Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
File:                     MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft (raw, json)
Hash identifier:          gT/SdYlC0HCNGGO/NWh55zaYfhu1Pq23tpjo0DCURCo=
Subject key identifier:   A5:83:0F:EF:53:73:92:5A:B0:B0:98:62:88:AB:0B:00:58:B1:6C:75
Authority key identifier: 32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1
Certificate issuer:       /CN=325052b7a678faa097dcbe6547170c9152b46cf1
Certificate serial:       0196C1CABC7ABFF83CF892886FC78A71BD9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
Manifest number:          14C5
Signing time:             Mon 12 May 2025 00:00:11 +0000
Manifest this update:     Mon 12 May 2025 00:00:11 +0000
Manifest next update:     Tue 13 May 2025 00:00:11 +0000
Files and hashes:         1: MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl (hash: YfXJ5/98RakqmWsIVzBkUVJxhz0sB6rb3MDCkXa7lcU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 00:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:ca:bc:7a:bf:f8:3c:f8:92:88:6f:c7:8a:71:bd:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=325052b7a678faa097dcbe6547170c9152b46cf1
        Validity
            Not Before: May 12 00:00:11 2025 GMT
            Not After : May 13 00:00:11 2025 GMT
        Subject: CN=a5830fef5373925ab0b0986288ab0b0058b16c75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:0b:64:6d:70:95:80:9f:90:cb:81:75:7c:80:
                    f6:c2:55:60:96:00:3d:4e:6c:43:dd:85:43:91:05:
                    f9:b2:29:ed:00:34:fb:c5:dc:f9:f4:8b:25:62:95:
                    3a:ce:7f:a3:65:9e:4d:9c:22:44:61:ad:d8:5d:48:
                    e6:61:c5:a4:a8:59:14:66:b4:d1:68:d8:1a:f4:26:
                    dd:29:a0:a5:c4:2f:da:8a:43:a4:e9:8c:8a:e5:82:
                    b7:63:cd:bb:04:f0:fd:24:39:51:9b:06:1f:bd:f5:
                    9b:bf:5a:1b:ef:85:ec:35:32:3d:29:62:ae:e3:a6:
                    55:d0:4b:cc:e7:a3:3f:d3:55:18:e9:cf:01:5d:39:
                    cc:23:96:bb:bd:25:a9:61:90:fd:b6:cf:ba:4f:62:
                    78:a5:e8:d4:35:c2:97:b1:6d:87:c0:94:ba:2b:54:
                    20:b3:0f:45:66:48:c8:54:b6:b8:6d:10:77:40:54:
                    4f:14:76:05:1b:ef:31:64:f6:87:ca:19:73:36:9b:
                    82:d2:68:8b:d8:fe:6f:88:67:5f:f2:bc:c6:d1:7c:
                    c6:f5:39:1a:db:3c:4b:26:ec:89:3e:bf:67:51:fb:
                    f6:5e:fc:6d:35:c5:d0:bd:b5:71:15:f8:39:e6:e6:
                    18:d9:1b:f4:0a:ab:04:d2:10:cb:d7:4c:73:a8:5d:
                    5e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:83:0F:EF:53:73:92:5A:B0:B0:98:62:88:AB:0B:00:58:B1:6C:75
            X509v3 Authority Key Identifier:
                keyid:32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:e9:e2:7f:fd:00:a3:db:ea:21:23:27:76:ae:04:fc:be:14:
         ee:10:5d:35:2d:97:f8:4c:a7:5d:9c:8c:59:a7:2c:8d:9b:f2:
         57:31:df:d2:37:af:61:ec:7e:07:33:2f:5a:42:15:5b:f2:78:
         10:df:fa:35:bf:37:50:88:8e:d1:8e:16:46:c7:84:da:73:fa:
         b6:cb:05:ff:50:82:73:88:67:4e:3b:6d:1c:4d:21:dd:f7:bf:
         ad:37:d7:5f:e1:fe:5c:fc:40:88:0b:9b:74:4b:b1:18:89:ce:
         b5:c4:2d:5a:31:c5:52:b4:a1:45:bf:4c:eb:94:00:b8:7c:20:
         a1:5c:44:be:b7:80:7d:42:e0:e9:3d:f6:d0:a0:1e:b9:0c:75:
         f5:38:50:04:b4:f9:c8:fe:e6:a7:7d:fe:d5:1b:a5:1a:90:3e:
         c3:8a:f3:fc:81:12:0a:ea:5e:7d:e4:e5:6d:89:5f:bd:76:8b:
         fd:51:95:14:7b:7b:7c:82:b3:55:cf:26:72:58:e7:6e:7f:c0:
         f2:bd:ab:cd:04:a8:bd:4c:fb:e0:a2:18:ed:87:18:79:e0:dc:
         18:39:f5:45:b5:24:a7:d7:97:e1:16:87:1f:ac:e7:45:93:94:
         9d:5f:82:8c:d1:43:34:7a:0a:20:f9:b6:fe:8f:75:84:2d:41:
         39:03:21:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbByrx6v/g8+JKIb8eKcb2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA1MmI3YTY3OGZhYTA5N2RjYmU2NTQ3MTcwYzkxNTJi
NDZjZjEwHhcNMjUwNTEyMDAwMDExWhcNMjUwNTEzMDAwMDExWjAzMTEwLwYDVQQD
EyhhNTgzMGZlZjUzNzM5MjVhYjBiMDk4NjI4OGFiMGIwMDU4YjE2Yzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAtkbXCVgJ+Qy4F1fID2wlVglgA9
TmxD3YVDkQX5sintADT7xdz59IslYpU6zn+jZZ5NnCJEYa3YXUjmYcWkqFkUZrTR
aNga9CbdKaClxC/aikOk6YyK5YK3Y827BPD9JDlRmwYfvfWbv1ob74XsNTI9KWKu
46ZV0EvM56M/01UY6c8BXTnMI5a7vSWpYZD9ts+6T2J4pejUNcKXsW2HwJS6K1Qg
sw9FZkjIVLa4bRB3QFRPFHYFG+8xZPaHyhlzNpuC0miL2P5viGdf8rzG0XzG9Tka
2zxLJuyJPr9nUfv2XvxtNcXQvbVxFfg55uYY2Rv0CqsE0hDL10xzqF1egwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWDD+9Tc5JasLCYYoirCwBYsWx1MB8GA1UdIwQY
MBaAFDJQUremePqgl9y+ZUcXDJFStGzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUt
YmI2OTQ1YTE2ZmU3LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUtYmI2OTQ1YTE2ZmU3
LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVenif/0A
o9vqISMndq4E/L4U7hBdNS2X+EynXZyMWacsjZvyVzHf0jevYex+BzMvWkIVW/J4
EN/6Nb83UIiO0Y4WRseE2nP6tssF/1CCc4hnTjttHE0h3fe/rTfXX+H+XPxAiAub
dEuxGInOtcQtWjHFUrShRb9M65QAuHwgoVxEvreAfULg6T320KAeuQx19ThQBLT5
yP7mp33+1RulGpA+w4rz/IESCupefeTlbYlfvXaL/VGVFHt7fIKzVc8mcljnbn/A
8r2rzQSovUz74KIY7YcYeeDcGDn1RbUkp9eX4RaHH6znRZOUnV+CjNFDNHoKIPm2
/o91hC1BOQMh3Q==
-----END CERTIFICATE-----