Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
File:                     5zcPsJ5SI60eRI9MDxYv6plae1Y.mft (raw, json)
Hash identifier:          4lAqAYduT+MZso+s8CjYLxHry0pJPH3G2xknRKBWFx8=
Subject key identifier:   8B:07:E8:75:23:46:7F:86:80:B8:D0:E8:15:FF:B8:63:0C:DB:30:0F
Authority key identifier: E7:37:0F:B0:9E:52:23:AD:1E:44:8F:4C:0F:16:2F:EA:99:5A:7B:56
Certificate issuer:       /CN=e7370fb09e5223ad1e448f4c0f162fea995a7b56
Certificate serial:       0197B6A23C5FAED2F330E04429C5EC3679AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
Manifest number:          13D4
Signing time:             Sat 28 Jun 2025 13:02:54 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:54 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:54 +0000
Files and hashes:         1: 5zcPsJ5SI60eRI9MDxYv6plae1Y.crl (hash: yTprmXe1bhIYnPil1Pz3GCRq4hPePTRD5bcowV6aj6c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:3c:5f:ae:d2:f3:30:e0:44:29:c5:ec:36:79:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7370fb09e5223ad1e448f4c0f162fea995a7b56
        Validity
            Not Before: Jun 28 13:02:54 2025 GMT
            Not After : Jun 29 13:02:54 2025 GMT
        Subject: CN=8b07e87523467f8680b8d0e815ffb8630cdb300f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:8d:bb:71:4f:0e:dd:e3:03:66:06:68:02:84:
                    b6:2e:05:24:38:66:99:48:92:12:3c:f7:db:cb:f9:
                    28:3f:ca:7f:4f:3c:5d:07:02:d2:18:ff:f0:65:91:
                    da:69:f8:df:69:be:fe:b3:d0:9f:1a:63:0f:45:fb:
                    ee:a7:8d:82:61:9c:85:ba:f4:f7:a3:0c:b4:42:ea:
                    eb:b6:f8:e0:f4:4a:50:1b:d2:27:1c:76:aa:58:cd:
                    2b:70:a9:48:74:a0:50:da:bf:7d:98:30:38:99:6c:
                    f3:58:fa:53:2c:b3:3b:35:32:be:8a:63:68:fd:39:
                    bc:62:79:ee:87:14:c7:ee:4d:5d:4b:19:21:b7:10:
                    ac:fb:2e:f0:d8:17:05:91:9d:d4:36:2e:9a:95:5e:
                    06:3a:c5:e9:1c:85:b6:ba:82:cb:85:24:23:02:0e:
                    1a:57:36:98:e8:07:82:7b:8e:3f:a5:fc:bb:04:77:
                    38:53:6d:1f:30:46:77:59:7b:00:e0:c2:81:04:78:
                    6b:5c:23:6e:23:f7:37:fe:3b:c9:39:0c:37:e3:5c:
                    53:9b:fa:04:99:5f:3a:10:20:b5:fa:75:19:d2:7d:
                    45:12:21:99:00:f1:3b:7d:af:91:62:cc:fc:02:c7:
                    d7:14:7d:4d:c3:a1:82:a7:c7:00:0f:31:8d:80:b3:
                    55:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:07:E8:75:23:46:7F:86:80:B8:D0:E8:15:FF:B8:63:0C:DB:30:0F
