Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
File:                     5pgECu2WLzBoge6mVTBA-5ptNMk.mft (raw, json)
Hash identifier:          yoxO4r3s+QtTt7MizfqxPbHIAY/lwuS/iLz5p74r/Bw=
Subject key identifier:   04:E3:89:A2:6A:2A:1D:37:DA:85:B3:6D:7C:50:5D:AE:5F:2B:20:6A
Authority key identifier: E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9
Certificate issuer:       /CN=e698040aed962f306881eea6553040fb9a6d34c9
Certificate serial:       01969F087DB30765721E9CC1466666CC7F54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
Manifest number:          03C8
Signing time:             Mon 05 May 2025 06:00:55 +0000
Manifest this update:     Mon 05 May 2025 06:00:55 +0000
Manifest next update:     Tue 06 May 2025 06:00:55 +0000
Files and hashes:         1: 5pgECu2WLzBoge6mVTBA-5ptNMk.crl (hash: 9+ANVJPcA76GLDU43MP72KK90dyS6QCZYIfxBCQJHpM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:08:7d:b3:07:65:72:1e:9c:c1:46:66:66:cc:7f:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e698040aed962f306881eea6553040fb9a6d34c9
        Validity
            Not Before: May  5 06:00:55 2025 GMT
            Not After : May  6 06:00:55 2025 GMT
        Subject: CN=04e389a26a2a1d37da85b36d7c505dae5f2b206a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:dd:aa:89:f8:1b:99:22:bc:58:01:20:5a:21:
                    bb:4a:3d:74:4b:ee:c5:ed:17:1d:c4:01:e5:c6:11:
                    ce:0e:21:7d:8c:b1:88:01:36:17:90:11:59:0b:a1:
                    78:83:9e:4e:88:9d:d1:0f:fa:96:27:df:bd:ff:a6:
                    e1:4a:4a:e1:11:05:6b:c3:cf:34:ca:1e:a5:dc:25:
                    ca:31:fe:32:b7:c6:00:ea:34:23:1f:4b:09:d3:1d:
                    37:a3:ed:a8:90:12:e8:23:a8:df:19:5b:aa:a2:f7:
                    2c:5d:80:ea:f6:64:bf:54:8f:bd:9e:a8:82:d0:ec:
                    e3:40:51:e9:39:e6:5b:3a:dd:ee:89:a0:87:95:8f:
                    67:31:95:6e:70:3f:95:4c:d1:de:79:e3:54:77:8b:
                    6b:c0:0b:7c:a5:3e:a1:34:28:75:55:84:7b:db:1c:
                    b8:71:47:60:29:b8:49:1f:07:56:c7:05:0b:ed:cd:
                    de:ba:2c:67:b8:17:3b:d0:c6:c8:91:8a:f1:f4:63:
                    89:ba:f1:84:d1:16:97:1e:8b:32:ad:52:7e:2c:94:
                    6d:ac:15:01:7b:ab:42:ba:fa:8a:4f:09:fb:1c:5e:
                    18:65:14:a3:89:66:8b:b2:38:8d:45:10:7c:14:88:
                    15:b0:be:af:71:38:d1:d7:c0:6e:6c:37:89:a1:ca:
                    a6:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:E3:89:A2:6A:2A:1D:37:DA:85:B3:6D:7C:50:5D:AE:5F:2B:20:6A
            X509v3 Authority Key Identifier:
                keyid:E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:19:c9:54:38:47:59:03:26:66:d2:92:c3:0e:b0:9d:37:e5:
         e1:d3:76:0a:bc:3d:e3:24:95:5e:00:f1:fa:9e:f0:7f:9b:6e:
         f5:e3:8f:64:c3:d9:ca:1e:0e:a2:df:88:bd:57:1d:99:64:f4:
         23:36:2f:20:01:e6:29:bb:71:45:14:a3:1a:5f:9f:d7:ee:35:
         d9:53:a7:ed:7c:3e:17:96:81:c4:8b:41:9f:14:b1:d5:e7:65:
         96:c4:7a:32:9d:0b:9f:f6:c6:ce:1a:96:6c:60:45:d3:35:c8:
         4c:99:b5:bc:7c:de:63:90:e0:e2:02:06:c1:98:23:7d:7e:b1:
         73:88:9e:a9:87:5e:98:c8:37:02:6c:1f:71:36:5d:9e:80:da:
         dd:d1:a5:30:12:01:a5:f2:a1:55:20:da:f3:37:89:97:e5:55:
         46:39:81:21:7a:a9:55:f9:b3:5e:6d:03:52:15:0b:6b:7a:b0:
         ee:80:85:4b:eb:fd:4f:f4:39:ab:47:20:25:22:d4:de:f8:b4:
         56:b7:f9:6b:4b:2b:23:6a:6a:00:9e:1d:86:57:e9:44:53:0d:
         4a:fa:8a:91:1d:70:1c:f5:c8:c3:7b:5b:3f:75:79:e5:87:46:
         28:5f:2f:45:f4:8c:a1:7c:5e:20:45:1a:44:f6:17:f5:00:c1:
         68:f8:f8:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafCH2zB2VyHpzBRmZmzH9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OTgwNDBhZWQ5NjJmMzA2ODgxZWVhNjU1MzA0MGZiOWE2
ZDM0YzkwHhcNMjUwNTA1MDYwMDU1WhcNMjUwNTA2MDYwMDU1WjAzMTEwLwYDVQQD
EygwNGUzODlhMjZhMmExZDM3ZGE4NWIzNmQ3YzUwNWRhZTVmMmIyMDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3d2qifgbmSK8WAEgWiG7Sj10S+7F
7RcdxAHlxhHODiF9jLGIATYXkBFZC6F4g55OiJ3RD/qWJ9+9/6bhSkrhEQVrw880
yh6l3CXKMf4yt8YA6jQjH0sJ0x03o+2okBLoI6jfGVuqovcsXYDq9mS/VI+9nqiC
0OzjQFHpOeZbOt3uiaCHlY9nMZVucD+VTNHeeeNUd4trwAt8pT6hNCh1VYR72xy4
cUdgKbhJHwdWxwUL7c3euixnuBc70MbIkYrx9GOJuvGE0RaXHosyrVJ+LJRtrBUB
e6tCuvqKTwn7HF4YZRSjiWaLsjiNRRB8FIgVsL6vcTjR18BubDeJocqmmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATjiaJqKh032oWzbXxQXa5fKyBqMB8GA1UdIwQY
MBaAFOaYBArtli8waIHuplUwQPuabTTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYt
ZTIzNDk3MzkzYjhmLzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYtZTIzNDk3MzkzYjhm
LzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANRnJVDhH
WQMmZtKSww6wnTfl4dN2Crw94ySVXgDx+p7wf5tu9eOPZMPZyh4Oot+IvVcdmWT0
IzYvIAHmKbtxRRSjGl+f1+412VOn7Xw+F5aBxItBnxSx1edllsR6Mp0Ln/bGzhqW
bGBF0zXITJm1vHzeY5Dg4gIGwZgjfX6xc4ieqYdemMg3AmwfcTZdnoDa3dGlMBIB
pfKhVSDa8zeJl+VVRjmBIXqpVfmzXm0DUhULa3qw7oCFS+v9T/Q5q0cgJSLU3vi0
Vrf5a0srI2pqAJ4dhlfpRFMNSvqKkR1wHPXIw3tbP3V55YdGKF8vRfSMoXxeIEUa
RPYX9QDBaPj4fw==
-----END CERTIFICATE-----