Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          /8g9wv1GC59so9dyNB3TQJ1fkQcKZtRCGhJ8B6J9AKw=
Subject key identifier:   41:C5:E7:BD:10:79:4E:B5:68:B7:99:2A:44:CA:AC:31:C8:6F:04:C7
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       0197488C208DEAF270669143CDA949C93026
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          0EAD
Signing time:             Sat 07 Jun 2025 04:00:32 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:32 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:32 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: 8xwGShp1rwKpfJnQelZdfPMGVahY1OkuG80+5OTGF/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:20:8d:ea:f2:70:66:91:43:cd:a9:49:c9:30:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Jun  7 04:00:32 2025 GMT
            Not After : Jun  8 04:00:32 2025 GMT
        Subject: CN=41c5e7bd10794eb568b7992a44caac31c86f04c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:22:0b:5e:a2:03:69:2e:da:94:4b:57:e6:39:
                    ca:47:73:db:e3:1f:ab:6f:87:7b:09:13:00:f4:01:
                    11:f3:05:67:4c:f9:00:aa:21:4b:0a:ca:16:4e:a2:
                    63:76:e0:76:47:a8:92:59:91:ef:8c:0a:62:d1:32:
                    95:ac:5d:47:f9:79:ab:85:e1:b3:98:91:9e:46:d8:
                    1f:75:b1:21:c9:ca:79:b9:8e:c5:ec:a5:6a:34:fd:
                    e3:8a:2d:5e:56:e0:d3:87:a8:b2:50:f0:7b:2b:3a:
                    3a:1f:74:bd:fd:17:db:8d:00:a8:ea:ef:92:90:7e:
                    9a:6a:50:6c:ab:c0:38:e2:2d:a4:3d:3b:d7:73:80:
                    3c:e6:55:63:c1:1f:c6:c5:27:7e:91:16:37:9a:83:
                    73:bd:4b:f2:d1:f9:c6:d5:65:5e:46:2a:76:d0:63:
                    90:ab:35:7c:98:4e:ac:d9:af:56:bc:4b:e1:ac:a7:
                    18:7b:1d:fd:c2:80:1f:28:58:75:b1:21:3b:17:3f:
                    0a:f5:05:93:95:20:57:4b:52:16:5a:19:ad:c7:7b:
                    bf:2b:3f:e4:77:06:7f:a8:04:a4:bb:3e:34:f3:8d:
                    9c:26:31:2c:e9:9f:66:fd:f7:dd:37:75:b9:85:43:
                    21:57:8d:f3:cb:38:3d:cd:3d:71:c4:82:9c:fa:b8:
                    3d:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:C5:E7:BD:10:79:4E:B5:68:B7:99:2A:44:CA:AC:31:C8:6F:04:C7
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:aa:63:b7:de:35:88:58:98:a4:22:9f:c5:97:3b:a6:7e:56:
         30:7f:4b:8e:72:aa:88:cb:64:07:73:7e:2b:1c:1d:d2:fd:1e:
         31:9a:96:53:42:a3:f4:85:b4:b7:58:2e:e5:a3:8e:b3:64:5c:
         f3:27:88:8e:69:81:6d:13:4c:c3:d3:1d:19:ba:46:7e:44:80:
         e7:e2:b5:af:85:92:6d:5e:21:4d:92:0a:d9:f4:7c:60:f5:d5:
         57:04:28:b5:e2:9b:35:15:3d:fb:2c:66:bb:e2:c3:da:f6:83:
         24:e0:87:1b:eb:da:11:97:27:6a:4e:63:25:0e:e3:0d:fb:d1:
         72:94:4e:e3:d5:c0:1b:56:f1:48:7e:fb:6e:ca:b0:d5:d2:94:
         ee:38:2d:14:61:c6:e7:4f:f6:20:5f:7e:08:ec:73:f5:82:21:
         30:8e:a8:09:0c:20:4d:ee:43:b5:e4:03:3d:64:1d:14:55:fe:
         2b:a6:35:4a:63:9d:cc:1d:eb:36:9d:54:4f:2d:db:42:fa:bc:
         ee:c7:ab:86:36:d4:2a:9d:eb:2a:fa:f4:1f:4d:84:b3:89:b4:
         96:13:30:98:c9:0b:2e:33:22:5e:10:68:b0:78:b6:a2:fa:16:
         04:6e:d9:e7:6d:53:cd:9e:64:e5:51:c1:d8:51:70:13:eb:69:
         d0:20:20:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjCCN6vJwZpFDzalJyTAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjUwNjA3MDQwMDMyWhcNMjUwNjA4MDQwMDMyWjAzMTEwLwYDVQQD
Eyg0MWM1ZTdiZDEwNzk0ZWI1NjhiNzk5MmE0NGNhYWMzMWM4NmYwNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyILXqIDaS7alEtX5jnKR3Pb4x+r
b4d7CRMA9AER8wVnTPkAqiFLCsoWTqJjduB2R6iSWZHvjApi0TKVrF1H+XmrheGz
mJGeRtgfdbEhycp5uY7F7KVqNP3jii1eVuDTh6iyUPB7Kzo6H3S9/RfbjQCo6u+S
kH6aalBsq8A44i2kPTvXc4A85lVjwR/GxSd+kRY3moNzvUvy0fnG1WVeRip20GOQ
qzV8mE6s2a9WvEvhrKcYex39woAfKFh1sSE7Fz8K9QWTlSBXS1IWWhmtx3u/Kz/k
dwZ/qASkuz40842cJjEs6Z9m/ffdN3W5hUMhV43zyzg9zT1xxIKc+rg9hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHF570QeU61aLeZKkTKrDHIbwTHMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMapjt941
iFiYpCKfxZc7pn5WMH9LjnKqiMtkB3N+Kxwd0v0eMZqWU0Kj9IW0t1gu5aOOs2Rc
8yeIjmmBbRNMw9MdGbpGfkSA5+K1r4WSbV4hTZIK2fR8YPXVVwQoteKbNRU9+yxm
u+LD2vaDJOCHG+vaEZcnak5jJQ7jDfvRcpRO49XAG1bxSH77bsqw1dKU7jgtFGHG
50/2IF9+COxz9YIhMI6oCQwgTe5DteQDPWQdFFX+K6Y1SmOdzB3rNp1UTy3bQvq8
7serhjbUKp3rKvr0H02Es4m0lhMwmMkLLjMiXhBosHi2ovoWBG7Z521TzZ5k5VHB
2FFwE+tp0CAgOA==
-----END CERTIFICATE-----