Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          0mDqaYA/QGOgLW7ZtLiMwsixZYVnF2cT3hH1GRF0eRQ=
Subject key identifier:   CB:8B:B0:FB:DB:93:C9:B2:58:7B:F3:BB:18:5C:58:31:65:11:57:6A
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       0196A46640946850BE6FAFA3F5F9ABDB3749
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          0E58
Signing time:             Tue 06 May 2025 07:01:26 +0000
Manifest this update:     Tue 06 May 2025 07:01:26 +0000
Manifest next update:     Wed 07 May 2025 07:01:26 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: Yu8OBHFetm8FJdRAXeSbBk771hln9bPB4YSVciIZ+MU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:66:40:94:68:50:be:6f:af:a3:f5:f9:ab:db:37:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: May  6 07:01:26 2025 GMT
            Not After : May  7 07:01:26 2025 GMT
        Subject: CN=cb8bb0fbdb93c9b2587bf3bb185c58316511576a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:24:bc:12:b5:3e:21:54:96:ad:bf:c3:d7:d9:
                    38:fb:ec:5a:66:06:a5:4b:33:77:38:b9:eb:cc:67:
                    df:e8:24:25:01:92:b4:b8:5c:1b:8c:fc:7b:a5:58:
                    31:01:a0:22:6f:40:7c:bb:77:80:fe:6c:d9:8d:ae:
                    54:d1:1d:86:fb:74:cc:24:17:e1:55:d1:70:76:68:
                    43:22:f8:83:e1:4a:1e:90:7a:fc:5b:5a:6b:65:22:
                    0c:84:13:c2:77:ca:d5:1a:31:56:e1:dd:14:18:3a:
                    2a:0c:43:4a:b7:fd:a2:5d:89:7f:98:1f:13:57:41:
                    cb:41:7a:65:73:6f:d4:42:6a:3a:91:c4:75:d2:b8:
                    33:d4:de:6b:d3:ed:02:2a:85:6e:ab:61:50:a5:6a:
                    db:e0:2f:14:08:e1:b2:c7:6f:a1:62:9b:53:12:78:
                    cb:6c:d3:82:c4:c4:98:c4:2b:28:fb:44:57:bc:9d:
                    3a:1c:28:28:67:98:d8:ff:8b:b7:4c:7e:4b:56:53:
                    83:61:34:77:f6:ef:8c:3d:de:9e:88:df:cd:5e:6d:
                    e5:d2:b6:55:ed:ab:16:46:e6:14:97:98:e6:f9:50:
                    0d:3e:dc:bb:39:ce:d9:f6:c2:7d:bf:e9:c3:56:1a:
                    a4:a3:4f:dd:b1:67:48:6d:0d:ee:ab:0f:74:e4:01:
                    d1:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:8B:B0:FB:DB:93:C9:B2:58:7B:F3:BB:18:5C:58:31:65:11:57:6A
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:47:4f:20:7d:d2:f4:78:7a:16:ab:9d:6c:b9:43:6a:8a:8c:
         b1:95:25:c4:82:ed:6f:a6:3a:f1:31:b5:7c:b2:f8:6f:4a:e0:
         6d:f8:44:48:ef:a7:e1:d2:9a:04:46:42:c7:f6:6b:8a:a3:a2:
         a1:76:44:6a:25:28:c9:f3:a9:0c:c3:31:0c:7f:8f:7f:1e:00:
         bd:db:eb:84:58:b3:44:e9:c9:dd:34:6a:71:45:ac:63:31:a8:
         a4:bc:ad:23:12:80:11:b6:b2:4f:94:6e:c5:d0:cd:89:da:c6:
         c3:51:2e:68:06:ef:ee:bd:b8:f1:4a:99:ce:cb:b0:14:83:6f:
         ad:37:42:7b:27:d1:7f:fb:6d:61:11:da:61:e9:b9:7f:5d:aa:
         fb:a1:f0:a8:75:6d:d4:72:e7:a4:05:92:7c:fd:aa:fd:33:be:
         5d:6d:35:b7:70:72:6e:f4:5a:24:40:19:99:f4:ac:e9:b0:77:
         f5:23:f2:d6:73:58:8e:96:90:a5:c6:f3:1f:2a:06:6e:94:3a:
         b8:9f:82:76:f7:7d:40:c5:10:e0:2f:84:94:03:f5:b4:b9:7b:
         ca:5a:fd:95:ec:45:b7:a0:5a:ab:93:f0:0d:6f:b3:a4:47:1b:
         8a:d4:ff:4e:2b:1f:c6:6b:8f:a2:fc:6a:25:38:13:da:6f:d9:
         7a:93:73:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZakZkCUaFC+b6+j9fmr2zdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjUwNTA2MDcwMTI2WhcNMjUwNTA3MDcwMTI2WjAzMTEwLwYDVQQD
EyhjYjhiYjBmYmRiOTNjOWIyNTg3YmYzYmIxODVjNTgzMTY1MTE1NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiS8ErU+IVSWrb/D19k4++xaZgal
SzN3OLnrzGff6CQlAZK0uFwbjPx7pVgxAaAib0B8u3eA/mzZja5U0R2G+3TMJBfh
VdFwdmhDIviD4UoekHr8W1prZSIMhBPCd8rVGjFW4d0UGDoqDENKt/2iXYl/mB8T
V0HLQXplc2/UQmo6kcR10rgz1N5r0+0CKoVuq2FQpWrb4C8UCOGyx2+hYptTEnjL
bNOCxMSYxCso+0RXvJ06HCgoZ5jY/4u3TH5LVlODYTR39u+MPd6eiN/NXm3l0rZV
7asWRuYUl5jm+VANPty7Oc7Z9sJ9v+nDVhqko0/dsWdIbQ3uqw905AHR+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuLsPvbk8myWHvzuxhcWDFlEVdqMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuEdPIH3S
9Hh6FqudbLlDaoqMsZUlxILtb6Y68TG1fLL4b0rgbfhESO+n4dKaBEZCx/ZriqOi
oXZEaiUoyfOpDMMxDH+Pfx4AvdvrhFizROnJ3TRqcUWsYzGopLytIxKAEbayT5Ru
xdDNidrGw1EuaAbv7r248UqZzsuwFINvrTdCeyfRf/ttYRHaYem5f12q+6HwqHVt
1HLnpAWSfP2q/TO+XW01t3BybvRaJEAZmfSs6bB39SPy1nNYjpaQpcbzHyoGbpQ6
uJ+Cdvd9QMUQ4C+ElAP1tLl7ylr9lexFt6Baq5PwDW+zpEcbitT/TisfxmuPovxq
JTgT2m/ZepNzeQ==
-----END CERTIFICATE-----