Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
File:                     5_y3rNVfY0m52BRheGwSRY-G9y4.mft (raw, json)
Hash identifier:          WrHySCOj4yFYmIeciR0j9cPgLM5OjYRJcgSs1/wLiT8=
Subject key identifier:   27:DA:48:CE:EB:E5:9E:43:2C:4A:FD:23:21:60:2A:CB:3D:75:7F:22
Authority key identifier: E7:FC:B7:AC:D5:5F:63:49:B9:D8:14:61:78:6C:12:45:8F:86:F7:2E
Certificate issuer:       /CN=e7fcb7acd55f6349b9d81461786c12458f86f72e
Certificate serial:       01964AEB5D70AE9B07017514F5375AB77AAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
Manifest number:          14F5
Signing time:             Fri 18 Apr 2025 22:01:00 +0000
Manifest this update:     Fri 18 Apr 2025 22:01:00 +0000
Manifest next update:     Sat 19 Apr 2025 22:01:00 +0000
Files and hashes:         1: 5_y3rNVfY0m52BRheGwSRY-G9y4.crl (hash: KmdcLkBi13AmoFg3u3HAt9mJby2aE0x+CoN/ihzpnA4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:eb:5d:70:ae:9b:07:01:75:14:f5:37:5a:b7:7a:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7fcb7acd55f6349b9d81461786c12458f86f72e
        Validity
            Not Before: Apr 18 22:01:00 2025 GMT
            Not After : Apr 19 22:01:00 2025 GMT
        Subject: CN=27da48ceebe59e432c4afd2321602acb3d757f22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b4:93:20:ff:9f:33:b7:ed:b5:b6:c2:04:82:
                    1c:b7:7d:7b:ac:d7:34:96:c4:01:1e:47:55:f8:1a:
                    bf:88:92:4b:2c:0e:47:90:e2:47:93:fa:cb:70:7e:
                    4f:4a:32:64:e0:22:8b:c7:4e:a7:72:2b:bc:a8:2d:
                    71:25:d6:0e:70:c7:a9:43:d9:ea:f3:35:c7:b2:f1:
                    09:4c:3b:37:dd:e7:83:61:f4:7c:8e:f9:9d:8f:9e:
                    59:95:37:1f:d8:9e:ce:82:ea:6f:a0:04:34:b4:f3:
                    86:82:ed:ec:fd:57:fe:5d:42:d6:8b:d4:b4:1a:28:
                    f4:6f:74:52:74:ad:cf:8b:3f:b6:42:f7:c6:03:92:
                    1d:c4:99:88:7d:29:63:e9:75:68:88:5f:b3:bd:13:
                    9a:48:95:14:00:db:fc:c3:84:67:f4:c8:31:4b:21:
                    24:a4:68:c2:66:22:93:44:14:0c:89:9e:0a:9a:b1:
                    e1:0a:63:1b:0a:a8:a1:47:cc:5e:f9:dd:6a:bf:e3:
                    76:23:7a:0e:a8:6c:a9:5a:0e:36:b2:0d:8b:1e:65:
                    d4:8e:d3:a9:77:03:61:c5:f0:ab:29:47:07:c7:fa:
                    69:a8:51:11:6e:dc:06:cf:72:45:35:80:77:9e:f4:
                    2b:be:6d:71:bd:c3:6e:66:46:13:f5:03:bf:dc:8e:
                    e8:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:DA:48:CE:EB:E5:9E:43:2C:4A:FD:23:21:60:2A:CB:3D:75:7F:22
