF3319C416776FBCCECE82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
Manifest number:          07C3
Signing time:             Fri 09 May 2025 07:00:17 +0000
Manifest this update:     Fri 09 May 2025 07:00:17 +0000
Manifest next update:     Sat 10 May 2025 07:00:17 +0000
Files and hashes:         1: XAAsRHm7TJbiI0OZznH1YDRSmdA.crl (hash: njqjUVUcg90POVkgkGKLBqUyLrN2wnjZPJFOL21YF30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b3:d8:45:ac:a3:cf:33:19:c4:16:77:6f:bc:ce:ce:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c002c4479bb4c96e2234399ce71f560345299d0
        Validity
            Not Before: May  9 07:00:17 2025 GMT
            Not After : May 10 07:00:17 2025 GMT
        Subject: CN=b8c7d984ec3440608d20d0bf5c13d93357132782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:8a:72:56:93:47:78:35:ab:ee:f1:0c:90:c1:
                    36:be:36:50:7e:de:91:dd:1e:bb:97:92:f2:5a:26:
                    28:1c:53:94:c7:0b:8e:7e:32:46:33:07:a5:f8:df:
                    02:3f:a8:98:b6:df:88:a3:0c:39:94:4c:8f:ee:a9:
                    c5:fd:e2:30:ed:86:8e:fc:3a:b0:45:33:07:df:ce:
                    b6:72:e2:a2:ce:52:40:45:4f:a6:32:e0:fe:5f:e3:
                    f9:62:e0:2c:05:37:68:d5:a6:c7:7d:a9:60:b7:1a:
                    cc:69:d3:23:40:de:f0:0f:0e:11:69:dd:75:10:ce:
                    cf:e4:99:2a:3e:f6:41:20:20:d9:88:db:c7:00:98:
                    72:e8:e5:61:93:c3:7a:76:ab:8d:6d:1b:ff:bc:ad:
                    eb:05:61:32:77:03:4d:6b:24:af:01:79:47:f8:7c:
                    f4:80:c5:e7:6a:8a:5c:2d:46:a9:61:82:92:e2:07:
                    27:d9:1d:a2:66:c6:b6:b7:5d:d9:32:af:bf:c3:33:
                    63:3c:67:9f:ce:9f:fd:d6:8b:c8:8a:2d:cc:3f:96:
                    cb:da:0e:38:bf:21:19:d1:6d:62:c0:21:14:01:1e:
                    15:2f:e1:e8:25:d5:9f:d0:03:38:92:8c:29:14:4e:
                    34:d0:f4:50:c3:99:1b:6d:a9:1d:d3:da:3b:10:8d:
                    bd:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:C7:D9:84:EC:34:40:60:8D:20:D0:BF:5C:13:D9:33:57:13:27:82
            X509v3 Authority Key Identifier:
                keyid:5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:8d:11:3a:00:2d:14:5a:f4:89:58:14:d1:1d:04:a6:6e:a3:
         db:82:58:01:be:60:a0:24:9a:96:25:b4:39:5d:56:08:fc:c3:
         c7:3c:cc:6a:72:39:1f:89:ab:40:59:77:1d:c5:a4:dc:4f:29:
         4d:9e:52:75:15:a7:eb:cf:d1:33:3f:70:52:5c:7d:16:b6:50:
         bb:b2:9a:57:f0:dc:66:2f:e3:bf:3e:23:e1:9f:8e:7e:6f:4b:
         8f:29:f4:97:5b:8d:18:94:43:f8:2d:30:8a:a2:87:b1:d3:80:
         e5:a4:c0:f3:91:9a:78:9d:78:01:1d:9e:ba:96:9e:48:c5:f6:
         b8:83:58:c2:a4:22:a3:fe:02:20:5a:08:57:6f:91:92:79:e2:
         74:5c:15:37:7f:0c:76:07:4f:84:c1:ac:08:71:a3:cc:88:38:
         ad:cb:cb:d8:6b:2d:71:a2:46:91:f4:aa:43:09:ef:71:82:70:
         c7:1a:36:6b:61:e3:3e:c3:ac:6a:35:71:93:d0:47:69:45:b3:
         f8:dc:33:22:34:12:b3:df:9b:e4:c0:99:87:3c:c9:20:2c:fd:
         17:42:d5:3a:63:a4:bb:80:c2:69:61:3d:cf:97:24:9e:b7:76:
         5f:bf:01:24:ce:64:03:48:d3:91:4e:de:de:d6:09:0c:0a:e8:
         be:4b:e7:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaz2EWso88zGcQWd2+8zs6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMDAyYzQ0NzliYjRjOTZlMjIzNDM5OWNlNzFmNTYwMzQ1
Mjk5ZDAwHhcNMjUwNTA5MDcwMDE3WhcNMjUwNTEwMDcwMDE3WjAzMTEwLwYDVQQD
EyhiOGM3ZDk4NGVjMzQ0MDYwOGQyMGQwYmY1YzEzZDkzMzU3MTMyNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YpyVpNHeDWr7vEMkME2vjZQft6R
3R67l5LyWiYoHFOUxwuOfjJGMwel+N8CP6iYtt+Ioww5lEyP7qnF/eIw7YaO/Dqw
RTMH3862cuKizlJARU+mMuD+X+P5YuAsBTdo1abHfalgtxrMadMjQN7wDw4Rad11
EM7P5JkqPvZBICDZiNvHAJhy6OVhk8N6dquNbRv/vK3rBWEydwNNaySvAXlH+Hz0
gMXnaopcLUapYYKS4gcn2R2iZsa2t13ZMq+/wzNjPGefzp/91ovIii3MP5bL2g44
vyEZ0W1iwCEUAR4VL+HoJdWf0AM4kowpFE400PRQw5kbbakd09o7EI29oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjH2YTsNEBgjSDQv1wT2TNXEyeCMB8GA1UdIwQY
MBaAFFwALER5u0yW4iNDmc5x9WA0UpnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYt
NzFjNTcwZGNiMGE0LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYtNzFjNTcwZGNiMGE0
LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIY0ROgAt
FFr0iVgU0R0Epm6j24JYAb5goCSaliW0OV1WCPzDxzzManI5H4mrQFl3HcWk3E8p
TZ5SdRWn68/RMz9wUlx9FrZQu7KaV/DcZi/jvz4j4Z+Ofm9Ljyn0l1uNGJRD+C0w
iqKHsdOA5aTA85GaeJ14AR2eupaeSMX2uINYwqQio/4CIFoIV2+RknnidFwVN38M
dgdPhMGsCHGjzIg4rcvL2GstcaJGkfSqQwnvcYJwxxo2a2HjPsOsajVxk9BHaUWz
+NwzIjQSs9+b5MCZhzzJICz9F0LVOmOku4DCaWE9z5cknrd2X78BJM5kA0jTkU7e
3tYJDArovkvnDw==
-----END CERTIFICATE-----