Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft
File:                     rARWSrE5dm8d7mSLNaChi702IQk.mft (raw, json)
Hash identifier:          CAs7adf0AjLhonWljPS6492ktriUmlsNI1NOeYvAXfk=
Subject key identifier:   63:8D:EA:5C:8F:7A:9E:77:90:D7:C9:34:50:17:4B:4E:E7:BB:08:EA
Authority key identifier: AC:04:56:4A:B1:39:76:6F:1D:EE:64:8B:35:A0:A1:8B:BD:36:21:09
Certificate issuer:       /CN=ac04564ab139766f1dee648b35a0a18bbd362109
Certificate serial:       0196AA9EABF386E5685077ACC30D2F553F89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rARWSrE5dm8d7mSLNaChi702IQk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft
Manifest number:          1527
Signing time:             Wed 07 May 2025 12:00:47 +0000
Manifest this update:     Wed 07 May 2025 12:00:47 +0000
Manifest next update:     Thu 08 May 2025 12:00:47 +0000
Files and hashes:         1: rARWSrE5dm8d7mSLNaChi702IQk.crl (hash: RwWhL+plIR96qmwBR5qTiJ0CHqEOD1XDLhIygIjpHhU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rARWSrE5dm8d7mSLNaChi702IQk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 12:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:9e:ab:f3:86:e5:68:50:77:ac:c3:0d:2f:55:3f:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac04564ab139766f1dee648b35a0a18bbd362109
        Validity
            Not Before: May  7 12:00:47 2025 GMT
            Not After : May  8 12:00:47 2025 GMT
        Subject: CN=638dea5c8f7a9e7790d7c93450174b4ee7bb08ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:7e:7b:3b:45:bd:52:a5:2f:43:b4:2c:d5:96:
                    74:dd:54:0c:86:75:c3:35:a7:08:e9:99:1a:6a:33:
                    a9:b1:30:63:27:25:c6:b2:f9:6b:b6:53:63:27:f8:
                    a7:e5:63:93:c5:8e:60:30:2d:e8:f3:5a:72:fe:07:
                    ed:05:2e:d7:62:b7:13:af:10:1f:17:ae:91:37:d9:
                    2a:40:08:18:cb:9f:d8:fe:cd:f0:2e:c8:e7:4d:ee:
                    e6:2a:2c:80:0f:32:df:4a:1d:74:e3:e6:07:10:8b:
                    78:22:07:e4:d5:69:b9:db:e3:42:63:b7:e0:55:c4:
                    b8:9d:35:16:65:87:3e:7f:35:5e:50:22:44:0c:25:
                    2f:69:68:68:b4:27:39:95:15:72:16:33:2e:e7:dc:
                    bf:55:e4:ea:5c:2d:c2:7e:b1:a0:2f:65:88:39:a4:
                    e2:b3:35:a3:37:57:7e:77:e6:d5:cc:45:9e:44:98:
                    98:0a:b9:97:ca:11:53:78:74:2f:bc:e5:de:4a:a9:
                    23:62:81:88:3f:01:13:88:4c:0e:21:5b:3c:00:13:
                    77:b9:79:c4:14:35:f0:74:f8:e8:be:82:48:f6:d8:
                    a8:1c:2c:39:5a:58:a7:68:92:18:0f:1d:f1:22:28:
                    3f:b4:bf:f2:46:25:9d:57:f7:55:f9:e7:c6:5f:04:
                    86:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:8D:EA:5C:8F:7A:9E:77:90:D7:C9:34:50:17:4B:4E:E7:BB:08:EA
