Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          JifImcdjA5dFuI/ioNtX6ydaprodb8oynGEQIy75VRE=
Subject key identifier:   C1:0B:42:C5:AF:D3:DC:DE:E5:03:47:CC:EA:B0:FD:6E:C3:C7:D8:02
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       0196C539BDEA5DC6DDE2E45BE3A5B983BFDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          1001
Signing time:             Mon 12 May 2025 16:00:17 +0000
Manifest this update:     Mon 12 May 2025 16:00:17 +0000
Manifest next update:     Tue 13 May 2025 16:00:17 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: AahuL933PPTxZDW6Fi1uuSseQQuhUpbqMYtlaYX52mg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:39:bd:ea:5d:c6:dd:e2:e4:5b:e3:a5:b9:83:bf:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: May 12 16:00:17 2025 GMT
            Not After : May 13 16:00:17 2025 GMT
        Subject: CN=c10b42c5afd3dcdee50347cceab0fd6ec3c7d802
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:88:6b:41:b7:fc:e5:de:07:f4:d9:9f:18:9e:
                    04:62:b9:6c:c2:9f:70:27:80:d2:1e:29:36:07:fa:
                    5c:cd:65:f9:4c:e0:de:07:b5:fe:a7:61:9d:42:74:
                    db:12:67:ab:7d:52:58:df:53:db:f8:41:d8:e6:6d:
                    c2:39:df:74:80:72:53:2e:83:af:5b:de:c7:ec:74:
                    71:8b:8b:81:ae:6e:7d:c1:38:b8:ce:c9:26:7b:7a:
                    a4:2c:e4:9f:d7:33:ba:5d:49:3a:c3:a7:cb:01:e9:
                    db:5b:85:1c:4f:cc:64:aa:d9:82:55:6a:e5:75:fe:
                    59:3a:68:23:69:93:10:91:8a:c2:dc:ef:a8:d2:56:
                    32:c0:07:f1:9f:a7:88:30:3b:2f:5a:80:82:fd:98:
                    99:e6:8b:d3:23:25:71:e2:66:70:f5:b2:1a:77:25:
                    dc:8d:2c:5d:a9:98:0f:83:4d:99:3e:6c:5a:92:f8:
                    4d:bc:99:f8:94:3c:7d:cd:5d:39:65:78:a8:f8:20:
                    cd:b4:80:3c:68:0c:4e:18:e3:10:17:40:a6:b2:c7:
                    c2:8e:8d:33:f9:ee:76:a1:5b:e6:eb:08:10:cf:9c:
                    0a:bf:fb:7a:99:d8:f5:b4:ff:2e:e1:e8:f8:64:8a:
                    db:11:c9:54:8a:25:46:49:a0:51:a1:85:04:f1:ca:
                    c0:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:0B:42:C5:AF:D3:DC:DE:E5:03:47:CC:EA:B0:FD:6E:C3:C7:D8:02
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:23:9b:69:b1:1e:74:2d:d8:da:67:ff:7d:a3:aa:ec:fb:66:
         33:1d:de:2a:74:76:00:98:6a:84:56:49:ef:32:ef:c4:df:73:
         f8:d0:09:c4:d0:1e:38:44:cd:e7:0a:97:97:65:98:15:cf:28:
         52:88:b6:ed:08:81:16:65:22:0c:3f:1a:36:90:6e:ec:94:3a:
         26:08:15:1c:c4:6e:5f:03:56:47:93:58:ab:62:47:59:55:c5:
         b8:ec:a6:3a:e2:c0:de:1c:81:96:4f:c4:a5:31:0a:0a:77:20:
         ae:22:ea:ee:86:bd:3a:6a:5a:95:f3:20:0f:1a:ea:4f:f2:75:
         27:de:a6:18:31:79:78:ae:13:ee:ed:51:10:e5:d4:dc:3d:ec:
         d5:7f:2e:2c:31:7c:3f:22:7f:6a:aa:50:3e:e3:47:b4:cd:f4:
         c1:b8:fc:37:7b:84:fb:7e:49:2a:9a:16:35:0d:82:26:e3:24:
         fe:d3:45:41:98:91:f5:bd:57:26:e9:33:ec:c3:03:6c:c2:b7:
         3f:25:c0:ec:85:4b:3a:c2:eb:0a:92:be:2d:54:e1:cc:0a:b3:
         e8:38:30:44:d5:72:6c:f6:c2:0e:8a:da:c4:26:81:42:91:42:
         4b:19:c4:8e:93:aa:d8:1d:71:c8:ac:0e:4a:bf:7b:71:5a:f6:
         e6:17:d4:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOb3qXcbd4uRb46W5g7/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjUwNTEyMTYwMDE3WhcNMjUwNTEzMTYwMDE3WjAzMTEwLwYDVQQD
EyhjMTBiNDJjNWFmZDNkY2RlZTUwMzQ3Y2NlYWIwZmQ2ZWMzYzdkODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YhrQbf85d4H9NmfGJ4EYrlswp9w
J4DSHik2B/pczWX5TODeB7X+p2GdQnTbEmerfVJY31Pb+EHY5m3COd90gHJTLoOv
W97H7HRxi4uBrm59wTi4zskme3qkLOSf1zO6XUk6w6fLAenbW4UcT8xkqtmCVWrl
df5ZOmgjaZMQkYrC3O+o0lYywAfxn6eIMDsvWoCC/ZiZ5ovTIyVx4mZw9bIadyXc
jSxdqZgPg02ZPmxakvhNvJn4lDx9zV05ZXio+CDNtIA8aAxOGOMQF0CmssfCjo0z
+e52oVvm6wgQz5wKv/t6mdj1tP8u4ej4ZIrbEclUiiVGSaBRoYUE8crAaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMELQsWv09ze5QNHzOqw/W7Dx9gCMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiiObabEe
dC3Y2mf/faOq7PtmMx3eKnR2AJhqhFZJ7zLvxN9z+NAJxNAeOETN5wqXl2WYFc8o
Uoi27QiBFmUiDD8aNpBu7JQ6JggVHMRuXwNWR5NYq2JHWVXFuOymOuLA3hyBlk/E
pTEKCncgriLq7oa9OmpalfMgDxrqT/J1J96mGDF5eK4T7u1REOXU3D3s1X8uLDF8
PyJ/aqpQPuNHtM30wbj8N3uE+35JKpoWNQ2CJuMk/tNFQZiR9b1XJukz7MMDbMK3
PyXA7IVLOsLrCpK+LVThzAqz6DgwRNVybPbCDoraxCaBQpFCSxnEjpOq2B1xyKwO
Sr97cVr25hfUTQ==
-----END CERTIFICATE-----