Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
File:                     5cfDmlkS3cIen2tRmJZyV2ISeDM.mft (raw, json)
Hash identifier:          5iX2vkUWZfKePCQCVyVVtdecq70nmDu/AX2PYx4nmxk=
Subject key identifier:   15:28:C2:5B:30:5C:D9:EE:05:29:B2:17:DA:83:E7:C8:B6:3D:68:0B
Authority key identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33
Certificate issuer:       /CN=e5c7c39a5912ddc21e9f6b519896725762127833
Certificate serial:       0196BB5AEF0AF0092AA8A45C16C600EEC36A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
Manifest number:          AD
Signing time:             Sat 10 May 2025 18:00:20 +0000
Manifest this update:     Sat 10 May 2025 18:00:20 +0000
Manifest next update:     Sun 11 May 2025 18:00:20 +0000
Files and hashes:         1: 5cfDmlkS3cIen2tRmJZyV2ISeDM.crl (hash: Gg1xtjpVIsPZAKGhkCovObksvsx4jOZXQK5y9FCesxo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:5a:ef:0a:f0:09:2a:a8:a4:5c:16:c6:00:ee:c3:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5c7c39a5912ddc21e9f6b519896725762127833
        Validity
            Not Before: May 10 18:00:20 2025 GMT
            Not After : May 11 18:00:20 2025 GMT
        Subject: CN=1528c25b305cd9ee0529b217da83e7c8b63d680b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:e8:79:42:25:da:07:48:15:da:68:be:d7:e4:
                    69:17:26:3a:37:91:32:b0:61:63:7f:dd:32:77:70:
                    ea:85:7e:36:ff:f1:df:7b:33:2b:ee:ec:6a:0f:31:
                    d6:ff:00:95:cd:06:4f:e9:9c:aa:1c:ad:5a:dd:40:
                    e8:7f:64:27:22:c3:b7:4f:fa:d3:55:36:95:08:e1:
                    ad:fd:d8:db:a4:c3:8c:ad:16:56:3f:13:c3:67:7c:
                    8d:06:81:a0:63:9a:c7:fa:e6:20:94:87:43:62:a8:
                    be:71:b0:57:e0:c1:10:80:41:08:c9:6f:89:2e:f7:
                    a2:36:5f:71:55:46:e1:ce:2f:21:22:c8:25:c7:c7:
                    0a:ee:be:30:ae:3c:3b:3b:df:2f:2f:e6:fb:ee:5f:
                    5f:2d:f5:1f:82:82:be:8e:b1:ca:cb:0a:66:4c:11:
                    32:2e:ff:59:ae:04:39:b9:05:05:58:6b:a6:40:af:
                    95:bd:ee:53:14:90:58:7a:4b:6b:ef:30:40:c5:5b:
                    96:7d:df:9a:3c:e0:b0:df:7d:dd:8d:9b:b7:44:48:
                    23:6a:11:93:d7:84:52:4e:29:97:e0:fd:b4:35:7c:
                    e4:5a:e5:4e:91:7a:41:a4:46:53:a8:a1:5b:4a:1c:
                    2d:d7:a9:83:79:fe:38:a8:45:32:30:ca:c1:2c:0f:
                    cb:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:28:C2:5B:30:5C:D9:EE:05:29:B2:17:DA:83:E7:C8:B6:3D:68:0B
            X509v3 Authority Key Identifier:
                keyid:E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         db:81:63:9f:6b:e4:e4:95:92:6d:2a:8b:da:f2:18:78:9e:28:
         c4:a4:19:41:c5:9e:5a:53:b7:3d:f1:5d:8d:88:b8:bb:e5:1b:
         33:ab:b2:30:e9:1b:a0:ef:34:af:26:63:5c:ca:b8:fd:20:5c:
         c8:ac:e1:dd:7e:95:45:c9:72:9f:be:26:c6:7a:30:2d:88:f3:
         03:d8:c7:41:67:9b:8a:b9:25:fd:60:55:90:c2:b0:93:22:02:
         5d:ab:d5:5d:4f:4d:e6:41:76:7c:bf:31:a2:dc:3c:a9:d0:e7:
         4e:03:6f:f5:e6:ad:84:f4:4e:2e:b4:c7:ee:d9:39:fd:dc:32:
         11:b3:44:96:a8:ac:82:da:96:08:bb:bb:90:ec:f6:f8:5e:ff:
         c0:8e:1a:7e:f7:50:40:5d:75:d1:74:9b:d2:70:ba:25:1a:9f:
         cb:d3:66:79:0c:0e:01:49:51:42:f9:75:69:df:59:5c:8e:02:
         f2:ab:6b:bd:18:78:3b:cf:86:49:4d:ae:55:47:14:ef:40:dc:
         35:55:2e:f1:fc:05:f5:a9:3e:5a:4a:8e:54:65:7f:b2:91:d5:
         2f:3e:88:94:d9:54:98:f4:fc:36:bf:01:dc:14:e9:80:38:d7:
         c9:37:24:5b:77:29:6b:23:c6:5f:ed:c7:5d:0d:36:c0:56:06:
         50:50:5e:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7Wu8K8AkqqKRcFsYA7sNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzdjMzlhNTkxMmRkYzIxZTlmNmI1MTk4OTY3MjU3NjIx
Mjc4MzMwHhcNMjUwNTEwMTgwMDIwWhcNMjUwNTExMTgwMDIwWjAzMTEwLwYDVQQD
EygxNTI4YzI1YjMwNWNkOWVlMDUyOWIyMTdkYTgzZTdjOGI2M2Q2ODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+eh5QiXaB0gV2mi+1+RpFyY6N5Ey
sGFjf90yd3DqhX42//HfezMr7uxqDzHW/wCVzQZP6ZyqHK1a3UDof2QnIsO3T/rT
VTaVCOGt/djbpMOMrRZWPxPDZ3yNBoGgY5rH+uYglIdDYqi+cbBX4MEQgEEIyW+J
LveiNl9xVUbhzi8hIsglx8cK7r4wrjw7O98vL+b77l9fLfUfgoK+jrHKywpmTBEy
Lv9ZrgQ5uQUFWGumQK+Vve5TFJBYektr7zBAxVuWfd+aPOCw333djZu3REgjahGT
14RSTimX4P20NXzkWuVOkXpBpEZTqKFbShwt16mDef44qEUyMMrBLA/LqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUowlswXNnuBSmyF9qD58i2PWgLMB8GA1UdIwQY
MBaAFOXHw5pZEt3CHp9rUZiWcldiEngzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQt
MzhmODY0YTM0Yjc4LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQtMzhmODY0YTM0Yjc4
LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA24Fjn2vk
5JWSbSqL2vIYeJ4oxKQZQcWeWlO3PfFdjYi4u+UbM6uyMOkboO80ryZjXMq4/SBc
yKzh3X6VRclyn74mxnowLYjzA9jHQWebirkl/WBVkMKwkyICXavVXU9N5kF2fL8x
otw8qdDnTgNv9eathPROLrTH7tk5/dwyEbNElqisgtqWCLu7kOz2+F7/wI4afvdQ
QF110XSb0nC6JRqfy9NmeQwOAUlRQvl1ad9ZXI4C8qtrvRh4O8+GSU2uVUcU70Dc
NVUu8fwF9ak+WkqOVGV/spHVLz6IlNlUmPT8Nr8B3BTpgDjXyTckW3cpayPGX+3H
XQ02wFYGUFBe3w==
-----END CERTIFICATE-----