Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
File:                     5UmH5s-8zliuDJbnZmqyGrPi4JA.mft (raw, json)
Hash identifier:          M2hG/KEvmpFHTdKCy6AYUXTE44ixor9KUKRDvyUkSoo=
Subject key identifier:   CF:19:A7:AF:10:19:03:79:82:3C:C4:99:58:BB:91:32:70:D3:3A:BC
Authority key identifier: E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90
Certificate issuer:       /CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
Certificate serial:       01958B4D623E3C27143D1D085E31E3BBEC58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
Manifest number:          0139
Signing time:             Wed 12 Mar 2025 17:00:59 +0000
Manifest this update:     Wed 12 Mar 2025 17:00:59 +0000
Manifest next update:     Thu 13 Mar 2025 17:00:59 +0000
Files and hashes:         1: 5UmH5s-8zliuDJbnZmqyGrPi4JA.crl (hash: aHVfMkAdueLh8+73IJs5kTac6BWanYfMeipS3sb90wA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 17:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:4d:62:3e:3c:27:14:3d:1d:08:5e:31:e3:bb:ec:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
        Validity
            Not Before: Mar 12 17:00:59 2025 GMT
            Not After : Mar 13 17:00:59 2025 GMT
        Subject: CN=cf19a7af10190379823cc49958bb913270d33abc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9a:ab:cd:f5:85:0e:60:42:7e:f9:2d:22:48:
                    58:d1:bf:f3:2b:ad:4b:a5:2d:90:75:fd:ff:bb:cf:
                    50:d6:57:ca:0c:a0:04:28:bc:54:be:73:c5:ce:3c:
                    a7:79:86:d6:66:27:44:88:5a:f7:d3:65:8e:9b:6b:
                    d9:2b:ef:c0:58:91:f8:8b:8e:84:b3:8e:9c:94:53:
                    e3:d3:a6:00:6f:25:40:aa:fb:de:64:83:ca:bf:86:
                    ba:e7:5e:be:1e:dc:11:4e:dc:62:32:11:eb:05:5a:
                    2e:36:c7:15:82:3c:8e:19:28:d2:3a:8e:b0:1a:71:
                    65:3f:88:67:09:15:b0:36:71:7d:15:35:14:90:a8:
                    34:cb:16:f0:21:45:b2:39:a1:b3:9a:77:95:b5:8d:
                    95:31:41:aa:6e:e3:27:d5:3e:63:b0:b6:5f:87:89:
                    65:ea:b5:40:2a:bf:97:92:a7:1d:6c:4c:30:37:78:
                    71:21:4b:56:20:34:c6:c2:bc:21:a7:9b:ba:63:ec:
                    79:ca:ec:94:a9:70:f5:f6:8f:dd:82:3f:0e:57:fe:
                    f4:4a:a9:f4:b8:a9:88:d5:5c:ec:6e:33:92:4d:6c:
                    8b:84:29:88:95:82:9c:c4:1e:b5:10:50:7c:21:9a:
                    95:ea:ce:72:83:83:12:fa:43:63:79:7a:63:50:04:
                    d9:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:19:A7:AF:10:19:03:79:82:3C:C4:99:58:BB:91:32:70:D3:3A:BC
            X509v3 Authority Key Identifier:
                keyid:E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:7f:b8:d7:01:43:8b:a9:2b:25:14:d3:6a:2e:d5:9d:fb:16:
         24:07:ca:6f:c2:16:cd:0e:7c:fd:f4:32:d7:e6:fc:b8:d4:08:
         c5:2b:e3:ff:2a:1d:55:57:26:3b:d7:29:0a:26:7c:c9:74:59:
         43:3e:d6:03:fa:cf:9e:c9:09:a4:c0:19:16:09:09:cd:33:3b:
         e6:b0:ee:58:63:a6:0d:3a:25:6f:52:c5:cf:d0:ff:69:fb:50:
         1e:78:b1:4b:15:6a:32:bb:99:75:e8:b2:b0:27:b8:da:3c:34:
         02:19:bd:54:65:38:2c:85:53:a4:37:0e:45:22:aa:83:89:47:
         43:5e:bd:bb:5f:b4:93:f9:28:d4:7f:d2:51:a1:6b:24:ab:e9:
         3e:3a:aa:bd:2e:c6:da:aa:19:50:ed:76:aa:b0:06:33:3b:72:
         e7:12:9c:b1:55:ca:c0:8f:13:dd:7b:3f:d4:77:f5:da:e8:2d:
         ff:41:59:df:e2:65:cc:f5:0a:a3:4a:79:a1:1a:ed:1a:5f:d3:
         37:be:09:4b:09:60:c5:72:56:f6:3e:c3:17:3b:0b:d7:fd:df:
         3e:a6:20:dc:b0:82:62:80:7c:b3:a7:43:31:af:c3:ec:3e:bb:
         be:47:f2:c2:6c:26:a3:e3:3b:f1:09:63:84:68:26:d0:74:42:
         d0:2b:cd:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLTWI+PCcUPR0IXjHju+xYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDk4N2U2Y2ZiY2NlNThhZTBjOTZlNzY2NmFiMjFhYjNl
MmUwOTAwHhcNMjUwMzEyMTcwMDU5WhcNMjUwMzEzMTcwMDU5WjAzMTEwLwYDVQQD
EyhjZjE5YTdhZjEwMTkwMzc5ODIzY2M0OTk1OGJiOTEzMjcwZDMzYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJqrzfWFDmBCfvktIkhY0b/zK61L
pS2Qdf3/u89Q1lfKDKAEKLxUvnPFzjyneYbWZidEiFr302WOm2vZK+/AWJH4i46E
s46clFPj06YAbyVAqvveZIPKv4a6516+HtwRTtxiMhHrBVouNscVgjyOGSjSOo6w
GnFlP4hnCRWwNnF9FTUUkKg0yxbwIUWyOaGzmneVtY2VMUGqbuMn1T5jsLZfh4ll
6rVAKr+XkqcdbEwwN3hxIUtWIDTGwrwhp5u6Y+x5yuyUqXD19o/dgj8OV/70Sqn0
uKmI1VzsbjOSTWyLhCmIlYKcxB61EFB8IZqV6s5yg4MS+kNjeXpjUATZ6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8Zp68QGQN5gjzEmVi7kTJw0zq8MB8GA1UdIwQY
MBaAFOVJh+bPvM5YrgyW52Zqshqz4uCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGIt
MDBiNTIwODc1Mzc2LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGItMDBiNTIwODc1Mzc2
LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASH+41wFD
i6krJRTTai7VnfsWJAfKb8IWzQ58/fQy1+b8uNQIxSvj/yodVVcmO9cpCiZ8yXRZ
Qz7WA/rPnskJpMAZFgkJzTM75rDuWGOmDTolb1LFz9D/aftQHnixSxVqMruZdeiy
sCe42jw0Ahm9VGU4LIVTpDcORSKqg4lHQ169u1+0k/ko1H/SUaFrJKvpPjqqvS7G
2qoZUO12qrAGMzty5xKcsVXKwI8T3Xs/1Hf12ugt/0FZ3+JlzPUKo0p5oRrtGl/T
N74JSwlgxXJW9j7DFzsL1/3fPqYg3LCCYoB8s6dDMa/D7D67vkfywmwmo+M78Qlj
hGgm0HRC0CvNAQ==
-----END CERTIFICATE-----