Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
File:                     cegLwpz58rQKwwJOD3I126LVelQ.mft (raw, json)
Hash identifier:          wwNqPAL4UsJLJg8puidnHE+SJizPhJi17dLkT8NMCwM=
Subject key identifier:   7A:EF:E9:2C:E3:A6:79:19:F4:E2:FE:A7:A8:3E:E3:C4:08:6E:4B:62
Authority key identifier: 71:E8:0B:C2:9C:F9:F2:B4:0A:C3:02:4E:0F:72:35:DB:A2:D5:7A:54
Certificate issuer:       /CN=71e80bc29cf9f2b40ac3024e0f7235dba2d57a54
Certificate serial:       0196C5DEDC0D6A2D9FFAB20BA4CD2104C67A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
Manifest number:          0487
Signing time:             Mon 12 May 2025 19:00:38 +0000
Manifest this update:     Mon 12 May 2025 19:00:38 +0000
Manifest next update:     Tue 13 May 2025 19:00:38 +0000
Files and hashes:         1: cegLwpz58rQKwwJOD3I126LVelQ.crl (hash: Xv1kv+QwPgF3PBPY9O1j/4XT33H7NrfE4spm2eiJgBc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 19:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:de:dc:0d:6a:2d:9f:fa:b2:0b:a4:cd:21:04:c6:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71e80bc29cf9f2b40ac3024e0f7235dba2d57a54
        Validity
            Not Before: May 12 19:00:38 2025 GMT
            Not After : May 13 19:00:38 2025 GMT
        Subject: CN=7aefe92ce3a67919f4e2fea7a83ee3c4086e4b62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e4:1c:b0:9b:48:de:7d:3c:1f:bc:eb:7d:c5:
                    ca:11:25:9e:b4:ee:1b:b3:76:ca:c0:07:c6:2c:dc:
                    38:e5:05:31:19:df:aa:75:ec:df:d5:0c:ff:54:4b:
                    2d:21:99:6e:93:e7:1d:33:2c:03:4d:3b:f5:dd:b5:
                    1f:40:47:b8:6e:81:15:01:e5:78:ae:eb:cc:b8:09:
                    7a:14:06:ad:86:9f:ec:02:15:27:d1:09:6a:da:4b:
                    86:ed:ea:2b:36:32:d5:41:15:06:24:30:26:ba:7c:
                    2c:b2:52:d4:2e:15:31:2d:81:f8:56:fd:17:6f:82:
                    14:4c:0a:94:68:77:e6:6b:b6:9f:79:06:f0:23:28:
                    fd:5b:8f:d3:56:c0:d7:93:c6:46:ca:19:ac:ea:5a:
                    34:99:1d:bf:dd:72:3f:71:66:04:c1:b6:04:30:bf:
                    23:27:ad:3b:f5:df:26:3d:81:86:73:5c:c3:95:88:
                    67:8c:cf:5c:67:9d:cb:fa:fb:0a:d2:77:60:24:27:
                    3c:0a:1f:81:a7:96:ab:02:77:36:38:62:a4:fd:92:
                    b5:b9:3a:7c:69:e1:5a:e5:5b:fd:f2:26:00:45:a3:
                    7e:9a:12:90:db:96:22:89:ef:c0:b0:60:fd:a4:29:
                    fc:51:02:e1:82:d8:4d:37:de:6f:88:d1:c7:0f:f5:
                    ef:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:EF:E9:2C:E3:A6:79:19:F4:E2:FE:A7:A8:3E:E3:C4:08:6E:4B:62
            X509v3 Authority Key Identifier:
