Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
File:                     5LDTQqkyMznAd8XGreEJO1pADyQ.mft (raw, json)
Hash identifier:          hE2B7+XSMQi9fMOdrrUl/avRLFC5DBG+VZ/pJOb1qCQ=
Subject key identifier:   11:EF:F1:9A:B4:D7:DC:17:27:8F:D2:70:E8:8D:1A:EB:FD:BB:78:53
Authority key identifier: E4:B0:D3:42:A9:32:33:39:C0:77:C5:C6:AD:E1:09:3B:5A:40:0F:24
Certificate issuer:       /CN=e4b0d342a9323339c077c5c6ade1093b5a400f24
Certificate serial:       0198D5F140F564416CBAFD4BF7AD5685FF23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
Manifest number:          02AE
Signing time:             Sat 23 Aug 2025 08:00:14 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:14 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:14 +0000
Files and hashes:         1: 5LDTQqkyMznAd8XGreEJO1pADyQ.crl (hash: 0iqr15/VgucY2Y97W/saDOqyTzenwzbySwRT5ZIUoDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 08:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:40:f5:64:41:6c:ba:fd:4b:f7:ad:56:85:ff:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d342a9323339c077c5c6ade1093b5a400f24
        Validity
            Not Before: Aug 23 08:00:14 2025 GMT
            Not After : Aug 24 08:00:14 2025 GMT
        Subject: CN=11eff19ab4d7dc17278fd270e88d1aebfdbb7853
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:35:15:7b:75:1b:52:8d:57:fe:b1:52:1d:b1:
                    f8:51:d2:ad:58:f5:62:9a:e3:39:96:ec:4c:8f:b9:
                    0d:c5:40:49:cf:c5:9d:10:87:0a:2a:16:da:80:4c:
                    97:f9:09:c0:f3:59:21:07:c1:ab:59:a7:21:8c:09:
                    0e:20:a7:6f:85:c4:bb:96:7d:ff:b7:e4:2a:b9:3c:
                    f3:60:5a:e4:85:eb:1c:e6:3a:02:b1:03:a5:3e:1c:
                    eb:97:68:fa:c9:71:d6:88:72:7d:c2:16:aa:4d:21:
                    02:28:b1:12:d6:3d:0b:eb:4f:80:58:19:20:ea:ef:
                    34:68:ba:ed:9e:f6:57:0a:91:3b:08:33:2b:50:c7:
                    d1:87:58:8d:b5:8f:34:25:70:91:e1:23:e4:c5:3b:
                    e8:61:8d:d5:73:5f:2b:56:5b:c1:84:33:5b:f3:d2:
                    96:f3:1c:e0:41:24:2a:da:12:df:f1:b4:da:a5:08:
                    3d:ef:18:a4:86:81:7c:d6:a6:02:30:91:3c:af:e9:
                    d1:1c:a1:2f:11:30:90:f9:1e:5b:3c:ff:d0:f2:57:
                    cb:e9:48:f6:2e:08:fb:d0:03:83:9d:e9:bf:2e:c9:
                    53:8c:17:8d:47:39:82:9a:ad:ec:98:1c:3d:3d:0a:
                    97:d6:9a:2c:b7:83:b5:c1:6f:ea:71:cf:23:56:f5:
                    f5:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:EF:F1:9A:B4:D7:DC:17:27:8F:D2:70:E8:8D:1A:EB:FD:BB:78:53
