Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9360f5-1deb-4b43-a32f-ac44bc569a78/1/5zOy6rfiNGh76X-MNdbmzD4t_Lo.mft
File:                     5zOy6rfiNGh76X-MNdbmzD4t_Lo.mft (raw, json)
Hash identifier:          WiqgTjs/gWs03xYmA9j3PBRXup4Fojbv5siIwTL13yY=
Subject key identifier:   D1:81:94:58:8B:E1:3E:05:65:76:06:67:ED:6D:EF:37:05:65:53:EF
Authority key identifier: E7:33:B2:EA:B7:E2:34:68:7B:E9:7F:8C:35:D6:E6:CC:3E:2D:FC:BA
Certificate issuer:       /CN=e733b2eab7e234687be97f8c35d6e6cc3e2dfcba
Certificate serial:       01964A4606977A1ABA309F189EE9E8E52A9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5zOy6rfiNGh76X-MNdbmzD4t_Lo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/9360f5-1deb-4b43-a32f-ac44bc569a78/1/5zOy6rfiNGh76X-MNdbmzD4t_Lo.mft
Manifest number:          14F5
Signing time:             Fri 18 Apr 2025 19:00:25 +0000
Manifest this update:     Fri 18 Apr 2025 19:00:25 +0000
Manifest next update:     Sat 19 Apr 2025 19:00:25 +0000
Files and hashes:         1: 5zOy6rfiNGh76X-MNdbmzD4t_Lo.crl (hash: 76lDWpynC4Bei/N2KYoZ27xvetvfIVy9F7I/PI+OCaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/9360f5-1deb-4b43-a32f-ac44bc569a78/1/5zOy6rfiNGh76X-MNdbmzD4t_Lo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/9360f5-1deb-4b43-a32f-ac44bc569a78/1/5zOy6rfiNGh76X-MNdbmzD4t_Lo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5zOy6rfiNGh76X-MNdbmzD4t_Lo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:46:06:97:7a:1a:ba:30:9f:18:9e:e9:e8:e5:2a:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e733b2eab7e234687be97f8c35d6e6cc3e2dfcba
        Validity
            Not Before: Apr 18 19:00:25 2025 GMT
            Not After : Apr 19 19:00:25 2025 GMT
        Subject: CN=d18194588be13e0565760667ed6def37056553ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d9:9d:ce:08:a3:88:d6:d8:d9:13:5a:99:b2:
                    8e:46:71:8e:e9:b0:e6:cb:78:33:c1:e2:21:8b:92:
                    d5:bb:d1:4a:61:68:9f:a8:7e:33:58:52:37:bf:67:
                    b2:96:44:7a:76:4c:60:b0:f0:17:61:c2:b1:99:e4:
                    a4:12:5b:05:25:96:5e:8e:24:1c:5d:32:04:3b:7b:
                    a3:27:85:ee:8e:60:c0:78:de:3b:43:ad:54:32:2b:
                    30:1d:ea:d0:1f:ae:09:b8:fd:12:ec:e4:ea:9d:12:
                    c2:e3:1e:b2:28:85:50:91:f5:69:24:19:36:33:f2:
                    a6:0e:99:4e:e8:38:aa:5a:f7:e3:48:98:2d:c9:14:
                    80:f3:82:98:4a:52:a6:2f:40:33:58:4c:38:a9:09:
                    da:a5:25:15:0c:87:42:21:1e:f6:2e:12:47:95:8a:
                    69:00:4d:f4:95:37:10:b0:20:22:d2:fb:2c:ff:49:
                    34:2d:40:8f:07:b8:e4:32:48:49:71:25:05:46:2e:
                    12:c3:48:f6:28:60:3d:5e:73:59:e5:bd:5f:00:12:
                    4c:7c:c0:4d:4d:f4:21:f3:82:bd:f6:d2:dc:b5:ae:
                    dd:fe:e0:67:f8:45:6c:f1:e5:c2:18:e7:fb:83:71:
                    80:2f:e2:40:f3:8c:4d:21:f3:da:b9:bf:05:d5:04:
                    e9:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:81:94:58:8B:E1:3E:05:65:76:06:67:ED:6D:EF:37:05:65:53:EF
