Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          I11q+AWQ/cGel2O3oaCt8kAcsjzbLvNkFEFy9NCl1uo=
Subject key identifier:   64:0A:6C:31:63:EA:2B:43:6C:1D:27:96:1A:42:55:44:B3:88:A0:6F
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       0197B6A2098DB6D45B703A1594C8D74E76A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          0EE6
Signing time:             Sat 28 Jun 2025 13:02:41 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:41 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:41 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: DRqrCQ/x06AV5u6yUvo7jtwcP4cZpnGuGOPtFPBX6Oc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:09:8d:b6:d4:5b:70:3a:15:94:c8:d7:4e:76:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Jun 28 13:02:41 2025 GMT
            Not After : Jun 29 13:02:41 2025 GMT
        Subject: CN=640a6c3163ea2b436c1d27961a425544b388a06f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:54:0c:d3:7b:b5:34:86:d7:48:c7:31:76:71:
                    a6:f2:9b:67:3b:06:30:c0:91:ed:ae:9a:16:a3:98:
                    4e:06:4c:16:ff:cc:73:ab:24:ed:73:d4:29:92:fc:
                    24:31:8c:83:e7:d6:5e:2d:75:78:e5:9f:9f:5f:7b:
                    a6:4b:e9:10:61:4f:61:34:eb:99:3b:3f:77:8f:f0:
                    7f:77:e5:63:c4:6b:c3:42:88:fc:d7:56:30:cc:8e:
                    82:1e:91:35:91:c1:15:2e:b6:d8:21:0b:57:c6:02:
                    f3:40:03:a8:ce:4b:fe:8c:89:cc:5e:60:fa:e0:4c:
                    50:b6:fe:18:7e:f4:65:75:b3:2d:76:ff:98:fd:b7:
                    d1:15:8d:44:51:09:91:56:47:9e:1e:ef:62:8a:0b:
                    ba:88:f6:18:96:67:77:14:d7:34:24:a7:03:ea:fa:
                    e0:5e:e6:3e:b9:89:23:91:da:bb:b9:7a:53:05:e0:
                    9c:8c:db:db:1f:0d:36:90:41:35:51:61:e6:05:c3:
                    58:8a:df:5c:ca:95:09:49:23:d0:a7:6d:a3:bd:aa:
                    0b:fb:b3:24:2c:d4:66:48:bf:bd:fe:8b:12:1c:23:
                    0f:c1:da:e3:bd:30:96:80:41:64:c0:22:16:ef:8e:
                    66:d2:52:18:f0:b0:77:51:ec:20:65:2b:2b:c1:76:
                    cd:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:0A:6C:31:63:EA:2B:43:6C:1D:27:96:1A:42:55:44:B3:88:A0:6F
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:f5:78:6b:fa:17:48:6d:94:09:11:55:75:6c:e2:61:12:a2:
         37:0a:bb:bf:f9:36:59:52:73:e2:dc:dd:ae:54:7f:2c:de:53:
         ac:8a:a4:1e:a4:b5:24:64:8c:5a:40:06:5b:d6:fb:7c:cc:d3:
         8d:84:6e:50:ac:84:bb:b5:5e:7c:bd:bb:e0:ed:40:7b:17:b9:
         e2:52:c1:00:ae:30:4c:31:f2:dd:d2:84:d9:d6:a0:f2:a4:24:
         a1:1d:a3:78:a1:cb:19:8f:b7:c2:af:b7:e6:04:9e:12:f4:47:
         00:09:47:86:20:4a:38:91:ff:4d:53:e1:cc:b8:bd:cd:af:90:
         cc:35:11:60:38:76:35:6d:27:72:5a:44:1b:44:a6:58:95:51:
         5c:db:a8:47:f3:aa:e0:0c:bb:1a:2b:f0:54:5b:e0:d6:31:e7:
         d1:d8:18:3e:8d:4e:0d:3a:32:a2:f4:97:90:81:8b:d1:be:3c:
         33:67:27:be:91:2f:0c:ba:30:d6:69:a1:73:bb:04:3d:7e:9f:
         dc:db:4f:ce:6d:7c:62:d4:8f:1b:a7:60:30:6d:ba:17:d1:dd:
         41:85:a0:3e:b3:b3:60:1a:67:94:70:29:0a:6b:07:89:b1:c3:
         14:4d:d3:17:c1:6b:d7:78:a5:16:21:ba:b8:1a:62:ef:92:df:
         17:1c:de:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ogmNttRbcDoVlMjXTnaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjUwNjI4MTMwMjQxWhcNMjUwNjI5MTMwMjQxWjAzMTEwLwYDVQQD
Eyg2NDBhNmMzMTYzZWEyYjQzNmMxZDI3OTYxYTQyNTU0NGIzODhhMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVQM03u1NIbXSMcxdnGm8ptnOwYw
wJHtrpoWo5hOBkwW/8xzqyTtc9QpkvwkMYyD59ZeLXV45Z+fX3umS+kQYU9hNOuZ
Oz93j/B/d+VjxGvDQoj811YwzI6CHpE1kcEVLrbYIQtXxgLzQAOozkv+jInMXmD6
4ExQtv4YfvRldbMtdv+Y/bfRFY1EUQmRVkeeHu9iigu6iPYYlmd3FNc0JKcD6vrg
XuY+uYkjkdq7uXpTBeCcjNvbHw02kEE1UWHmBcNYit9cypUJSSPQp22jvaoL+7Mk
LNRmSL+9/osSHCMPwdrjvTCWgEFkwCIW745m0lIY8LB3UewgZSsrwXbNVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQKbDFj6itDbB0nlhpCVUSziKBvMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqfV4a/oX
SG2UCRFVdWziYRKiNwq7v/k2WVJz4tzdrlR/LN5TrIqkHqS1JGSMWkAGW9b7fMzT
jYRuUKyEu7VefL274O1Aexe54lLBAK4wTDHy3dKE2dag8qQkoR2jeKHLGY+3wq+3
5gSeEvRHAAlHhiBKOJH/TVPhzLi9za+QzDURYDh2NW0nclpEG0SmWJVRXNuoR/Oq
4Ay7GivwVFvg1jHn0dgYPo1ODToyovSXkIGL0b48M2cnvpEvDLow1mmhc7sEPX6f
3NtPzm18YtSPG6dgMG26F9HdQYWgPrOzYBpnlHApCmsHibHDFE3TF8Fr13ilFiG6
uBpi75LfFxzelg==
-----END CERTIFICATE-----