Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
File:                     5UmH5s-8zliuDJbnZmqyGrPi4JA.mft (raw, json)
Hash identifier:          E2Ms7VcilUqPxMDETsNvkKnRGThhFp7EXxRdQNsyI3Y=
Subject key identifier:   B5:26:D6:7A:39:9A:0E:57:95:55:E3:94:99:1B:55:97:D3:3F:23:CC
Authority key identifier: E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90
Certificate issuer:       /CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
Certificate serial:       01974967B25BE2A1FF5C9AA477A2ECCE60EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
Manifest number:          0220
Signing time:             Sat 07 Jun 2025 08:00:21 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:21 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:21 +0000
Files and hashes:         1: 5UmH5s-8zliuDJbnZmqyGrPi4JA.crl (hash: X5J2PTjmu1gXn3l6OuEwQMT4ueX7EJ3cyyiyGzjZwmc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:b2:5b:e2:a1:ff:5c:9a:a4:77:a2:ec:ce:60:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
        Validity
            Not Before: Jun  7 08:00:21 2025 GMT
            Not After : Jun  8 08:00:21 2025 GMT
        Subject: CN=b526d67a399a0e579555e394991b5597d33f23cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d7:e4:a6:22:14:0c:f2:18:7f:a5:6e:ff:32:
                    b2:e8:56:f8:bf:94:cb:a1:03:77:2e:7d:f4:35:fa:
                    53:a1:37:72:b7:1c:79:51:e0:c9:2e:3d:13:1e:6b:
                    c9:82:f6:8f:31:98:5c:d9:d4:44:d5:bf:f9:c6:e6:
                    b5:7b:f7:ba:bf:7b:82:93:67:92:bf:70:30:b2:f8:
                    c8:33:6f:09:a2:45:0d:08:cf:85:50:96:46:07:78:
                    a0:c7:a6:19:33:f3:6f:bb:d8:e0:b6:33:bc:a6:6c:
                    41:83:40:ef:0c:04:ed:02:5f:5a:bd:1e:5a:88:18:
                    22:6b:35:21:01:df:f9:4d:e2:43:ea:96:4c:2a:16:
                    27:9e:bc:cb:35:9b:f5:98:ba:87:ea:2c:fd:df:4c:
                    02:73:c9:c0:24:03:23:16:9f:a4:dc:0e:cb:9b:a5:
                    05:eb:91:f8:2c:9f:f9:d6:16:f0:c8:16:9a:e6:83:
                    ca:bd:26:e6:be:77:fc:62:5b:82:20:6d:3d:bc:35:
                    22:77:93:bd:17:c8:d1:56:36:94:5f:23:5c:cb:d9:
                    44:96:47:29:8d:d9:35:8a:99:29:59:c1:02:34:0e:
                    a4:a2:48:fb:56:5a:1c:d6:d4:a7:5b:34:51:06:f4:
                    e5:b4:94:a6:c0:9d:ef:7f:a7:25:30:f6:99:ed:23:
                    a7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:26:D6:7A:39:9A:0E:57:95:55:E3:94:99:1B:55:97:D3:3F:23:CC
            X509v3 Authority Key Identifier:
                keyid:E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:60:78:c1:09:20:b8:29:0a:70:4a:e9:54:db:9e:a6:1d:5e:
         97:62:d3:dc:db:9d:d3:1e:8d:28:7c:74:2f:50:eb:2f:a8:65:
         b3:54:05:f8:32:ef:e4:5c:79:60:4a:1e:29:34:1c:9d:d5:4f:
         57:e9:94:67:f2:f3:6e:c6:4a:e6:af:e8:21:1e:9a:07:8a:98:
         ed:12:c7:ac:f6:ea:29:1f:67:56:f1:be:0e:32:c1:e6:07:db:
         8b:28:57:f6:b7:1c:dd:a4:50:f2:5f:f3:00:41:9c:ce:57:20:
         bf:9c:ac:35:ec:eb:36:d0:3b:10:75:f8:76:b4:b5:13:d4:a6:
         e4:18:02:a8:10:a7:06:69:33:1a:19:fb:d0:f8:32:4c:65:ba:
         b3:a8:d5:ce:b5:2a:4b:40:e2:b7:f0:23:49:ba:a6:1b:9a:ed:
         2d:fb:41:82:85:d8:7b:8a:85:bc:31:21:3d:c2:38:1e:e6:3e:
         a7:3c:8b:a7:e6:5e:10:fb:0d:eb:f8:04:e3:1a:29:56:3b:10:
         c6:d3:eb:25:5e:ce:2b:c9:b5:6d:4a:86:e1:5b:ab:7a:11:d7:
         1e:03:58:15:aa:74:8e:ee:0d:16:09:cf:60:2b:7e:58:e6:39:
         a0:83:ac:b6:14:8d:1b:56:0c:c2:51:95:c9:81:75:47:5d:55:
         80:fe:30:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ7Jb4qH/XJqkd6LszmDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDk4N2U2Y2ZiY2NlNThhZTBjOTZlNzY2NmFiMjFhYjNl
MmUwOTAwHhcNMjUwNjA3MDgwMDIxWhcNMjUwNjA4MDgwMDIxWjAzMTEwLwYDVQQD
EyhiNTI2ZDY3YTM5OWEwZTU3OTU1NWUzOTQ5OTFiNTU5N2QzM2YyM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdfkpiIUDPIYf6Vu/zKy6Fb4v5TL
oQN3Ln30NfpToTdytxx5UeDJLj0THmvJgvaPMZhc2dRE1b/5xua1e/e6v3uCk2eS
v3AwsvjIM28JokUNCM+FUJZGB3igx6YZM/Nvu9jgtjO8pmxBg0DvDATtAl9avR5a
iBgiazUhAd/5TeJD6pZMKhYnnrzLNZv1mLqH6iz930wCc8nAJAMjFp+k3A7Lm6UF
65H4LJ/51hbwyBaa5oPKvSbmvnf8YluCIG09vDUid5O9F8jRVjaUXyNcy9lElkcp
jdk1ipkpWcECNA6kokj7Vloc1tSnWzRRBvTltJSmwJ3vf6clMPaZ7SOnlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLUm1no5mg5XlVXjlJkbVZfTPyPMMB8GA1UdIwQY
MBaAFOVJh+bPvM5YrgyW52Zqshqz4uCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGIt
MDBiNTIwODc1Mzc2LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGItMDBiNTIwODc1Mzc2
LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO2B4wQkg
uCkKcErpVNueph1el2LT3Nud0x6NKHx0L1DrL6hls1QF+DLv5Fx5YEoeKTQcndVP
V+mUZ/LzbsZK5q/oIR6aB4qY7RLHrPbqKR9nVvG+DjLB5gfbiyhX9rcc3aRQ8l/z
AEGczlcgv5ysNezrNtA7EHX4drS1E9Sm5BgCqBCnBmkzGhn70PgyTGW6s6jVzrUq
S0Dit/AjSbqmG5rtLftBgoXYe4qFvDEhPcI4HuY+pzyLp+ZeEPsN6/gE4xopVjsQ
xtPrJV7OK8m1bUqG4VurehHXHgNYFap0ju4NFgnPYCt+WOY5oIOsthSNG1YMwlGV
yYF1R11VgP4wqg==
-----END CERTIFICATE-----