            X509v3 Authority Key Identifier:
                keyid:E7:33:B2:EA:B7:E2:34:68:7B:E9:7F:8C:35:D6:E6:CC:3E:2D:FC:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zOy6rfiNGh76X-MNdbmzD4t_Lo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9360f5-1deb-4b43-a32f-ac44bc569a78/1/5zOy6rfiNGh76X-MNdbmzD4t_Lo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9360f5-1deb-4b43-a32f-ac44bc569a78/1/5zOy6rfiNGh76X-MNdbmzD4t_Lo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:5e:67:62:e4:3f:a4:af:d7:c3:b6:cd:ce:a6:79:5d:a0:93:
         74:fe:f6:2f:ce:bb:cf:6f:bb:cc:35:75:36:4a:30:82:2a:02:
         83:dd:81:01:d4:8c:6b:77:c3:d6:21:bb:7c:a6:c4:4e:15:4a:
         91:cc:04:b7:8d:43:1e:5b:cf:0b:af:9b:71:54:5e:9b:29:3f:
         d4:5b:61:9a:25:7a:96:ba:b5:65:8e:fc:46:a1:d6:15:95:26:
         3d:82:e5:d9:c5:16:1a:a6:ed:83:4a:7c:45:1b:40:be:82:65:
         39:fc:fe:25:7a:dd:b2:90:e8:cd:aa:d3:77:53:5a:5c:58:a0:
         b5:35:be:0c:8c:f5:20:5d:cd:07:3d:b3:cd:fe:82:c3:6d:b5:
         7b:38:7b:bd:7a:0e:f7:50:d3:ab:c4:9c:ad:aa:5b:48:e7:42:
         aa:d1:da:a2:08:37:23:67:f7:0c:c6:17:6c:00:04:ae:56:6e:
         3a:a2:4b:2c:b5:8f:a7:96:9b:27:b8:61:1d:78:d5:28:67:f7:
         38:26:9b:1f:ad:c5:98:13:88:ea:4e:4e:6d:6b:99:61:26:4a:
         09:40:12:16:b0:6b:18:db:ec:c0:a9:cd:54:76:c3:5e:a7:85:
         fd:e7:a7:df:59:dc:35:fb:1f:c8:e2:f9:87:bf:53:7a:36:34:
         9e:c8:e2:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZKRgaXehq6MJ8Ynuno5SqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MzNiMmVhYjdlMjM0Njg3YmU5N2Y4YzM1ZDZlNmNjM2Uy
ZGZjYmEwHhcNMjUwNDE4MTkwMDI1WhcNMjUwNDE5MTkwMDI1WjAzMTEwLwYDVQQD
EyhkMTgxOTQ1ODhiZTEzZTA1NjU3NjA2NjdlZDZkZWYzNzA1NjU1M2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNmdzgijiNbY2RNambKORnGO6bDm
y3gzweIhi5LVu9FKYWifqH4zWFI3v2eylkR6dkxgsPAXYcKxmeSkElsFJZZejiQc
XTIEO3ujJ4XujmDAeN47Q61UMiswHerQH64JuP0S7OTqnRLC4x6yKIVQkfVpJBk2
M/KmDplO6DiqWvfjSJgtyRSA84KYSlKmL0AzWEw4qQnapSUVDIdCIR72LhJHlYpp
AE30lTcQsCAi0vss/0k0LUCPB7jkMkhJcSUFRi4Sw0j2KGA9XnNZ5b1fABJMfMBN
TfQh84K99tLcta7d/uBn+EVs8eXCGOf7g3GAL+JA84xNIfPaub8F1QTpqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGBlFiL4T4FZXYGZ+1t7zcFZVPvMB8GA1UdIwQY
MBaAFOczsuq34jRoe+l/jDXW5sw+Lfy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXpPeTZyZmlOR2g3NlgtTU5kYm16RDR0X0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85MzYwZjUtMWRlYi00YjQzLWEzMmYt
YWM0NGJjNTY5YTc4LzEvNXpPeTZyZmlOR2g3NlgtTU5kYm16RDR0X0xvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85MzYwZjUtMWRlYi00YjQzLWEzMmYtYWM0NGJjNTY5YTc4
LzEvNXpPeTZyZmlOR2g3NlgtTU5kYm16RDR0X0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKl5nYuQ/
pK/Xw7bNzqZ5XaCTdP72L867z2+7zDV1NkowgioCg92BAdSMa3fD1iG7fKbEThVK
kcwEt41DHlvPC6+bcVRemyk/1FthmiV6lrq1ZY78RqHWFZUmPYLl2cUWGqbtg0p8
RRtAvoJlOfz+JXrdspDozarTd1NaXFigtTW+DIz1IF3NBz2zzf6Cw221ezh7vXoO
91DTq8ScrapbSOdCqtHaogg3I2f3DMYXbAAErlZuOqJLLLWPp5abJ7hhHXjVKGf3
OCabH63FmBOI6k5ObWuZYSZKCUASFrBrGNvswKnNVHbDXqeF/een31ncNfsfyOL5
h79TejY0nsjiGQ==
-----END CERTIFICATE-----