Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          QGHYmbtzv/SdiJWIpq0VzAMdxEgaI3dgxEjIQ5zXgd0=
Subject key identifier:   03:5D:D9:46:CF:ED:EC:A4:FD:12:66:0A:2A:0C:74:A8:BD:97:9A:28
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       0196C8724FCAFFB0474E666ECBE1E7DD864C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          135F
Signing time:             Tue 13 May 2025 07:00:56 +0000
Manifest this update:     Tue 13 May 2025 07:00:56 +0000
Manifest next update:     Wed 14 May 2025 07:00:56 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: bAFE3ErQS9KofdOQZU+yal81ovtZXBu7IKj9J5BzdxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 07:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:72:4f:ca:ff:b0:47:4e:66:6e:cb:e1:e7:dd:86:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: May 13 07:00:56 2025 GMT
            Not After : May 14 07:00:56 2025 GMT
        Subject: CN=035dd946cfedeca4fd12660a2a0c74a8bd979a28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d4:eb:dd:e5:bb:0c:a4:8b:37:7e:f3:53:2b:
                    00:ac:65:5a:4b:11:dd:39:3a:78:9c:26:e0:27:91:
                    1f:d5:a7:93:37:45:06:d8:3d:00:63:4c:0e:ae:65:
                    e9:b7:6a:e4:ab:99:56:24:24:92:90:b9:5c:91:80:
                    14:97:e3:5c:e7:6d:3a:0a:a1:2d:f4:3f:6f:47:bf:
                    39:f5:7e:0e:20:cc:ab:a1:16:10:7d:30:8e:d5:96:
                    d8:4c:f5:6f:4b:73:68:eb:66:8d:07:61:8f:77:fb:
                    2d:9e:aa:8a:fa:c9:29:e4:1e:ac:9e:5c:1c:56:fc:
                    4f:0f:88:89:59:60:7f:ee:07:5c:e7:26:e7:18:98:
                    56:5e:0c:7d:08:4e:e6:74:f2:2b:b8:5e:62:e2:ff:
                    6d:00:e8:d3:b3:c0:85:18:4c:2d:10:89:e7:db:9a:
                    b2:a8:99:e6:91:4f:eb:9b:85:7a:7e:bd:92:db:81:
                    76:f6:4e:ae:04:34:aa:fd:cb:4a:a6:b5:37:98:db:
                    ea:53:65:f1:f0:c2:9d:e4:e0:90:23:01:e2:c8:4e:
                    50:14:c7:93:b5:6e:da:d5:f3:93:bb:02:20:f5:75:
                    5f:0a:cc:25:40:1f:49:92:62:21:93:8c:3d:dc:a1:
                    07:7f:00:d6:35:cd:54:e9:01:af:06:eb:31:b7:b4:
                    30:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:5D:D9:46:CF:ED:EC:A4:FD:12:66:0A:2A:0C:74:A8:BD:97:9A:28
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:26:3f:de:cb:0e:12:ea:e1:e1:0f:86:d4:e7:61:27:20:aa:
         24:4c:33:a4:c3:6d:3b:f2:70:e7:6b:13:d0:8d:d8:68:29:f4:
         42:09:43:92:87:99:c2:c7:b3:9b:a7:d3:c8:ae:4b:68:b3:9e:
         d3:9a:c7:d0:32:b7:4a:86:56:30:09:68:0b:b5:35:fc:43:25:
         37:e4:4d:4e:ba:5d:6b:1f:7f:a1:0a:cc:36:21:73:06:fa:7b:
         ae:31:c0:67:30:f1:38:ca:fa:76:a3:08:b0:b5:ea:17:04:99:
         b5:7e:d5:ae:66:b0:be:3c:8f:6e:e1:02:a5:c2:00:2b:37:01:
         b7:ed:a3:47:8a:f6:8c:fa:d7:02:d7:6b:eb:f8:36:3b:ae:66:
         30:3f:8e:da:a3:57:75:18:3e:77:ae:46:79:5b:7d:89:5b:c6:
         9f:00:46:b9:f0:6a:a4:e4:db:de:e3:ee:4e:28:fd:32:48:01:
         29:83:00:98:53:1f:86:cf:f7:3e:71:ef:b4:d6:a4:df:95:2b:
         62:87:12:df:65:11:d8:20:b6:a5:ee:8f:ad:f3:07:d0:e6:81:
         ae:2e:25:bf:a7:52:5f:9f:9b:ab:e1:b1:f6:3c:bc:89:ba:f5:
         70:8b:10:02:99:94:45:a6:f3:0a:6c:86:ef:22:00:2d:fe:a8:
         66:55:35:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIck/K/7BHTmZuy+Hn3YZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUwNTEzMDcwMDU2WhcNMjUwNTE0MDcwMDU2WjAzMTEwLwYDVQQD
EygwMzVkZDk0NmNmZWRlY2E0ZmQxMjY2MGEyYTBjNzRhOGJkOTc5YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptTr3eW7DKSLN37zUysArGVaSxHd
OTp4nCbgJ5Ef1aeTN0UG2D0AY0wOrmXpt2rkq5lWJCSSkLlckYAUl+Nc5206CqEt
9D9vR7859X4OIMyroRYQfTCO1ZbYTPVvS3No62aNB2GPd/stnqqK+skp5B6snlwc
VvxPD4iJWWB/7gdc5ybnGJhWXgx9CE7mdPIruF5i4v9tAOjTs8CFGEwtEInn25qy
qJnmkU/rm4V6fr2S24F29k6uBDSq/ctKprU3mNvqU2Xx8MKd5OCQIwHiyE5QFMeT
tW7a1fOTuwIg9XVfCswlQB9JkmIhk4w93KEHfwDWNc1U6QGvBusxt7QwqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANd2UbP7eyk/RJmCioMdKi9l5ooMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANiY/3ssO
Eurh4Q+G1OdhJyCqJEwzpMNtO/Jw52sT0I3YaCn0QglDkoeZwsezm6fTyK5LaLOe
05rH0DK3SoZWMAloC7U1/EMlN+RNTrpdax9/oQrMNiFzBvp7rjHAZzDxOMr6dqMI
sLXqFwSZtX7VrmawvjyPbuECpcIAKzcBt+2jR4r2jPrXAtdr6/g2O65mMD+O2qNX
dRg+d65GeVt9iVvGnwBGufBqpOTb3uPuTij9MkgBKYMAmFMfhs/3PnHvtNak35Ur
YocS32UR2CC2pe6PrfMH0OaBri4lv6dSX5+bq+Gx9jy8ibr1cIsQApmURabzCmyG
7yIALf6oZlU1BQ==
-----END CERTIFICATE-----