Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          crkcRSAf1C80Wm6Vh+Yor7fECKL4dHNoi3szhMpo48c=
Subject key identifier:   1C:A1:23:C1:2D:85:AA:79:97:ED:9C:3E:0A:95:49:5F:9F:9D:FE:B2
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       0196CCF3A09E6051180C63872B7CA2A68F13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          1538
Signing time:             Wed 14 May 2025 04:00:40 +0000
Manifest this update:     Wed 14 May 2025 04:00:40 +0000
Manifest next update:     Thu 15 May 2025 04:00:40 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: ruhzK+lK7b4jBTi5GTWhfiYL/keCPTBkbtxCBZVbGeg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cc:f3:a0:9e:60:51:18:0c:63:87:2b:7c:a2:a6:8f:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: May 14 04:00:40 2025 GMT
            Not After : May 15 04:00:40 2025 GMT
        Subject: CN=1ca123c12d85aa7997ed9c3e0a95495f9f9dfeb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:89:f0:6a:1b:18:f0:e5:20:35:21:2a:3a:08:
                    ef:81:55:e4:13:ba:67:73:7d:d3:64:d1:a1:da:8c:
                    1c:e6:9a:7b:d8:9d:eb:4a:5f:78:34:53:14:3e:7b:
                    85:10:12:bd:2a:70:cf:ea:db:cf:fb:e6:7d:1d:5d:
                    4f:c4:4a:23:b6:3b:aa:5d:7c:df:4b:c1:55:0a:58:
                    92:06:6f:7b:ab:32:4c:7b:88:44:20:7f:b3:c5:52:
                    c4:99:00:cc:72:b9:06:ce:1c:ad:ad:e9:ba:6e:ce:
                    d9:1c:27:d6:46:f9:b2:3a:5c:7b:8c:e5:ba:ae:27:
                    b3:f2:10:97:f9:ec:17:c3:a3:99:b2:f6:88:1a:83:
                    e9:d5:c9:29:fc:47:b7:9e:76:28:94:6c:e7:d0:2d:
                    bf:4f:dd:16:4a:02:46:34:27:14:4f:32:00:6f:39:
                    bf:24:a2:2c:d1:01:c0:9d:0c:ae:c8:0b:17:1a:ed:
                    5d:51:fe:3c:20:ec:e5:48:a1:73:f8:fe:1e:01:45:
                    c9:bc:73:5c:02:78:3f:20:df:32:37:9c:24:3e:cd:
                    91:8a:ac:56:c6:ab:ac:02:f9:0f:eb:f7:ab:14:57:
                    e8:40:f7:59:cd:d2:90:c0:91:72:7f:aa:9b:3e:d2:
                    91:c4:fe:06:b7:76:50:a6:37:4e:75:c4:51:74:b3:
                    5f:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:A1:23:C1:2D:85:AA:79:97:ED:9C:3E:0A:95:49:5F:9F:9D:FE:B2
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:9e:24:44:2f:6c:e6:af:41:ce:8d:21:e0:e7:f7:c4:cb:00:
         0d:a3:71:e2:ec:7d:9e:9b:a3:90:56:35:15:5c:48:7d:f5:d3:
         ad:3c:f1:83:2a:ee:04:be:47:60:9a:ac:6b:6f:57:21:d5:d8:
         9d:f3:71:1a:b1:59:45:21:bb:c7:24:c2:82:82:24:61:52:e5:
         68:93:69:bf:b8:12:13:0e:7d:ad:af:d8:20:ef:87:64:32:79:
         78:e4:77:92:4c:28:71:d5:66:de:47:94:af:26:f8:27:51:db:
         a0:96:1b:8d:f3:11:95:ff:cd:21:1d:ed:41:54:7f:dd:59:c0:
         c0:5e:fe:b4:dd:1b:5f:fa:e5:46:3c:75:8d:28:b5:99:61:3d:
         8b:c1:8b:91:e1:2a:4d:fc:40:e7:0e:3b:5a:c3:af:38:28:c1:
         7a:b7:68:07:88:fd:61:2c:f1:af:1b:21:a5:13:13:ea:16:29:
         21:f5:48:ef:bc:f1:6f:22:1b:29:d7:e5:c0:08:e3:82:b0:7e:
         c4:f1:6f:e0:1f:10:9f:08:19:9b:11:24:1b:36:cb:3f:21:bf:
         54:42:8d:ae:a9:cb:aa:d2:67:b8:02:92:9a:32:e5:8f:85:ee:
         ba:f4:a4:25:5e:65:91:0a:b1:23:06:b0:96:b9:b9:28:0d:61:
         f5:ca:24:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbM86CeYFEYDGOHK3yipo8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjUwNTE0MDQwMDQwWhcNMjUwNTE1MDQwMDQwWjAzMTEwLwYDVQQD
EygxY2ExMjNjMTJkODVhYTc5OTdlZDljM2UwYTk1NDk1ZjlmOWRmZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyonwahsY8OUgNSEqOgjvgVXkE7pn
c33TZNGh2owc5pp72J3rSl94NFMUPnuFEBK9KnDP6tvP++Z9HV1PxEojtjuqXXzf
S8FVCliSBm97qzJMe4hEIH+zxVLEmQDMcrkGzhytrem6bs7ZHCfWRvmyOlx7jOW6
riez8hCX+ewXw6OZsvaIGoPp1ckp/Ee3nnYolGzn0C2/T90WSgJGNCcUTzIAbzm/
JKIs0QHAnQyuyAsXGu1dUf48IOzlSKFz+P4eAUXJvHNcAng/IN8yN5wkPs2RiqxW
xqusAvkP6/erFFfoQPdZzdKQwJFyf6qbPtKRxP4Gt3ZQpjdOdcRRdLNf5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByhI8Ethap5l+2cPgqVSV+fnf6yMB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP54kRC9s
5q9Bzo0h4Of3xMsADaNx4ux9npujkFY1FVxIffXTrTzxgyruBL5HYJqsa29XIdXY
nfNxGrFZRSG7xyTCgoIkYVLlaJNpv7gSEw59ra/YIO+HZDJ5eOR3kkwocdVm3keU
ryb4J1HboJYbjfMRlf/NIR3tQVR/3VnAwF7+tN0bX/rlRjx1jSi1mWE9i8GLkeEq
TfxA5w47WsOvOCjBerdoB4j9YSzxrxshpRMT6hYpIfVI77zxbyIbKdflwAjjgrB+
xPFv4B8QnwgZmxEkGzbLPyG/VEKNrqnLqtJnuAKSmjLlj4XuuvSkJV5lkQqxIwaw
lrm5KA1h9cokrw==
-----END CERTIFICATE-----