Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
File:                     5zcPsJ5SI60eRI9MDxYv6plae1Y.mft (raw, json)
Hash identifier:          dLlWse77AOjasNNNoDdFE951jhTISgj+6nSCQv5nLRQ=
Subject key identifier:   43:83:23:CD:82:A2:85:A0:D2:C2:8C:B6:ED:C6:0A:1B:06:39:95:36
Authority key identifier: E7:37:0F:B0:9E:52:23:AD:1E:44:8F:4C:0F:16:2F:EA:99:5A:7B:56
Certificate issuer:       /CN=e7370fb09e5223ad1e448f4c0f162fea995a7b56
Certificate serial:       0196AC1EDE0EC4705B44D485F85F879DEBF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
Manifest number:          134A
Signing time:             Wed 07 May 2025 19:00:26 +0000
Manifest this update:     Wed 07 May 2025 19:00:26 +0000
Manifest next update:     Thu 08 May 2025 19:00:26 +0000
Files and hashes:         1: 5zcPsJ5SI60eRI9MDxYv6plae1Y.crl (hash: cW1K0XPu23wNbA685cEOyPCTRyiG3sIQDNZzQNzbP80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 19:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ac:1e:de:0e:c4:70:5b:44:d4:85:f8:5f:87:9d:eb:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7370fb09e5223ad1e448f4c0f162fea995a7b56
        Validity
            Not Before: May  7 19:00:26 2025 GMT
            Not After : May  8 19:00:26 2025 GMT
        Subject: CN=438323cd82a285a0d2c28cb6edc60a1b06399536
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:13:4f:8b:e9:59:88:5c:7d:79:43:03:f3:de:
                    12:f1:9d:cd:c6:76:b6:4f:26:5e:4c:16:99:4c:04:
                    75:01:7a:d4:a4:51:38:4d:aa:47:26:2c:64:9e:e4:
                    3c:c0:2d:21:5f:b9:a1:2e:cb:84:44:67:08:bf:e2:
                    25:97:0d:68:a0:7a:e7:ed:4b:9e:4b:81:74:35:c3:
                    f6:69:ea:8f:a7:a5:b1:2d:23:a2:ac:71:26:bb:18:
                    6f:e2:73:88:37:0e:e5:b8:98:47:22:68:c5:2a:29:
                    b1:45:a3:82:53:a9:f9:a2:10:3e:b2:58:d2:5c:1e:
                    50:1c:12:37:f0:77:f4:ef:c7:40:85:99:11:10:e2:
                    95:51:c1:ce:84:8d:a1:ba:05:c4:a4:5b:37:3b:05:
                    bc:67:b2:c5:9a:9f:39:58:f2:13:a5:50:8c:7a:d6:
                    8c:dc:97:4b:98:d3:dd:fe:6d:e3:98:4b:cc:a7:84:
                    f3:3f:e7:32:d8:ab:ff:c9:0b:b2:11:66:3d:70:f3:
                    70:f8:b8:90:64:09:ac:86:cc:09:d7:2e:de:2b:fb:
                    5b:d3:b6:39:df:7e:5a:7c:47:bd:7d:2e:47:29:2a:
                    8a:e3:35:3b:be:33:69:8a:33:d5:00:48:14:69:7c:
                    96:e7:ef:cd:f5:69:a0:28:bb:52:95:db:d9:5f:64:
                    77:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:83:23:CD:82:A2:85:A0:D2:C2:8C:B6:ED:C6:0A:1B:06:39:95:36
