Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
File:                     a-BR-5PgFam3YbtFr-EJ2740fGY.mft (raw, json)
Hash identifier:          Pet8UiFVbybcnzev70DOruUKtNe5Pa62Y6vkd6+9oGs=
Subject key identifier:   FA:E1:57:BE:94:E0:B4:44:31:3A:E3:5D:85:73:4F:27:8D:56:9D:A1
Authority key identifier: 6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66
Certificate issuer:       /CN=6be051fb93e015a9b761bb45afe109dbbe347c66
Certificate serial:       0196C238F650EA37189D24EAEF58D79385F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
Manifest number:          04E7
Signing time:             Mon 12 May 2025 02:00:35 +0000
Manifest this update:     Mon 12 May 2025 02:00:35 +0000
Manifest next update:     Tue 13 May 2025 02:00:35 +0000
Files and hashes:         1: a-BR-5PgFam3YbtFr-EJ2740fGY.crl (hash: 35tFBsNpV1SjGxCTJ348+HfHWhjVxsxiOtwZNB3iOso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:38:f6:50:ea:37:18:9d:24:ea:ef:58:d7:93:85:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6be051fb93e015a9b761bb45afe109dbbe347c66
        Validity
            Not Before: May 12 02:00:35 2025 GMT
            Not After : May 13 02:00:35 2025 GMT
        Subject: CN=fae157be94e0b444313ae35d85734f278d569da1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:fc:f6:f1:b0:52:89:0c:80:3f:8d:2b:97:40:
                    83:51:4c:e7:21:52:b6:6b:38:f9:ae:8d:48:2e:ef:
                    b5:c2:e3:50:7b:ac:bd:a3:16:08:ae:23:13:b6:b1:
                    b6:ec:2b:de:cb:25:5c:7b:cd:ad:be:3f:11:b6:33:
                    c7:17:4a:67:5b:74:26:bf:dd:e4:b6:c0:ef:b3:1c:
                    12:58:1d:0b:2e:12:c1:80:03:4a:82:dc:d4:50:14:
                    d3:a5:67:e7:57:97:c0:1f:b0:e9:94:79:6b:23:30:
                    0c:1d:12:8b:0e:f0:70:15:0a:b9:84:29:c7:5d:b6:
                    e4:46:1e:c0:1c:c9:5b:04:9d:58:c8:29:4e:5f:cf:
                    05:90:94:20:29:12:a4:3e:51:3f:9f:5d:f2:67:f0:
                    19:d6:89:17:d2:a4:a2:2c:97:e7:e0:f0:99:f8:40:
                    9c:2e:97:89:f9:0d:e1:42:92:69:38:76:3a:be:d1:
                    92:8e:63:a0:b4:5a:60:37:dc:29:98:67:92:57:bc:
                    a8:0d:54:49:20:d1:b8:e4:bf:2b:14:76:7f:de:95:
                    eb:2f:f3:cb:ca:96:c9:b5:10:6a:30:8d:b1:32:a4:
                    82:17:42:23:16:89:07:bf:ff:3d:16:8a:14:cc:bb:
                    53:2e:a8:68:57:1a:d9:dd:4d:fd:8a:aa:28:94:8a:
                    7e:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:E1:57:BE:94:E0:B4:44:31:3A:E3:5D:85:73:4F:27:8D:56:9D:A1
            X509v3 Authority Key Identifier:
                keyid:6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:c3:19:13:53:79:5c:d1:94:e9:76:bf:d4:4d:9e:2e:d1:35:
         12:2c:6a:3a:4b:2f:ec:c2:f4:e5:09:7d:4a:21:55:5e:61:4f:
         69:d8:d1:84:c4:38:b7:e3:e2:b6:a9:d9:e3:01:6e:20:aa:25:
         7f:2e:42:d5:98:8a:e3:8d:d7:8e:6b:50:39:5d:dd:7b:17:58:
         0a:02:d1:6c:0f:39:6d:b2:7a:ac:d6:c6:46:58:1b:e3:9e:63:
         0a:5e:5d:36:a8:76:b7:70:15:af:c6:58:be:0c:f6:40:44:ca:
         c5:5f:78:23:a3:d7:0a:13:08:81:3e:7c:de:6e:ca:1a:d7:44:
         75:14:61:ff:3f:47:69:c7:ed:d8:8e:a9:ee:58:8d:61:c7:db:
         03:ec:c0:18:f9:27:17:38:c8:0a:70:a5:0b:33:df:1e:76:12:
         09:c9:b8:e3:68:b7:a2:06:dc:b3:aa:ac:8c:55:f0:8a:89:fe:
         1c:77:b6:91:93:fb:e7:11:45:7e:44:6c:32:a6:1a:46:c6:f7:
         aa:dc:66:64:e3:8e:58:9c:10:31:3e:55:44:14:83:1c:3d:c4:
         06:f7:3e:a1:9b:b1:45:8a:2a:ba:ca:6e:f0:d1:1c:7b:f8:0b:
         be:d5:5b:eb:0f:01:77:f0:ee:f1:9f:f1:50:86:ad:83:4d:aa:
         f5:76:c8:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCOPZQ6jcYnSTq71jXk4X5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTA1MWZiOTNlMDE1YTliNzYxYmI0NWFmZTEwOWRiYmUz
NDdjNjYwHhcNMjUwNTEyMDIwMDM1WhcNMjUwNTEzMDIwMDM1WjAzMTEwLwYDVQQD
EyhmYWUxNTdiZTk0ZTBiNDQ0MzEzYWUzNWQ4NTczNGYyNzhkNTY5ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vz28bBSiQyAP40rl0CDUUznIVK2
azj5ro1ILu+1wuNQe6y9oxYIriMTtrG27CveyyVce82tvj8RtjPHF0pnW3Qmv93k
tsDvsxwSWB0LLhLBgANKgtzUUBTTpWfnV5fAH7DplHlrIzAMHRKLDvBwFQq5hCnH
XbbkRh7AHMlbBJ1YyClOX88FkJQgKRKkPlE/n13yZ/AZ1okX0qSiLJfn4PCZ+ECc
LpeJ+Q3hQpJpOHY6vtGSjmOgtFpgN9wpmGeSV7yoDVRJING45L8rFHZ/3pXrL/PL
ypbJtRBqMI2xMqSCF0IjFokHv/89FooUzLtTLqhoVxrZ3U39iqoolIp+qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrhV76U4LREMTrjXYVzTyeNVp2hMB8GA1UdIwQY
MBaAFGvgUfuT4BWpt2G7Ra/hCdu+NHxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYt
ZjRlNTlmMzlhNzRhLzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYtZjRlNTlmMzlhNzRh
LzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8MZE1N5
XNGU6Xa/1E2eLtE1EixqOksv7ML05Ql9SiFVXmFPadjRhMQ4t+PitqnZ4wFuIKol
fy5C1ZiK443XjmtQOV3dexdYCgLRbA85bbJ6rNbGRlgb455jCl5dNqh2t3AVr8ZY
vgz2QETKxV94I6PXChMIgT583m7KGtdEdRRh/z9Hacft2I6p7liNYcfbA+zAGPkn
FzjICnClCzPfHnYSCcm442i3ogbcs6qsjFXwion+HHe2kZP75xFFfkRsMqYaRsb3
qtxmZOOOWJwQMT5VRBSDHD3EBvc+oZuxRYoquspu8NEce/gLvtVb6w8Bd/Du8Z/x
UIatg02q9XbIzA==
-----END CERTIFICATE-----