            X509v3 Authority Key Identifier:
                keyid:E7:37:0F:B0:9E:52:23:AD:1E:44:8F:4C:0F:16:2F:EA:99:5A:7B:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:2d:2a:7f:07:43:e0:1c:92:8a:7f:d3:f2:8f:98:e5:fa:10:
         d7:76:c2:9d:51:9e:0c:2b:45:1a:8c:6c:fc:9d:d1:46:1a:63:
         15:d1:40:03:72:f4:7e:b6:94:ed:22:88:96:42:27:2c:d2:6f:
         03:42:93:2a:1a:da:db:88:a4:55:c5:75:bf:ec:5b:66:f4:db:
         80:8a:5d:08:c1:0a:db:7f:d6:6b:5f:7e:f1:1c:20:9c:ec:aa:
         25:de:7b:7c:c0:3a:5c:48:9b:4e:16:7a:27:8c:e4:fa:3d:f8:
         6c:90:c0:46:25:74:fb:34:d1:2f:50:b6:3e:cf:dc:0e:5e:40:
         5c:ca:e4:13:ab:21:9f:f0:87:8c:81:b7:27:75:65:3b:5a:6a:
         b7:c2:40:42:f1:7c:d3:bb:ff:de:94:66:07:52:ac:94:2a:47:
         25:ad:f0:6e:a1:fe:8e:a9:fd:fd:58:60:71:15:fc:05:20:04:
         87:39:da:38:46:76:e3:b5:07:df:d7:cb:4b:85:c1:d5:e1:b9:
         7b:16:ad:ae:6f:e5:23:fe:df:0c:d2:82:b4:c9:cd:0f:5b:d0:
         89:4b:85:28:91:89:41:37:9b:25:72:f7:d2:9f:d1:93:bc:79:
         1f:d4:b8:2f:1d:b8:52:3a:de:89:d2:3a:8d:ee:05:32:7d:f3:
         00:c5:ba:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ojxfrtLzMOBEKcXsNnmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MzcwZmIwOWU1MjIzYWQxZTQ0OGY0YzBmMTYyZmVhOTk1
YTdiNTYwHhcNMjUwNjI4MTMwMjU0WhcNMjUwNjI5MTMwMjU0WjAzMTEwLwYDVQQD
Eyg4YjA3ZTg3NTIzNDY3Zjg2ODBiOGQwZTgxNWZmYjg2MzBjZGIzMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I27cU8O3eMDZgZoAoS2LgUkOGaZ
SJISPPfby/koP8p/TzxdBwLSGP/wZZHaafjfab7+s9CfGmMPRfvup42CYZyFuvT3
owy0Qurrtvjg9EpQG9InHHaqWM0rcKlIdKBQ2r99mDA4mWzzWPpTLLM7NTK+imNo
/Tm8YnnuhxTH7k1dSxkhtxCs+y7w2BcFkZ3UNi6alV4GOsXpHIW2uoLLhSQjAg4a
VzaY6AeCe44/pfy7BHc4U20fMEZ3WXsA4MKBBHhrXCNuI/c3/jvJOQw341xTm/oE
mV86ECC1+nUZ0n1FEiGZAPE7fa+RYsz8AsfXFH1Nw6GCp8cADzGNgLNVawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIsH6HUjRn+GgLjQ6BX/uGMM2zAPMB8GA1UdIwQY
MBaAFOc3D7CeUiOtHkSPTA8WL+qZWntWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjIyOTMtN2RiYS00MzdiLWFmODUt
OTdlMzU1ZTUxZWYzLzEvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjIyOTMtN2RiYS00MzdiLWFmODUtOTdlMzU1ZTUxZWYz
LzEvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAai0qfwdD
4BySin/T8o+Y5foQ13bCnVGeDCtFGoxs/J3RRhpjFdFAA3L0fraU7SKIlkInLNJv
A0KTKhra24ikVcV1v+xbZvTbgIpdCMEK23/Wa19+8RwgnOyqJd57fMA6XEibThZ6
J4zk+j34bJDARiV0+zTRL1C2Ps/cDl5AXMrkE6shn/CHjIG3J3VlO1pqt8JAQvF8
07v/3pRmB1KslCpHJa3wbqH+jqn9/VhgcRX8BSAEhznaOEZ247UH39fLS4XB1eG5
exatrm/lI/7fDNKCtMnND1vQiUuFKJGJQTebJXL30p/Rk7x5H9S4Lx24UjreidI6
je4FMn3zAMW6zw==
-----END CERTIFICATE-----