Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          DI1W5RUg2gRT/rHKU8f9Xhhs5QKnJcgCCbEwJFwpDPE=
Subject key identifier:   5B:08:4C:5D:E3:7A:1A:1C:36:A2:38:18:13:A3:10:89:A7:A2:23:4F
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       0196BBFFE1C075A6C4796383204A4ECE2189
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0B9A
Signing time:             Sat 10 May 2025 21:00:30 +0000
Manifest this update:     Sat 10 May 2025 21:00:30 +0000
Manifest next update:     Sun 11 May 2025 21:00:30 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: UfamYyiFpH24uOtKyPGh3rvkJY5FUsHuhg58A2YVCt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 21:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:ff:e1:c0:75:a6:c4:79:63:83:20:4a:4e:ce:21:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: May 10 21:00:30 2025 GMT
            Not After : May 11 21:00:30 2025 GMT
        Subject: CN=5b084c5de37a1a1c36a2381813a31089a7a2234f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b2:b8:3f:33:4f:f1:14:86:62:6d:4d:52:32:
                    95:0a:85:a4:92:7b:21:34:0a:be:a4:83:8f:9a:d8:
                    24:96:f7:1f:36:06:20:eb:2e:12:50:15:c9:ab:96:
                    c5:a4:77:00:ae:f3:81:15:18:9a:90:f6:60:6d:36:
                    04:c6:1e:40:14:31:8a:31:f0:c7:fe:c8:b3:39:b6:
                    e3:9d:14:bd:de:7b:72:25:2d:80:db:40:05:1a:90:
                    23:7c:9a:af:1a:55:0b:ee:89:bf:f7:97:96:6e:5d:
                    8a:a2:26:18:43:49:92:1b:62:62:82:0d:8c:2a:0b:
                    f9:79:f1:a8:ca:f7:84:2a:e5:38:7c:fa:ef:46:39:
                    55:2f:d9:1f:c9:80:8f:45:c1:67:13:88:5e:4a:e1:
                    89:55:f8:93:ed:53:a9:f2:21:a2:f9:4e:3c:09:ff:
                    7c:f2:cd:56:c1:17:3f:ce:b1:a2:c5:f3:40:97:43:
                    49:e7:9e:8a:57:82:b9:6a:95:07:7b:b3:bf:88:22:
                    fa:7c:0f:cf:f2:09:90:a7:2d:85:91:04:50:a8:40:
                    86:e9:fd:20:a5:a2:44:33:b6:f6:30:d3:5d:57:ba:
                    e8:1f:f5:c3:cd:7a:ac:8a:0a:0e:80:25:25:de:b2:
                    33:4e:9a:23:48:4f:9e:1a:4c:41:e5:56:24:b5:ff:
                    c6:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:08:4C:5D:E3:7A:1A:1C:36:A2:38:18:13:A3:10:89:A7:A2:23:4F
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:54:d9:7a:53:e7:32:ab:66:53:8d:5e:30:76:bc:b7:fd:25:
         a5:2e:07:a7:65:a6:4d:2b:fc:70:3a:93:5e:b1:b2:05:ce:f6:
         02:56:86:8d:80:21:3d:c2:02:5c:56:ed:7e:dd:1a:e2:00:54:
         73:aa:f3:46:a1:dd:91:3e:be:53:7f:b0:83:46:71:bc:05:82:
         87:e5:73:9b:52:e7:e4:4b:9c:28:56:7a:49:e8:9f:a5:41:54:
         82:4a:be:90:74:97:11:70:43:71:21:5b:ee:0d:99:d9:e5:06:
         0e:58:4e:22:da:ba:a7:31:69:f7:cb:81:3f:37:29:a1:f0:e9:
         50:4f:b8:ac:d6:45:4d:94:79:81:83:f0:63:ab:3b:f3:34:c7:
         4a:48:86:ab:30:16:a5:58:0c:96:61:40:ee:b1:f0:fc:a7:aa:
         b6:5a:46:7b:05:78:2a:89:58:e2:47:d8:82:5c:78:e5:b1:e9:
         b0:59:da:58:e0:e9:76:cb:07:0f:9c:81:74:72:12:df:dd:15:
         df:6e:3a:7f:d6:4f:89:5b:94:b8:2b:1a:ca:11:91:c2:6e:0f:
         4a:80:b1:2f:fc:10:0d:0e:f9:53:53:8c:04:30:7a:a6:f8:d4:
         2b:7c:76:90:c7:b8:0b:da:e4:da:e8:51:75:34:90:6a:3e:19:
         0f:78:22:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7/+HAdabEeWODIEpOziGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjUwNTEwMjEwMDMwWhcNMjUwNTExMjEwMDMwWjAzMTEwLwYDVQQD
Eyg1YjA4NGM1ZGUzN2ExYTFjMzZhMjM4MTgxM2EzMTA4OWE3YTIyMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbK4PzNP8RSGYm1NUjKVCoWkknsh
NAq+pIOPmtgklvcfNgYg6y4SUBXJq5bFpHcArvOBFRiakPZgbTYExh5AFDGKMfDH
/sizObbjnRS93ntyJS2A20AFGpAjfJqvGlUL7om/95eWbl2KoiYYQ0mSG2Jigg2M
Kgv5efGoyveEKuU4fPrvRjlVL9kfyYCPRcFnE4heSuGJVfiT7VOp8iGi+U48Cf98
8s1WwRc/zrGixfNAl0NJ556KV4K5apUHe7O/iCL6fA/P8gmQpy2FkQRQqECG6f0g
paJEM7b2MNNdV7roH/XDzXqsigoOgCUl3rIzTpojSE+eGkxB5VYktf/GPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsITF3jehocNqI4GBOjEImnoiNPMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAilTZelPn
MqtmU41eMHa8t/0lpS4Hp2WmTSv8cDqTXrGyBc72AlaGjYAhPcICXFbtft0a4gBU
c6rzRqHdkT6+U3+wg0ZxvAWCh+Vzm1Ln5EucKFZ6SeifpUFUgkq+kHSXEXBDcSFb
7g2Z2eUGDlhOItq6pzFp98uBPzcpofDpUE+4rNZFTZR5gYPwY6s78zTHSkiGqzAW
pVgMlmFA7rHw/KeqtlpGewV4KolY4kfYglx45bHpsFnaWODpdssHD5yBdHIS390V
3246f9ZPiVuUuCsayhGRwm4PSoCxL/wQDQ75U1OMBDB6pvjUK3x2kMe4C9rk2uhR
dTSQaj4ZD3gikQ==
-----END CERTIFICATE-----