Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
File:                     5cfDmlkS3cIen2tRmJZyV2ISeDM.mft (raw, json)
Hash identifier:          MB//lMNCszEGkKQ/+E+49J8n6lC+H1UVUPTkJUXlI00=
Subject key identifier:   64:AB:EA:F4:58:8D:11:A7:C5:9A:7D:1B:96:22:BB:B4:D3:CC:FF:2E
Authority key identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33
Certificate issuer:       /CN=e5c7c39a5912ddc21e9f6b519896725762127833
Certificate serial:       0197B88F69BD81F014906312BCBA8B2E0012
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
Manifest number:          0130
Signing time:             Sat 28 Jun 2025 22:01:35 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:35 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:35 +0000
Files and hashes:         1: 5cfDmlkS3cIen2tRmJZyV2ISeDM.crl (hash: wDU5ytAT9RUTS/VHyQDjaqt9qZTNZ6l6gDt7fIBPZFg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:69:bd:81:f0:14:90:63:12:bc:ba:8b:2e:00:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5c7c39a5912ddc21e9f6b519896725762127833
        Validity
            Not Before: Jun 28 22:01:35 2025 GMT
            Not After : Jun 29 22:01:35 2025 GMT
        Subject: CN=64abeaf4588d11a7c59a7d1b9622bbb4d3ccff2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:50:23:e2:3c:ae:46:0a:f0:72:8c:55:45:01:
                    1c:6e:80:0e:4f:19:20:86:0a:6c:46:e4:98:89:07:
                    21:1f:af:29:8f:e0:83:d8:5e:ae:73:95:22:ce:5d:
                    a2:39:6d:74:3e:a1:bd:fc:a2:24:0b:26:ba:a9:a8:
                    c9:12:9b:dd:87:ae:0f:69:6e:63:11:c2:56:67:32:
                    b9:77:7f:03:45:40:f9:0b:f8:7e:ff:75:b8:87:e9:
                    14:1b:ef:5b:7e:ee:c4:ea:a0:16:35:82:b8:f4:99:
                    57:3a:68:39:bf:25:59:0b:61:5e:01:d8:14:53:5e:
                    95:b0:03:a7:b9:7f:8f:69:de:99:c3:dc:d3:e6:ee:
                    2f:a4:0a:bd:9a:19:a1:a7:b1:b6:bf:20:7e:1f:e3:
                    84:56:2e:fa:93:cd:09:bc:22:95:30:f5:b3:1d:f3:
                    96:8e:37:6a:a3:3b:26:23:ed:38:b4:80:6f:37:02:
                    5e:17:2f:f6:b6:06:ef:2e:6f:5a:87:e8:ff:d1:36:
                    de:90:fb:99:c2:39:a4:cc:62:6b:c7:e1:f1:40:c5:
                    18:3b:22:33:55:52:29:30:5b:12:bd:37:26:4a:b8:
                    4b:c4:5b:87:83:38:ff:d5:6b:b9:51:62:17:65:fe:
                    57:1e:54:89:3d:95:a6:e5:14:15:18:94:fc:b5:5c:
                    58:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:AB:EA:F4:58:8D:11:A7:C5:9A:7D:1B:96:22:BB:B4:D3:CC:FF:2E
            X509v3 Authority Key Identifier:
                keyid:E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:90:b5:9a:9b:3e:23:b9:1d:54:a2:a6:7a:1b:d3:3e:d5:a2:
         50:a7:16:6a:4d:c7:d6:0b:97:16:e8:9a:07:d7:ca:d3:d6:e4:
         61:f7:81:b2:96:70:2e:6d:fe:96:73:68:0d:3a:bc:78:5e:e1:
         be:36:76:52:23:73:b5:bd:a5:bd:04:af:82:d0:bc:6d:1e:2d:
         3d:ab:e8:eb:c3:3a:1f:12:2e:bd:22:c9:c7:e0:f1:66:e5:18:
         15:22:6c:51:14:5c:20:41:4d:62:67:9b:e5:42:00:e0:d8:b4:
         cc:fd:d3:49:a3:d2:a4:e6:10:b2:f0:18:20:29:2a:cd:9b:e2:
         f1:95:68:64:9c:43:dd:e5:cc:44:32:dd:47:c3:1e:15:da:8c:
         fa:87:e7:73:8c:3a:2b:84:aa:b1:a0:c3:42:95:48:2b:e0:1b:
         c7:04:46:6d:23:f1:8e:51:2b:15:ab:d8:50:e3:2c:b1:d3:7f:
         41:13:bc:21:85:39:f8:92:39:64:ed:93:28:03:fe:63:6e:8f:
         d7:b4:b0:fc:93:29:38:c8:bd:b2:03:d8:e5:04:08:63:95:c8:
         72:e2:93:a8:ac:87:c3:08:1a:55:cf:4c:92:66:d3:54:4b:cf:
         b2:d8:e6:58:b5:55:f7:41:e0:2e:08:93:b5:66:ba:8a:97:b6:
         2f:f1:b6:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j2m9gfAUkGMSvLqLLgASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzdjMzlhNTkxMmRkYzIxZTlmNmI1MTk4OTY3MjU3NjIx
Mjc4MzMwHhcNMjUwNjI4MjIwMTM1WhcNMjUwNjI5MjIwMTM1WjAzMTEwLwYDVQQD
Eyg2NGFiZWFmNDU4OGQxMWE3YzU5YTdkMWI5NjIyYmJiNGQzY2NmZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VAj4jyuRgrwcoxVRQEcboAOTxkg
hgpsRuSYiQchH68pj+CD2F6uc5Uizl2iOW10PqG9/KIkCya6qajJEpvdh64PaW5j
EcJWZzK5d38DRUD5C/h+/3W4h+kUG+9bfu7E6qAWNYK49JlXOmg5vyVZC2FeAdgU
U16VsAOnuX+Pad6Zw9zT5u4vpAq9mhmhp7G2vyB+H+OEVi76k80JvCKVMPWzHfOW
jjdqozsmI+04tIBvNwJeFy/2tgbvLm9ah+j/0TbekPuZwjmkzGJrx+HxQMUYOyIz
VVIpMFsSvTcmSrhLxFuHgzj/1Wu5UWIXZf5XHlSJPZWm5RQVGJT8tVxYoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSr6vRYjRGnxZp9G5Yiu7TTzP8uMB8GA1UdIwQY
MBaAFOXHw5pZEt3CHp9rUZiWcldiEngzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQt
MzhmODY0YTM0Yjc4LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQtMzhmODY0YTM0Yjc4
LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaZC1mps+
I7kdVKKmehvTPtWiUKcWak3H1guXFuiaB9fK09bkYfeBspZwLm3+lnNoDTq8eF7h
vjZ2UiNztb2lvQSvgtC8bR4tPavo68M6HxIuvSLJx+DxZuUYFSJsURRcIEFNYmeb
5UIA4Ni0zP3TSaPSpOYQsvAYICkqzZvi8ZVoZJxD3eXMRDLdR8MeFdqM+ofnc4w6
K4SqsaDDQpVIK+AbxwRGbSPxjlErFavYUOMssdN/QRO8IYU5+JI5ZO2TKAP+Y26P
17Sw/JMpOMi9sgPY5QQIY5XIcuKTqKyHwwgaVc9MkmbTVEvPstjmWLVV90HgLgiT
tWa6ipe2L/G2jA==
-----END CERTIFICATE-----