            X509v3 Authority Key Identifier:
                keyid:E7:FC:B7:AC:D5:5F:63:49:B9:D8:14:61:78:6C:12:45:8F:86:F7:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:e1:2c:8b:2a:06:16:bf:6d:66:fd:f2:61:e4:68:2c:e1:76:
         c0:07:cf:be:de:2b:8b:0b:6b:e6:5d:ba:c9:ae:65:18:82:74:
         2d:1f:13:e2:02:87:2a:24:2d:6e:d3:7d:05:99:6e:52:fa:96:
         ae:aa:4a:68:bd:f4:a3:62:94:8e:20:12:f1:78:7b:08:9a:a7:
         94:e9:14:cf:c3:27:93:85:ba:9f:0f:e3:0d:54:cf:74:d1:0b:
         57:c1:d9:d7:f8:55:65:24:01:c7:87:5a:f3:97:92:3b:01:4b:
         2f:d1:af:d0:51:0b:7d:fb:6f:01:ba:08:27:cf:f5:a2:92:61:
         d6:35:6a:64:ed:c0:43:07:19:b7:94:36:85:61:91:c1:d8:39:
         a9:a5:c7:12:96:b2:82:83:68:66:d8:e1:96:d1:ce:65:3b:90:
         e0:48:19:69:1e:df:e9:7e:61:92:69:e0:08:28:78:15:9a:5e:
         b1:6c:03:c4:8e:e7:f8:a9:93:23:c6:e7:91:3c:5a:f5:db:49:
         88:03:55:55:6f:07:94:50:5a:83:dd:84:91:e5:22:79:dc:58:
         b3:27:83:74:f0:6d:5f:bd:ba:c2:87:ef:84:77:47:12:b2:18:
         a7:8d:18:e4:27:3d:85:0d:f8:3f:1d:ab:4d:23:9d:be:e0:d9:
         b3:49:30:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZK611wrpsHAXUU9Tdat3quMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmNiN2FjZDU1ZjYzNDliOWQ4MTQ2MTc4NmMxMjQ1OGY4
NmY3MmUwHhcNMjUwNDE4MjIwMTAwWhcNMjUwNDE5MjIwMTAwWjAzMTEwLwYDVQQD
EygyN2RhNDhjZWViZTU5ZTQzMmM0YWZkMjMyMTYwMmFjYjNkNzU3ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrSTIP+fM7fttbbCBIIct317rNc0
lsQBHkdV+Bq/iJJLLA5HkOJHk/rLcH5PSjJk4CKLx06nciu8qC1xJdYOcMepQ9nq
8zXHsvEJTDs33eeDYfR8jvmdj55ZlTcf2J7OgupvoAQ0tPOGgu3s/Vf+XULWi9S0
Gij0b3RSdK3Piz+2QvfGA5IdxJmIfSlj6XVoiF+zvROaSJUUANv8w4Rn9MgxSyEk
pGjCZiKTRBQMiZ4KmrHhCmMbCqihR8xe+d1qv+N2I3oOqGypWg42sg2LHmXUjtOp
dwNhxfCrKUcHx/ppqFERbtwGz3JFNYB3nvQrvm1xvcNuZkYT9QO/3I7owQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCfaSM7r5Z5DLEr9IyFgKss9dX8iMB8GA1UdIwQY
MBaAFOf8t6zVX2NJudgUYXhsEkWPhvcuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82OTgzMzktNTkwNS00NjM3LWI5ODMt
Y2RiM2E2NTdkOWVlLzEvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82OTgzMzktNTkwNS00NjM3LWI5ODMtY2RiM2E2NTdkOWVl
LzEvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvuEsiyoG
Fr9tZv3yYeRoLOF2wAfPvt4riwtr5l26ya5lGIJ0LR8T4gKHKiQtbtN9BZluUvqW
rqpKaL30o2KUjiAS8Xh7CJqnlOkUz8Mnk4W6nw/jDVTPdNELV8HZ1/hVZSQBx4da
85eSOwFLL9Gv0FELfftvAboIJ8/1opJh1jVqZO3AQwcZt5Q2hWGRwdg5qaXHEpay
goNoZtjhltHOZTuQ4EgZaR7f6X5hkmngCCh4FZpesWwDxI7n+KmTI8bnkTxa9dtJ
iANVVW8HlFBag92EkeUiedxYsyeDdPBtX726wofvhHdHErIYp40Y5Cc9hQ34Px2r
TSOdvuDZs0kwiw==
-----END CERTIFICATE-----