Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
File:                     5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json)
Hash identifier:          ll+lUA/tn825uyP994SZpqXUFgjQ8gkqSLlaEyxI588=
Subject key identifier:   40:95:B4:1C:2B:8F:02:A1:99:C4:AB:C0:03:7E:ED:8F:38:46:A7:57
Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA
Certificate issuer:       /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
Certificate serial:       0196B5C7208E6A83715D81B5C219DFA9D866
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
Manifest number:          084D
Signing time:             Fri 09 May 2025 16:00:47 +0000
Manifest this update:     Fri 09 May 2025 16:00:47 +0000
Manifest next update:     Sat 10 May 2025 16:00:47 +0000
Files and hashes:         1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: lHhck7OTumWjsTXBiBGRzuD6CbYcqRcDiYQFlDWfMXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 16:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b5:c7:20:8e:6a:83:71:5d:81:b5:c2:19:df:a9:d8:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
        Validity
            Not Before: May  9 16:00:47 2025 GMT
            Not After : May 10 16:00:47 2025 GMT
        Subject: CN=4095b41c2b8f02a199c4abc0037eed8f3846a757
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e8:18:5a:76:7b:6c:6f:ef:bc:d9:fb:0c:a8:
                    aa:b8:27:55:b1:c6:37:59:6b:48:ea:5a:27:53:7c:
                    59:e7:0b:7a:52:9d:ee:a7:23:39:45:0b:1e:b1:6a:
                    c4:a1:aa:65:7c:f0:1e:37:3a:16:bf:dc:c8:74:59:
                    21:0c:4c:c5:de:c5:b4:7e:c5:54:d9:7f:7c:c0:20:
                    19:16:24:c0:a4:e1:0a:af:67:05:51:21:37:df:d7:
                    f7:2a:13:78:b8:dc:fd:6a:83:aa:a8:7c:41:7b:6a:
                    1e:a3:35:ed:57:0b:4f:9e:be:1e:7c:fa:a6:de:cb:
                    1a:22:b5:1d:8f:37:df:39:f1:4c:cf:cd:4c:a7:fc:
                    48:28:22:94:1a:c6:72:14:2c:05:e8:b3:a4:2c:c3:
                    27:ec:04:41:0c:78:b9:e2:80:d8:fb:82:87:76:8c:
                    f6:26:c1:c4:25:0b:76:88:50:38:9a:5e:02:8e:71:
                    6c:81:91:1e:8e:9b:49:3b:7b:a3:6e:48:b6:fb:be:
                    92:49:21:d7:76:c6:88:fb:1d:78:42:81:f1:24:f6:
                    1d:78:92:a7:3e:40:1c:81:75:e6:db:82:a0:aa:1f:
                    8e:b6:bd:14:11:17:f9:5a:78:aa:bd:af:f4:b6:89:
                    8b:e8:5e:2f:d0:df:1b:39:d7:42:18:20:56:2b:38:
                    7b:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:95:B4:1C:2B:8F:02:A1:99:C4:AB:C0:03:7E:ED:8F:38:46:A7:57
            X509v3 Authority Key Identifier:
                keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:08:54:32:7c:ac:e1:57:70:3c:18:a6:9a:58:d5:98:24:77:
         d4:1e:a7:49:9f:47:98:cf:ac:70:07:86:8c:45:e9:4e:e1:ed:
         27:f8:37:10:e5:9d:05:8b:1d:d6:b8:f0:a8:e6:c4:8b:97:ba:
         19:12:35:26:e1:49:27:18:ae:c3:8e:41:89:03:b9:11:2d:cf:
         a7:90:37:6a:8e:4b:d3:48:e2:8c:d0:ca:09:6e:d2:76:ce:54:
         cc:0a:0e:11:43:cc:da:62:e0:33:88:11:34:9c:58:93:40:b3:
         82:b8:b3:07:07:7e:ab:18:fc:77:ba:3c:93:71:88:a3:99:87:
         84:88:14:4e:bf:1f:52:3b:ea:c2:61:b3:66:d7:2f:a0:03:88:
         2f:00:71:95:48:0a:6b:70:7d:0b:32:ba:b6:86:71:0e:be:79:
         36:95:fb:bb:35:1c:17:89:9b:40:f5:88:00:5a:b0:9f:e6:62:
         99:2a:67:02:ab:b4:02:fb:42:43:ba:71:75:6a:93:ef:d1:bf:
         23:c9:2a:b6:9b:57:46:19:da:71:d6:fb:cf:e1:b2:e6:be:0b:
         58:af:12:ec:71:f9:74:b7:65:14:ab:0e:5d:0a:18:3f:40:f7:
         d8:f8:a8:7a:02:09:4f:b4:ae:96:62:19:cc:d4:d7:ef:ea:00:
         aa:52:c4:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa1xyCOaoNxXYG1whnfqdhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5
NDM5ZmEwHhcNMjUwNTA5MTYwMDQ3WhcNMjUwNTEwMTYwMDQ3WjAzMTEwLwYDVQQD
Eyg0MDk1YjQxYzJiOGYwMmExOTljNGFiYzAwMzdlZWQ4ZjM4NDZhNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtugYWnZ7bG/vvNn7DKiquCdVscY3
WWtI6lonU3xZ5wt6Up3upyM5RQsesWrEoaplfPAeNzoWv9zIdFkhDEzF3sW0fsVU
2X98wCAZFiTApOEKr2cFUSE339f3KhN4uNz9aoOqqHxBe2oeozXtVwtPnr4efPqm
3ssaIrUdjzffOfFMz81Mp/xIKCKUGsZyFCwF6LOkLMMn7ARBDHi54oDY+4KHdoz2
JsHEJQt2iFA4ml4CjnFsgZEejptJO3ujbki2+76SSSHXdsaI+x14QoHxJPYdeJKn
PkAcgXXm24Kgqh+Otr0UERf5Wniqva/0tomL6F4v0N8bOddCGCBWKzh7SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECVtBwrjwKhmcSrwAN+7Y84RqdXMB8GA1UdIwQY
MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt
MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2
LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHQhUMnys
4VdwPBimmljVmCR31B6nSZ9HmM+scAeGjEXpTuHtJ/g3EOWdBYsd1rjwqObEi5e6
GRI1JuFJJxiuw45BiQO5ES3Pp5A3ao5L00jijNDKCW7Sds5UzAoOEUPM2mLgM4gR
NJxYk0CzgrizBwd+qxj8d7o8k3GIo5mHhIgUTr8fUjvqwmGzZtcvoAOILwBxlUgK
a3B9CzK6toZxDr55NpX7uzUcF4mbQPWIAFqwn+ZimSpnAqu0AvtCQ7pxdWqT79G/
I8kqtptXRhnacdb7z+Gy5r4LWK8S7HH5dLdlFKsOXQoYP0D32PioegIJT7SulmIZ
zNTX7+oAqlLE2A==
-----END CERTIFICATE-----