            X509v3 Authority Key Identifier:
                keyid:AC:04:56:4A:B1:39:76:6F:1D:EE:64:8B:35:A0:A1:8B:BD:36:21:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rARWSrE5dm8d7mSLNaChi702IQk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:44:b1:d6:55:1f:1d:33:83:b8:8a:63:77:07:48:b0:ca:dd:
         30:35:20:70:31:d9:14:03:6d:e8:70:46:aa:bf:e7:b5:77:99:
         7c:07:74:d3:43:8b:b2:f6:87:a0:70:05:30:41:70:39:b5:68:
         ca:6d:03:c8:76:92:82:ae:5f:7b:a8:5d:7d:57:d5:bc:c6:fc:
         0b:a7:0a:1f:64:95:95:31:35:1d:a7:9e:72:47:9d:8b:f7:1b:
         83:f8:32:d7:0a:2e:81:07:62:7b:9e:3d:d8:d5:d4:13:52:fd:
         db:ed:bb:7a:fe:b3:91:df:2c:4f:b0:20:3a:93:81:09:c0:cb:
         1f:5e:ad:7d:5b:f2:38:b8:72:17:6a:17:46:f5:b2:e0:33:c2:
         88:9a:dd:69:38:0d:39:7a:04:e7:84:44:ea:6a:2b:c7:2f:2d:
         2b:37:0b:35:70:95:c5:53:97:7f:74:be:d2:44:b4:4e:54:9f:
         30:d1:1f:c1:b5:1e:fb:55:d3:3f:87:5b:b5:02:bf:d5:8b:d5:
         1d:64:01:2b:d7:d5:12:9f:c9:ae:bf:70:81:63:16:5c:6a:1f:
         35:57:ce:78:29:13:fa:86:fa:3f:d9:f7:60:55:85:0a:97:72:
         16:62:d5:af:78:ac:a2:d1:5a:30:77:cc:2a:62:2c:e3:9b:f3:
         5c:f5:63:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqnqvzhuVoUHesww0vVT+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDQ1NjRhYjEzOTc2NmYxZGVlNjQ4YjM1YTBhMThiYmQz
NjIxMDkwHhcNMjUwNTA3MTIwMDQ3WhcNMjUwNTA4MTIwMDQ3WjAzMTEwLwYDVQQD
Eyg2MzhkZWE1YzhmN2E5ZTc3OTBkN2M5MzQ1MDE3NGI0ZWU3YmIwOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwX57O0W9UqUvQ7Qs1ZZ03VQMhnXD
NacI6ZkaajOpsTBjJyXGsvlrtlNjJ/in5WOTxY5gMC3o81py/gftBS7XYrcTrxAf
F66RN9kqQAgYy5/Y/s3wLsjnTe7mKiyADzLfSh104+YHEIt4Igfk1Wm52+NCY7fg
VcS4nTUWZYc+fzVeUCJEDCUvaWhotCc5lRVyFjMu59y/VeTqXC3CfrGgL2WIOaTi
szWjN1d+d+bVzEWeRJiYCrmXyhFTeHQvvOXeSqkjYoGIPwETiEwOIVs8ABN3uXnE
FDXwdPjovoJI9tioHCw5WlinaJIYDx3xIig/tL/yRiWdV/dV+efGXwSGLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGON6lyPep53kNfJNFAXS07nuwjqMB8GA1UdIwQY
MBaAFKwEVkqxOXZvHe5kizWgoYu9NiEJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFSV1NyRTVkbThkN21TTE5hQ2hpNzAySVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80NjY4ZDEtMjJhNC00MzJlLTgxZmMt
Mjg0ZTliY2Y4MmM1LzEvckFSV1NyRTVkbThkN21TTE5hQ2hpNzAySVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80NjY4ZDEtMjJhNC00MzJlLTgxZmMtMjg0ZTliY2Y4MmM1
LzEvckFSV1NyRTVkbThkN21TTE5hQ2hpNzAySVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJkSx1lUf
HTODuIpjdwdIsMrdMDUgcDHZFANt6HBGqr/ntXeZfAd000OLsvaHoHAFMEFwObVo
ym0DyHaSgq5fe6hdfVfVvMb8C6cKH2SVlTE1Haeeckedi/cbg/gy1wougQdie549
2NXUE1L92+27ev6zkd8sT7AgOpOBCcDLH16tfVvyOLhyF2oXRvWy4DPCiJrdaTgN
OXoE54RE6morxy8tKzcLNXCVxVOXf3S+0kS0TlSfMNEfwbUe+1XTP4dbtQK/1YvV
HWQBK9fVEp/Jrr9wgWMWXGofNVfOeCkT+ob6P9n3YFWFCpdyFmLVr3isotFaMHfM
KmIs45vzXPVjjA==
-----END CERTIFICATE-----