Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
File:                     5pgECu2WLzBoge6mVTBA-5ptNMk.mft (raw, json)
Hash identifier:          E7PkxSkvbosJHIkfgERrkyE+rS7336q9hbUcIEeEs+k=
Subject key identifier:   84:C0:BA:9A:73:6F:E2:23:53:60:29:1B:F4:02:9F:EE:90:F5:91:23
Authority key identifier: E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9
Certificate issuer:       /CN=e698040aed962f306881eea6553040fb9a6d34c9
Certificate serial:       0197B70E8A0823264C36EA07FD6A75A70F46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
Manifest number:          0459
Signing time:             Sat 28 Jun 2025 15:01:12 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:12 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:12 +0000
Files and hashes:         1: 5pgECu2WLzBoge6mVTBA-5ptNMk.crl (hash: D2uaX8HzU7KJIXYOR33ORzH4F78d10duKMXJSbsbN9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:8a:08:23:26:4c:36:ea:07:fd:6a:75:a7:0f:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e698040aed962f306881eea6553040fb9a6d34c9
        Validity
            Not Before: Jun 28 15:01:12 2025 GMT
            Not After : Jun 29 15:01:12 2025 GMT
        Subject: CN=84c0ba9a736fe2235360291bf4029fee90f59123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:88:f2:a1:29:30:9b:48:7e:2a:04:16:31:b1:
                    55:84:9b:d3:d7:61:19:43:5c:2c:55:a4:a0:6e:07:
                    e1:6c:d6:c7:58:72:bd:3c:ce:f0:4b:02:ea:4f:95:
                    c3:0c:9e:5c:cf:61:a9:92:c1:77:de:71:82:3f:7f:
                    8a:f2:b6:9a:f6:ad:e6:a9:9f:78:22:c6:9c:0d:04:
                    56:10:2c:2d:f9:9d:d2:57:45:21:af:e0:60:c2:b2:
                    2a:54:db:6e:b0:f8:e6:16:fc:a9:c5:5c:86:05:94:
                    50:93:c1:f4:36:7a:4b:a8:d3:c9:d7:e2:ab:e3:f2:
                    c7:c2:eb:e2:44:02:e2:dd:16:1c:bc:ae:86:74:99:
                    a7:54:b2:fe:04:d2:5e:23:c6:d0:17:44:1e:2a:8e:
                    4c:1f:10:64:da:c9:ee:e1:fc:1a:75:a4:0a:0c:b1:
                    b4:ba:a5:15:ce:7c:65:8e:b0:ea:71:2a:4d:51:77:
                    0d:dd:ca:09:ec:6e:2b:c6:4c:9a:36:a6:f4:5d:45:
                    97:f4:cf:01:e0:96:72:fc:e0:c7:11:45:24:a1:a9:
                    7c:75:ed:39:da:de:d0:73:fa:92:d8:cb:9d:4f:02:
                    93:8a:a3:67:c1:9a:3a:21:db:ae:df:be:5b:f9:7b:
                    1f:bc:4c:8c:8b:6a:69:c4:93:42:f1:0a:2e:23:64:
                    20:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:C0:BA:9A:73:6F:E2:23:53:60:29:1B:F4:02:9F:EE:90:F5:91:23
            X509v3 Authority Key Identifier:
                keyid:E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:8b:0f:a9:8b:1a:b2:a2:a0:c6:34:a9:8d:63:ba:97:13:a8:
         29:84:0b:6e:7b:33:11:c7:27:61:06:0d:9e:0c:23:ca:e0:b6:
         21:09:7b:75:c4:27:b2:de:5d:8e:3b:fc:19:30:da:0a:f6:ba:
         68:64:67:f6:98:bc:85:fe:c3:2a:47:93:76:9a:21:04:ff:52:
         d8:e2:a7:8a:b0:47:cc:59:3b:e6:71:9b:b5:35:d0:b3:61:f0:
         58:9c:ab:ff:91:bb:a7:4c:34:be:e7:ad:a7:2c:92:bf:58:b5:
         74:2b:e9:04:22:31:32:d9:07:ed:0a:b5:84:e9:17:fe:85:16:
         db:7e:1e:ab:ca:9e:70:11:72:b2:6c:35:99:7f:86:6a:45:93:
         d0:9f:93:9e:a1:2a:50:f5:01:f1:1f:a4:52:04:66:ba:03:d1:
         f1:85:28:6b:f6:ec:4d:80:f3:bd:c4:1c:95:de:65:4c:e8:03:
         ab:16:64:d0:2f:7d:04:c8:e1:5d:62:6f:e0:05:e9:87:aa:2f:
         f4:a2:09:df:ad:b2:f9:b3:fc:e2:69:31:18:e9:28:07:5f:e5:
         07:87:96:e3:b5:e0:f8:ee:c3:ab:a4:66:34:59:b1:52:22:ff:
         27:f4:d3:03:9b:bb:2d:e0:98:18:aa:9d:ff:50:17:c0:0e:a0:
         31:94:0d:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DooIIyZMNuoH/Wp1pw9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OTgwNDBhZWQ5NjJmMzA2ODgxZWVhNjU1MzA0MGZiOWE2
ZDM0YzkwHhcNMjUwNjI4MTUwMTEyWhcNMjUwNjI5MTUwMTEyWjAzMTEwLwYDVQQD
Eyg4NGMwYmE5YTczNmZlMjIzNTM2MDI5MWJmNDAyOWZlZTkwZjU5MTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYjyoSkwm0h+KgQWMbFVhJvT12EZ
Q1wsVaSgbgfhbNbHWHK9PM7wSwLqT5XDDJ5cz2GpksF33nGCP3+K8raa9q3mqZ94
IsacDQRWECwt+Z3SV0Uhr+BgwrIqVNtusPjmFvypxVyGBZRQk8H0NnpLqNPJ1+Kr
4/LHwuviRALi3RYcvK6GdJmnVLL+BNJeI8bQF0QeKo5MHxBk2snu4fwadaQKDLG0
uqUVznxljrDqcSpNUXcN3coJ7G4rxkyaNqb0XUWX9M8B4JZy/ODHEUUkoal8de05
2t7Qc/qS2MudTwKTiqNnwZo6Iduu375b+XsfvEyMi2ppxJNC8QouI2Qg0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITAuppzb+IjU2ApG/QCn+6Q9ZEjMB8GA1UdIwQY
MBaAFOaYBArtli8waIHuplUwQPuabTTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYt
ZTIzNDk3MzkzYjhmLzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYtZTIzNDk3MzkzYjhm
LzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk4sPqYsa
sqKgxjSpjWO6lxOoKYQLbnszEccnYQYNngwjyuC2IQl7dcQnst5djjv8GTDaCva6
aGRn9pi8hf7DKkeTdpohBP9S2OKnirBHzFk75nGbtTXQs2HwWJyr/5G7p0w0vuet
pyySv1i1dCvpBCIxMtkH7Qq1hOkX/oUW234eq8qecBFysmw1mX+GakWT0J+TnqEq
UPUB8R+kUgRmugPR8YUoa/bsTYDzvcQcld5lTOgDqxZk0C99BMjhXWJv4AXph6ov
9KIJ362y+bP84mkxGOkoB1/lB4eW47Xg+O7Dq6RmNFmxUiL/J/TTA5u7LeCYGKqd
/1AXwA6gMZQNAw==
-----END CERTIFICATE-----