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:42:A9:32:33:39:C0:77:C5:C6:AD:E1:09:3B:5A:40:0F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:c0:ec:84:33:a1:24:95:5d:56:38:a8:f5:27:fb:a5:06:4f:
         b3:b4:ec:79:84:63:d7:de:e2:cb:38:25:42:0e:36:58:c3:28:
         07:c1:fd:25:90:b3:3f:26:ca:e1:dd:42:be:5a:2a:c3:83:4f:
         19:76:87:11:18:95:0d:14:fc:f1:6b:1c:5a:76:dd:a8:49:81:
         57:8b:ab:72:a0:a9:5d:1a:75:dc:e6:78:f5:49:6d:b2:08:b8:
         d9:a9:b3:68:02:3e:83:ed:ab:a7:04:ee:65:10:af:24:24:9b:
         bf:60:13:35:29:5c:10:de:f2:7f:a6:b6:95:60:14:5e:a2:95:
         87:6e:c4:13:e0:c9:b7:81:7e:68:b0:02:0e:cd:4f:1b:7f:69:
         e0:55:7e:3b:c6:60:21:29:b1:05:be:73:87:e5:52:76:2e:76:
         42:bc:b2:0e:f5:cd:4c:5f:e3:19:73:e1:c0:60:c0:66:24:6c:
         96:f6:0a:9d:1f:36:61:df:bb:7f:9a:48:fa:fe:a9:08:ce:d6:
         2c:f2:f3:41:41:27:05:86:d7:c4:2f:6e:93:2b:e3:d9:1d:c7:
         65:43:b6:05:e2:04:b6:52:49:1d:f8:26:18:cc:b1:17:0a:72:
         25:71:8b:50:6e:b7:47:63:07:c2:a3:c2:6a:a4:10:fd:fd:fa:
         ca:2d:3c:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8UD1ZEFsuv1L961Whf8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzQyYTkzMjMzMzljMDc3YzVjNmFkZTEwOTNiNWE0
MDBmMjQwHhcNMjUwODIzMDgwMDE0WhcNMjUwODI0MDgwMDE0WjAzMTEwLwYDVQQD
EygxMWVmZjE5YWI0ZDdkYzE3Mjc4ZmQyNzBlODhkMWFlYmZkYmI3ODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTUVe3UbUo1X/rFSHbH4UdKtWPVi
muM5luxMj7kNxUBJz8WdEIcKKhbagEyX+QnA81khB8GrWachjAkOIKdvhcS7ln3/
t+QquTzzYFrkhesc5joCsQOlPhzrl2j6yXHWiHJ9whaqTSECKLES1j0L60+AWBkg
6u80aLrtnvZXCpE7CDMrUMfRh1iNtY80JXCR4SPkxTvoYY3Vc18rVlvBhDNb89KW
8xzgQSQq2hLf8bTapQg97xikhoF81qYCMJE8r+nRHKEvETCQ+R5bPP/Q8lfL6Uj2
Lgj70AODnem/LslTjBeNRzmCmq3smBw9PQqX1post4O1wW/qcc8jVvX1dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHv8Zq019wXJ4/ScOiNGuv9u3hTMB8GA1UdIwQY
MBaAFOSw00KpMjM5wHfFxq3hCTtaQA8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9kY2IxMTAtNjJkNi00NGRmLWJkZTYt
OWE5MGE3Y2E1MDhkLzEvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9kY2IxMTAtNjJkNi00NGRmLWJkZTYtOWE5MGE3Y2E1MDhk
LzEvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAacDshDOh
JJVdVjio9Sf7pQZPs7TseYRj197iyzglQg42WMMoB8H9JZCzPybK4d1Cvloqw4NP
GXaHERiVDRT88WscWnbdqEmBV4urcqCpXRp13OZ49Ultsgi42amzaAI+g+2rpwTu
ZRCvJCSbv2ATNSlcEN7yf6a2lWAUXqKVh27EE+DJt4F+aLACDs1PG39p4FV+O8Zg
ISmxBb5zh+VSdi52QryyDvXNTF/jGXPhwGDAZiRslvYKnR82Yd+7f5pI+v6pCM7W
LPLzQUEnBYbXxC9ukyvj2R3HZUO2BeIEtlJJHfgmGMyxFwpyJXGLUG63R2MHwqPC
aqQQ/f36yi08Og==
-----END CERTIFICATE-----