                keyid:71:E8:0B:C2:9C:F9:F2:B4:0A:C3:02:4E:0F:72:35:DB:A2:D5:7A:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cegLwpz58rQKwwJOD3I126LVelQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f50353-f4e8-4f60-ae16-7247304fb15f/1/cegLwpz58rQKwwJOD3I126LVelQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:91:85:76:90:13:55:44:f9:a0:fc:48:53:be:6e:7a:7a:f5:
         6d:0f:52:fe:32:40:43:f9:14:e3:cb:f5:8d:a9:69:0c:de:0f:
         ba:95:45:39:99:23:6a:90:b6:0d:1b:07:46:87:52:37:9b:2a:
         62:b4:dd:e2:af:d6:66:83:ad:61:76:86:fb:11:e3:3e:27:ae:
         11:e4:57:fe:63:1f:26:c9:4b:09:40:39:d1:48:4a:14:06:fe:
         1d:9b:d5:14:ef:ce:32:87:2d:a0:81:5b:e5:52:42:e1:aa:cf:
         84:ff:ce:e4:fb:4c:2f:d1:05:4d:eb:92:62:dc:75:62:ab:b2:
         56:47:df:2c:cf:df:f7:79:7e:d0:62:e5:2d:15:b0:ac:29:e8:
         fc:d7:cc:c0:63:9a:39:03:3e:f4:f4:20:1a:9a:ac:fe:12:26:
         aa:bf:13:45:27:2a:9f:7b:55:b9:2e:43:a6:91:38:07:27:1d:
         5b:30:05:87:cb:ab:10:47:c3:8c:32:7c:3d:1e:30:69:e2:37:
         bb:1f:21:dd:6a:43:79:75:4b:2b:21:e8:6e:67:35:a6:3e:4d:
         49:32:66:52:8a:1f:08:24:0c:e4:6a:4f:24:1f:d6:9e:ac:d6:
         b6:6b:4a:21:16:45:83:99:cd:81:58:4d:d2:82:98:fa:fd:e5:
         24:ae:44:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbF3twNai2f+rILpM0hBMZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZTgwYmMyOWNmOWYyYjQwYWMzMDI0ZTBmNzIzNWRiYTJk
NTdhNTQwHhcNMjUwNTEyMTkwMDM4WhcNMjUwNTEzMTkwMDM4WjAzMTEwLwYDVQQD
Eyg3YWVmZTkyY2UzYTY3OTE5ZjRlMmZlYTdhODNlZTNjNDA4NmU0YjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuQcsJtI3n08H7zrfcXKESWetO4b
s3bKwAfGLNw45QUxGd+qdezf1Qz/VEstIZluk+cdMywDTTv13bUfQEe4boEVAeV4
ruvMuAl6FAathp/sAhUn0Qlq2kuG7eorNjLVQRUGJDAmunwsslLULhUxLYH4Vv0X
b4IUTAqUaHfma7afeQbwIyj9W4/TVsDXk8ZGyhms6lo0mR2/3XI/cWYEwbYEML8j
J6079d8mPYGGc1zDlYhnjM9cZ53L+vsK0ndgJCc8Ch+Bp5arAnc2OGKk/ZK1uTp8
aeFa5Vv98iYARaN+mhKQ25Yiie/AsGD9pCn8UQLhgthNN95viNHHD/XvYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrv6SzjpnkZ9OL+p6g+48QIbktiMB8GA1UdIwQY
MBaAFHHoC8Kc+fK0CsMCTg9yNdui1XpUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mNTAzNTMtZjRlOC00ZjYwLWFlMTYt
NzI0NzMwNGZiMTVmLzEvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mNTAzNTMtZjRlOC00ZjYwLWFlMTYtNzI0NzMwNGZiMTVm
LzEvY2VnTHdwejU4clFLd3dKT0QzSTEyNkxWZWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpGFdpAT
VUT5oPxIU75uenr1bQ9S/jJAQ/kU48v1jalpDN4PupVFOZkjapC2DRsHRodSN5sq
YrTd4q/WZoOtYXaG+xHjPieuEeRX/mMfJslLCUA50UhKFAb+HZvVFO/OMoctoIFb
5VJC4arPhP/O5PtML9EFTeuSYtx1YquyVkffLM/f93l+0GLlLRWwrCno/NfMwGOa
OQM+9PQgGpqs/hImqr8TRScqn3tVuS5DppE4BycdWzAFh8urEEfDjDJ8PR4waeI3
ux8h3WpDeXVLKyHobmc1pj5NSTJmUoofCCQM5GpPJB/WnqzWtmtKIRZFg5nNgVhN
0oKY+v3lJK5ECQ==
-----END CERTIFICATE-----