            X509v3 Authority Key Identifier:
                keyid:E7:37:0F:B0:9E:52:23:AD:1E:44:8F:4C:0F:16:2F:EA:99:5A:7B:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:dd:d1:e7:bc:03:1a:2f:66:cf:de:58:62:3c:96:9a:ec:e3:
         8b:ca:04:f5:cf:81:12:90:5f:01:b3:27:75:01:ea:5b:0d:f5:
         9c:d5:80:c2:80:98:1a:12:45:f6:1f:c4:16:fa:0e:a7:2d:c3:
         93:e9:e9:80:86:01:42:29:69:4f:cf:19:6a:8f:e4:e2:5a:2c:
         d0:67:69:9e:ea:57:0a:ef:01:af:2b:f0:4e:98:4d:2d:04:64:
         58:9e:ba:e6:fd:e1:aa:68:51:bb:2f:b2:95:c7:22:b2:81:57:
         ec:54:fd:41:b8:e1:41:04:73:e9:88:e0:eb:40:35:67:5c:8d:
         13:7f:fc:d3:71:bc:79:cb:65:28:a8:21:b7:d0:97:ae:ca:ed:
         03:52:27:16:bc:c8:92:10:84:e3:0f:47:90:3c:c3:96:10:3d:
         e2:ff:fe:bb:64:d0:10:83:f5:be:04:9b:3f:e9:c8:bf:2f:43:
         13:a8:21:22:48:dc:39:4f:95:56:ec:8e:37:36:be:39:eb:f6:
         a6:f2:2b:40:6a:d5:39:dc:85:d4:c8:1d:8b:81:f4:67:c1:d0:
         f7:2c:35:99:48:37:8b:dd:b9:6f:b9:94:cb:f7:11:f4:5c:c5:
         d8:84:48:53:91:29:52:d3:4a:6e:2a:a1:f5:58:fb:90:1e:57:
         ac:12:3c:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZasHt4OxHBbRNSF+F+Hnev2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MzcwZmIwOWU1MjIzYWQxZTQ0OGY0YzBmMTYyZmVhOTk1
YTdiNTYwHhcNMjUwNTA3MTkwMDI2WhcNMjUwNTA4MTkwMDI2WjAzMTEwLwYDVQQD
Eyg0MzgzMjNjZDgyYTI4NWEwZDJjMjhjYjZlZGM2MGExYjA2Mzk5NTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxNPi+lZiFx9eUMD894S8Z3Nxna2
TyZeTBaZTAR1AXrUpFE4TapHJixknuQ8wC0hX7mhLsuERGcIv+Illw1ooHrn7Uue
S4F0NcP2aeqPp6WxLSOirHEmuxhv4nOINw7luJhHImjFKimxRaOCU6n5ohA+sljS
XB5QHBI38Hf078dAhZkREOKVUcHOhI2hugXEpFs3OwW8Z7LFmp85WPITpVCMetaM
3JdLmNPd/m3jmEvMp4TzP+cy2Kv/yQuyEWY9cPNw+LiQZAmshswJ1y7eK/tb07Y5
335afEe9fS5HKSqK4zU7vjNpijPVAEgUaXyW5+/N9WmgKLtSldvZX2R3DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEODI82CooWg0sKMtu3GChsGOZU2MB8GA1UdIwQY
MBaAFOc3D7CeUiOtHkSPTA8WL+qZWntWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjIyOTMtN2RiYS00MzdiLWFmODUt
OTdlMzU1ZTUxZWYzLzEvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjIyOTMtN2RiYS00MzdiLWFmODUtOTdlMzU1ZTUxZWYz
LzEvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKt3R57wD
Gi9mz95YYjyWmuzji8oE9c+BEpBfAbMndQHqWw31nNWAwoCYGhJF9h/EFvoOpy3D
k+npgIYBQilpT88Zao/k4los0GdpnupXCu8BryvwTphNLQRkWJ665v3hqmhRuy+y
lccisoFX7FT9QbjhQQRz6Yjg60A1Z1yNE3/803G8ectlKKght9CXrsrtA1InFrzI
khCE4w9HkDzDlhA94v/+u2TQEIP1vgSbP+nIvy9DE6ghIkjcOU+VVuyONza+Oev2
pvIrQGrVOdyF1Mgdi4H0Z8HQ9yw1mUg3i925b7mUy/cR9FzF2IRIU5EpUtNKbiqh
9Vj7kB5XrBI83A==
-----END CERTIFICATE-----