Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
File:                     5LDTQqkyMznAd8XGreEJO1pADyQ.mft (raw, json)
Hash identifier:          N5bsOGVZ0sVvOasTVR9DRuQYeIq95u3z05cHE6en/5g=
Subject key identifier:   C7:02:0B:4A:13:7D:80:1F:13:04:D8:F2:E0:D7:B7:22:D4:2F:EC:02
Authority key identifier: E4:B0:D3:42:A9:32:33:39:C0:77:C5:C6:AD:E1:09:3B:5A:40:0F:24
Certificate issuer:       /CN=e4b0d342a9323339c077c5c6ade1093b5a400f24
Certificate serial:       0196B747B191E4E5526525530D882B42BCDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
Manifest number:          0195
Signing time:             Fri 09 May 2025 23:00:51 +0000
Manifest this update:     Fri 09 May 2025 23:00:51 +0000
Manifest next update:     Sat 10 May 2025 23:00:51 +0000
Files and hashes:         1: 5LDTQqkyMznAd8XGreEJO1pADyQ.crl (hash: o4G8v6XqYmpKiZXZlO0d9pN/5t2G6TKG0aKxB8CZF9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 23:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b7:47:b1:91:e4:e5:52:65:25:53:0d:88:2b:42:bc:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d342a9323339c077c5c6ade1093b5a400f24
        Validity
            Not Before: May  9 23:00:51 2025 GMT
            Not After : May 10 23:00:51 2025 GMT
        Subject: CN=c7020b4a137d801f1304d8f2e0d7b722d42fec02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b9:14:bd:7e:96:b9:ae:16:1c:36:44:c9:b5:
                    24:14:a6:89:7d:ef:01:ae:88:48:aa:94:a9:3a:62:
                    b5:9e:87:66:b1:ed:80:4c:56:c4:6a:92:5e:ff:5d:
                    d9:58:f4:07:99:82:5d:f0:6d:5a:c3:b7:fa:bd:31:
                    b1:84:1f:6f:0e:da:b5:16:48:20:6b:ae:de:ff:d6:
                    83:6f:16:39:4a:84:b9:6a:a3:b1:1d:35:7d:c5:71:
                    8c:9f:af:86:ba:60:31:81:fb:39:de:87:5b:7e:53:
                    70:60:8b:d1:60:d6:84:45:60:f6:56:5c:08:51:5f:
                    7b:b3:78:d2:8b:8a:f6:27:13:50:1b:89:3e:cb:00:
                    05:fe:c6:ca:99:a9:57:de:9e:2e:30:2b:e7:c0:36:
                    ee:8a:5c:90:c0:5f:6f:c9:6a:a9:46:07:10:48:64:
                    37:cc:83:cc:df:9f:c5:21:4f:3c:ad:10:5f:12:e7:
                    e9:da:55:43:4c:0c:29:73:7b:be:a4:09:f1:1e:ab:
                    c1:1e:42:d3:56:91:51:28:17:c8:d8:2b:45:42:98:
                    6a:33:02:66:0c:55:77:94:09:8f:eb:58:9e:af:c4:
                    ba:7c:87:c7:bd:0f:f3:6d:f6:78:72:ff:59:28:75:
                    90:c2:33:18:55:a9:f2:37:b3:d4:ed:f6:d0:78:fc:
                    e3:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:02:0B:4A:13:7D:80:1F:13:04:D8:F2:E0:D7:B7:22:D4:2F:EC:02
