Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          W0gOMFOS2ezoUQjSnVExSnlb2YOXjvr9VvnECqyx6uA=
Subject key identifier:   47:79:0E:71:22:10:72:76:B3:6D:D4:96:0B:C0:B5:A9:71:20:E5:00
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       0198D65F8A9A72A2FFC5BA7923AEB512CDDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          0F7B
Signing time:             Sat 23 Aug 2025 10:00:42 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:42 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:42 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: gmXwGACeEd7sh1a2CC21BAOCf+X/hcy2h4Spoe3ypWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:8a:9a:72:a2:ff:c5:ba:79:23:ae:b5:12:cd:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Aug 23 10:00:42 2025 GMT
            Not After : Aug 24 10:00:42 2025 GMT
        Subject: CN=47790e7122107276b36dd4960bc0b5a97120e500
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:1d:2a:9a:b4:a2:d1:21:99:83:01:c3:a7:1d:
                    06:55:b4:ea:d2:ce:d5:20:a8:40:32:fe:e3:e3:7b:
                    c8:d3:a4:29:34:11:11:36:94:2f:90:fd:41:03:5c:
                    96:91:90:d5:66:4b:e7:1e:17:08:fa:b6:1e:32:7e:
                    3c:2b:c2:12:ad:56:0d:cc:f4:26:b0:ce:66:88:9d:
                    84:91:81:76:82:4e:85:84:36:7f:9d:d3:11:8b:79:
                    32:48:5b:70:d5:d7:97:68:a3:34:cb:ff:c5:d7:00:
                    f3:e6:17:50:bb:28:70:bb:e9:e7:42:68:77:0b:dd:
                    68:b7:a2:35:29:bb:60:1e:31:16:87:06:06:82:75:
                    49:01:87:0e:f4:9a:71:a4:51:12:a2:f6:5a:8e:85:
                    34:b7:43:e6:5b:21:70:89:c1:35:b9:a9:e7:5a:43:
                    89:c1:f4:5b:50:2a:23:6a:a7:7a:2b:c0:61:6f:a4:
                    ff:3e:b7:9b:3e:df:7a:51:5f:b8:71:f6:00:94:e6:
                    b7:ea:90:00:0b:97:fe:46:e7:86:9f:97:13:0c:7c:
                    9a:22:d5:09:c4:98:17:93:e0:85:31:90:10:40:43:
                    6a:3e:30:c6:c5:94:a8:b6:eb:5c:74:30:12:0f:15:
                    f6:7d:01:f4:4b:32:4d:86:2a:27:d6:d3:90:40:10:
                    9c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:79:0E:71:22:10:72:76:B3:6D:D4:96:0B:C0:B5:A9:71:20:E5:00
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:02:be:d0:20:cf:4f:4d:a1:43:b3:b9:7c:89:cf:da:69:6e:
         78:80:56:ab:77:e0:a2:1e:5e:6b:48:92:ae:e8:f9:15:ad:9f:
         3b:e7:6a:d8:2b:86:8f:29:06:0b:0f:d1:cc:dc:28:4b:81:c0:
         07:c8:24:27:2b:87:f6:ac:15:9e:c9:74:69:c7:4d:85:60:68:
         c9:00:8a:f1:ed:1d:13:2b:c6:c3:28:58:66:c4:c9:01:46:52:
         9d:10:ad:00:2b:3a:59:3b:0d:43:f3:8a:a8:20:5d:54:bb:6d:
         fa:c8:e1:0b:89:72:53:eb:f6:e1:e3:33:75:45:de:cf:16:cb:
         8a:2a:05:81:bc:65:1b:9b:df:58:65:9c:dd:19:ac:03:99:6d:
         41:74:58:da:f2:68:bd:bb:5a:e8:c8:3b:d7:99:ed:b3:61:f9:
         72:83:52:2f:54:c2:b2:4c:e5:33:5e:2a:85:55:39:bd:17:8f:
         07:4d:d0:50:88:e2:bd:76:c8:79:05:96:b4:1a:d3:43:df:3a:
         43:ac:08:be:90:ef:37:07:3d:49:ac:24:b8:42:21:46:7e:21:
         e6:4a:a5:73:2c:2d:db:ec:9d:1d:df:04:17:19:bd:d4:11:79:
         72:e1:5e:9e:66:10:f2:3d:33:f0:54:4d:f3:75:06:85:04:0d:
         ea:a1:4a:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX4qacqL/xbp5I661Es3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjUwODIzMTAwMDQyWhcNMjUwODI0MTAwMDQyWjAzMTEwLwYDVQQD
Eyg0Nzc5MGU3MTIyMTA3Mjc2YjM2ZGQ0OTYwYmMwYjVhOTcxMjBlNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh0qmrSi0SGZgwHDpx0GVbTq0s7V
IKhAMv7j43vI06QpNBERNpQvkP1BA1yWkZDVZkvnHhcI+rYeMn48K8ISrVYNzPQm
sM5miJ2EkYF2gk6FhDZ/ndMRi3kySFtw1deXaKM0y//F1wDz5hdQuyhwu+nnQmh3
C91ot6I1KbtgHjEWhwYGgnVJAYcO9JpxpFESovZajoU0t0PmWyFwicE1uannWkOJ
wfRbUCojaqd6K8Bhb6T/PrebPt96UV+4cfYAlOa36pAAC5f+RueGn5cTDHyaItUJ
xJgXk+CFMZAQQENqPjDGxZSotutcdDASDxX2fQH0SzJNhion1tOQQBCcDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEd5DnEiEHJ2s23UlgvAtalxIOUAMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASAK+0CDP
T02hQ7O5fInP2mlueIBWq3fgoh5ea0iSruj5Fa2fO+dq2CuGjykGCw/RzNwoS4HA
B8gkJyuH9qwVnsl0acdNhWBoyQCK8e0dEyvGwyhYZsTJAUZSnRCtACs6WTsNQ/OK
qCBdVLtt+sjhC4lyU+v24eMzdUXezxbLiioFgbxlG5vfWGWc3RmsA5ltQXRY2vJo
vbta6Mg715nts2H5coNSL1TCskzlM14qhVU5vRePB03QUIjivXbIeQWWtBrTQ986
Q6wIvpDvNwc9SawkuEIhRn4h5kqlcywt2+ydHd8EFxm91BF5cuFenmYQ8j0z8FRN
83UGhQQN6qFKGA==
-----END CERTIFICATE-----