Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
File:                     dXFLWBraGW41UcCM52JDvgWLROs.mft (raw, json)
Hash identifier:          7t8+zr6B52xRyc5lYxFraTKWiKZe+/dmx6I/7MYpCg8=
Subject key identifier:   5D:8D:E7:CE:13:4F:A8:E1:20:E7:A6:AF:D9:22:E3:F6:BF:1C:8C:DE
Authority key identifier: 75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB
Certificate issuer:       /CN=75714b581ada196e3551c08ce76243be058b44eb
Certificate serial:       0196CBA9CDFE6FE046847CDA5523B931ABE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
Manifest number:          1538
Signing time:             Tue 13 May 2025 22:00:25 +0000
Manifest this update:     Tue 13 May 2025 22:00:25 +0000
Manifest next update:     Wed 14 May 2025 22:00:25 +0000
Files and hashes:         1: dXFLWBraGW41UcCM52JDvgWLROs.crl (hash: Y6b0feXY2IV3Ra9/t+hApws6nQencZoklmgBYqMtl3Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 22:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:a9:cd:fe:6f:e0:46:84:7c:da:55:23:b9:31:ab:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75714b581ada196e3551c08ce76243be058b44eb
        Validity
            Not Before: May 13 22:00:25 2025 GMT
            Not After : May 14 22:00:25 2025 GMT
        Subject: CN=5d8de7ce134fa8e120e7a6afd922e3f6bf1c8cde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:f4:b6:12:d9:58:39:ce:50:0c:d0:80:8f:84:
                    5a:82:3b:fc:31:f9:56:6e:e4:e9:d9:15:5e:88:27:
                    e4:e7:17:ee:9c:ca:8c:ef:87:c2:b6:37:73:25:b9:
                    3c:c6:52:89:88:63:0d:a6:38:e8:73:7b:b9:e8:88:
                    4e:39:49:4c:c3:1b:17:50:c9:5b:cd:f0:42:22:d3:
                    07:42:b3:50:36:45:e7:55:d3:88:4e:8b:e8:6d:40:
                    6b:98:02:31:4f:77:3d:b3:a2:e7:b4:c9:eb:16:2a:
                    5f:c9:11:fc:a6:db:2d:04:56:c5:ad:4a:ee:21:0d:
                    23:e0:f5:b2:76:6b:fe:9e:36:8a:3b:8d:f5:c7:4d:
                    ce:c5:19:5e:c9:85:14:dd:46:11:a1:09:41:56:fb:
                    79:4e:ce:a6:ea:cc:60:3a:c2:9e:bd:b9:71:be:21:
                    ff:93:cd:2b:22:3c:0d:ee:97:35:21:c7:b0:14:d1:
                    ee:9e:54:ff:d4:5f:0b:7a:3c:ef:63:5e:6e:ef:ab:
                    76:61:71:43:8f:49:06:36:3e:cb:31:a2:3f:a2:e6:
                    81:2f:f9:33:c6:9c:a6:e0:fa:b0:e3:e6:8d:05:2a:
                    87:d7:f8:44:37:43:ab:39:f5:2b:0b:cf:4d:74:c1:
                    1f:a9:52:e8:b9:38:66:f4:74:5a:e6:14:56:fc:d2:
                    1b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:8D:E7:CE:13:4F:A8:E1:20:E7:A6:AF:D9:22:E3:F6:BF:1C:8C:DE
            X509v3 Authority Key Identifier:
                keyid:75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ec:93:66:5e:f3:57:f0:b5:78:c4:53:0d:42:b9:1c:1e:95:fa:
         9a:dd:ad:c2:20:81:4e:15:78:2c:3f:1e:e9:88:21:d6:4a:d3:
         68:26:66:98:24:d7:af:54:04:0d:97:88:6b:29:c9:8b:c5:dc:
         a3:8f:96:b1:86:89:b0:8f:2a:5d:11:11:c8:86:81:2f:6f:cf:
         ca:4c:49:f9:de:0e:98:b0:a9:53:0c:3b:a9:c8:f0:41:4a:97:
         d3:07:eb:74:2f:ad:4b:3d:b7:5b:af:7a:9f:42:0c:ab:7a:d0:
         c6:c5:f8:66:f0:d9:55:93:8d:ed:18:7e:8f:63:e2:70:d3:01:
         ba:23:4a:31:54:38:4a:92:ed:d9:d1:40:f9:39:76:36:39:e1:
         0b:83:1b:92:f3:ef:4f:53:bc:cc:8e:3e:f0:d3:58:3d:44:f0:
         78:cb:e7:67:3f:61:26:b2:30:51:cd:57:b7:84:4f:6e:0d:15:
         d1:f9:da:69:02:01:d9:d0:0d:11:11:5f:cf:aa:0c:f0:ae:f0:
         25:7d:d8:88:14:76:af:f2:c2:58:02:bf:29:fa:6e:39:7f:42:
         58:40:a0:01:9c:bc:c1:b8:61:a8:f1:f2:d3:3c:78:78:6b:36:
         3c:e6:c4:6e:52:41:af:6b:b0:56:23:3a:42:4e:67:72:30:3d:
         ee:6d:d7:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLqc3+b+BGhHzaVSO5MavlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzE0YjU4MWFkYTE5NmUzNTUxYzA4Y2U3NjI0M2JlMDU4
YjQ0ZWIwHhcNMjUwNTEzMjIwMDI1WhcNMjUwNTE0MjIwMDI1WjAzMTEwLwYDVQQD
Eyg1ZDhkZTdjZTEzNGZhOGUxMjBlN2E2YWZkOTIyZTNmNmJmMWM4Y2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfS2EtlYOc5QDNCAj4Ragjv8MflW
buTp2RVeiCfk5xfunMqM74fCtjdzJbk8xlKJiGMNpjjoc3u56IhOOUlMwxsXUMlb
zfBCItMHQrNQNkXnVdOITovobUBrmAIxT3c9s6LntMnrFipfyRH8ptstBFbFrUru
IQ0j4PWydmv+njaKO431x03OxRleyYUU3UYRoQlBVvt5Ts6m6sxgOsKevblxviH/
k80rIjwN7pc1IcewFNHunlT/1F8LejzvY15u76t2YXFDj0kGNj7LMaI/ouaBL/kz
xpym4Pqw4+aNBSqH1/hEN0OrOfUrC89NdMEfqVLouThm9HRa5hRW/NIbQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2N584TT6jhIOemr9ki4/a/HIzeMB8GA1UdIwQY
MBaAFHVxS1ga2hluNVHAjOdiQ74Fi0TrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYt
MDczZmJiZTExMWU1LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYtMDczZmJiZTExMWU1
LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA7JNmXvNX
8LV4xFMNQrkcHpX6mt2twiCBThV4LD8e6Ygh1krTaCZmmCTXr1QEDZeIaynJi8Xc
o4+WsYaJsI8qXRERyIaBL2/PykxJ+d4OmLCpUww7qcjwQUqX0wfrdC+tSz23W696
n0IMq3rQxsX4ZvDZVZON7Rh+j2PicNMBuiNKMVQ4SpLt2dFA+Tl2NjnhC4MbkvPv
T1O8zI4+8NNYPUTweMvnZz9hJrIwUc1Xt4RPbg0V0fnaaQIB2dANERFfz6oM8K7w
JX3YiBR2r/LCWAK/KfpuOX9CWECgAZy8wbhhqPHy0zx4eGs2PObEblJBr2uwViM6
Qk5ncjA97m3XIg==
-----END CERTIFICATE-----