Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          6MYJpsIDoX1KcdYfczOAEMtIK0KEk2CZA4qQdqsFB/8=
Subject key identifier:   BD:62:26:31:7D:56:13:8E:BB:F3:D9:48:09:75:BA:06:7A:28:E9:05
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       0196AF56C01AB1D9B29F70A4CB347B188740
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          04BD
Signing time:             Thu 08 May 2025 10:00:20 +0000
Manifest this update:     Thu 08 May 2025 10:00:20 +0000
Manifest next update:     Fri 09 May 2025 10:00:20 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: dBzs/uKoHZC83RCXEbAjWDK/QXdvp9xXeTxmLSyOEAk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:af:56:c0:1a:b1:d9:b2:9f:70:a4:cb:34:7b:18:87:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: May  8 10:00:20 2025 GMT
            Not After : May  9 10:00:20 2025 GMT
        Subject: CN=bd6226317d56138ebbf3d9480975ba067a28e905
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:69:5a:78:c0:8d:6f:21:dc:9b:c8:c2:34:27:
                    60:df:e8:ef:fb:e8:4c:7f:b9:1c:a4:68:b5:53:98:
                    34:0d:92:fa:49:d1:39:56:26:cf:26:c5:24:2b:82:
                    75:2b:4d:38:a4:1a:c1:50:61:5a:20:dd:99:19:a6:
                    5a:f4:85:0c:67:c4:32:b5:9f:22:95:fd:e0:35:d5:
                    75:48:3c:cc:f6:bb:05:4f:94:bc:c8:1d:7b:91:ae:
                    8e:fc:13:82:52:c2:e5:50:15:9e:4b:74:9d:b7:c9:
                    ba:19:46:8c:a2:87:58:f0:85:0f:db:db:75:a0:c4:
                    2d:bb:b1:bb:6e:eb:2b:e6:20:ca:36:be:72:a6:c8:
                    03:25:06:ec:44:3f:24:cc:a5:6a:8e:af:c9:5e:d7:
                    23:b6:38:0a:b8:db:30:46:f3:71:d1:09:58:0e:47:
                    f4:1d:f0:06:e3:5d:0f:ed:8f:d8:64:27:1c:2f:a9:
                    62:8e:77:10:f0:f6:37:a6:b3:fe:8d:5e:f3:90:62:
                    71:9a:4e:13:8d:05:91:c9:6a:9d:cc:94:ad:22:ef:
                    38:b9:49:f8:d3:b6:8f:2a:98:8b:c8:5f:e9:f9:73:
                    02:10:76:47:29:ad:4c:66:7d:b0:f8:f0:b1:49:b8:
                    95:8a:e6:0f:ca:85:79:bf:c3:f1:fe:f4:02:99:4d:
                    c2:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:62:26:31:7D:56:13:8E:BB:F3:D9:48:09:75:BA:06:7A:28:E9:05
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:5b:94:16:be:73:a7:e1:b1:36:02:59:20:90:68:36:ec:d7:
         a7:31:4f:b0:84:d1:83:05:e4:84:f6:d8:6e:30:07:71:a8:71:
         31:9b:a0:e3:08:40:02:52:ff:9d:1d:5e:e6:2f:93:09:dd:99:
         0b:50:ef:a3:83:90:11:81:e8:71:5f:8b:1a:1a:87:46:75:70:
         76:72:a3:be:bd:ec:ce:45:29:4e:53:1c:9c:ab:cf:df:1d:b1:
         79:bb:2c:ea:cd:bd:2e:89:14:d7:88:e9:16:c7:e9:d1:00:b5:
         11:03:f2:95:7e:de:ee:59:ea:69:7d:8c:98:81:5c:68:f5:8a:
         0b:bc:8d:4d:f3:fc:a0:33:4c:65:ea:ec:67:b8:a2:15:a5:a1:
         04:85:19:cf:7a:5c:2f:8b:51:5e:b2:9b:5b:d3:e6:3b:d9:fa:
         95:8a:b9:d7:5d:11:0e:9d:8b:24:0e:46:11:c4:b0:30:c2:53:
         cd:aa:13:7a:d2:30:47:f9:ea:5b:7a:cd:93:2a:05:a6:f9:3d:
         ee:18:84:55:89:6f:43:ea:16:41:a0:6d:02:9e:f8:50:b4:f6:
         6c:60:b1:4e:5b:36:d3:6d:61:59:ec:05:ed:e1:c4:5f:f0:82:
         2f:2d:36:d3:48:47:6a:79:e5:a0:72:d2:26:c1:22:fb:3c:fa:
         db:ce:dc:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZavVsAasdmyn3CkyzR7GIdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjUwNTA4MTAwMDIwWhcNMjUwNTA5MTAwMDIwWjAzMTEwLwYDVQQD
EyhiZDYyMjYzMTdkNTYxMzhlYmJmM2Q5NDgwOTc1YmEwNjdhMjhlOTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2laeMCNbyHcm8jCNCdg3+jv++hM
f7kcpGi1U5g0DZL6SdE5VibPJsUkK4J1K004pBrBUGFaIN2ZGaZa9IUMZ8QytZ8i
lf3gNdV1SDzM9rsFT5S8yB17ka6O/BOCUsLlUBWeS3Sdt8m6GUaMoodY8IUP29t1
oMQtu7G7busr5iDKNr5ypsgDJQbsRD8kzKVqjq/JXtcjtjgKuNswRvNx0QlYDkf0
HfAG410P7Y/YZCccL6lijncQ8PY3prP+jV7zkGJxmk4TjQWRyWqdzJStIu84uUn4
07aPKpiLyF/p+XMCEHZHKa1MZn2w+PCxSbiViuYPyoV5v8Px/vQCmU3C+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL1iJjF9VhOOu/PZSAl1ugZ6KOkFMB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhVuUFr5z
p+GxNgJZIJBoNuzXpzFPsITRgwXkhPbYbjAHcahxMZug4whAAlL/nR1e5i+TCd2Z
C1Dvo4OQEYHocV+LGhqHRnVwdnKjvr3szkUpTlMcnKvP3x2xebss6s29LokU14jp
Fsfp0QC1EQPylX7e7lnqaX2MmIFcaPWKC7yNTfP8oDNMZersZ7iiFaWhBIUZz3pc
L4tRXrKbW9PmO9n6lYq5110RDp2LJA5GEcSwMMJTzaoTetIwR/nqW3rNkyoFpvk9
7hiEVYlvQ+oWQaBtAp74ULT2bGCxTls2021hWewF7eHEX/CCLy0200hHannloHLS
JsEi+zz6287cFg==
-----END CERTIFICATE-----