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:42:A9:32:33:39:C0:77:C5:C6:AD:E1:09:3B:5A:40:0F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:6f:32:ff:d3:f0:af:b1:2e:e0:30:3d:2b:f9:ab:74:bc:aa:
         ab:a1:3a:aa:c0:29:d5:c5:66:db:ac:cf:69:c6:fd:4d:c3:46:
         79:8a:ef:2b:34:49:53:01:f0:e4:e0:fd:9e:a7:e4:0f:28:81:
         95:3b:64:d1:01:10:fb:6e:70:35:09:95:f5:08:28:7b:b8:87:
         ad:21:58:83:0b:28:0f:d7:fb:1d:36:99:7a:c2:b8:64:e4:df:
         90:b0:ae:ac:64:f5:82:e7:1b:03:52:69:ca:3b:bc:dc:f8:1e:
         7f:fd:0c:74:bd:f3:87:76:fb:e0:0d:23:bf:6e:47:27:ba:4a:
         8a:e4:95:d2:c7:9f:04:56:2f:31:80:6d:26:51:4d:9e:3e:5d:
         4d:16:c0:2b:77:ff:5d:ad:bb:c0:be:c1:95:e5:40:b2:bf:92:
         be:a9:77:e8:83:50:fb:70:7e:f0:a7:14:6f:f7:5a:ff:32:86:
         e7:c7:25:c0:c9:cb:63:c8:c2:b4:15:67:3f:e7:2e:19:8c:5e:
         2d:a6:b8:38:76:23:44:09:46:61:dd:86:db:4d:cc:12:a8:cc:
         4f:4f:c7:25:35:07:05:04:d8:b9:c6:49:02:a8:b3:de:90:7b:
         e5:0b:e4:ec:e8:d3:3b:27:0c:a3:12:1c:e7:8d:05:e3:e4:3c:
         9d:6d:00:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa3R7GR5OVSZSVTDYgrQrzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzQyYTkzMjMzMzljMDc3YzVjNmFkZTEwOTNiNWE0
MDBmMjQwHhcNMjUwNTA5MjMwMDUxWhcNMjUwNTEwMjMwMDUxWjAzMTEwLwYDVQQD
EyhjNzAyMGI0YTEzN2Q4MDFmMTMwNGQ4ZjJlMGQ3YjcyMmQ0MmZlYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7kUvX6Wua4WHDZEybUkFKaJfe8B
rohIqpSpOmK1nodmse2ATFbEapJe/13ZWPQHmYJd8G1aw7f6vTGxhB9vDtq1Fkgg
a67e/9aDbxY5SoS5aqOxHTV9xXGMn6+GumAxgfs53odbflNwYIvRYNaERWD2VlwI
UV97s3jSi4r2JxNQG4k+ywAF/sbKmalX3p4uMCvnwDbuilyQwF9vyWqpRgcQSGQ3
zIPM35/FIU88rRBfEufp2lVDTAwpc3u+pAnxHqvBHkLTVpFRKBfI2CtFQphqMwJm
DFV3lAmP61ier8S6fIfHvQ/zbfZ4cv9ZKHWQwjMYVanyN7PU7fbQePzjYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcCC0oTfYAfEwTY8uDXtyLUL+wCMB8GA1UdIwQY
MBaAFOSw00KpMjM5wHfFxq3hCTtaQA8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9kY2IxMTAtNjJkNi00NGRmLWJkZTYt
OWE5MGE3Y2E1MDhkLzEvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9kY2IxMTAtNjJkNi00NGRmLWJkZTYtOWE5MGE3Y2E1MDhk
LzEvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIW8y/9Pw
r7Eu4DA9K/mrdLyqq6E6qsAp1cVm26zPacb9TcNGeYrvKzRJUwHw5OD9nqfkDyiB
lTtk0QEQ+25wNQmV9Qgoe7iHrSFYgwsoD9f7HTaZesK4ZOTfkLCurGT1gucbA1Jp
yju83Pgef/0MdL3zh3b74A0jv25HJ7pKiuSV0sefBFYvMYBtJlFNnj5dTRbAK3f/
Xa27wL7BleVAsr+Svql36INQ+3B+8KcUb/da/zKG58clwMnLY8jCtBVnP+cuGYxe
Laa4OHYjRAlGYd2G203MEqjMT0/HJTUHBQTYucZJAqiz3pB75Qvk7OjTOycMoxIc
540F4+Q8nW0Ang==
-----END CERTIFICATE-----