Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
File:                     5_y3rNVfY0m52BRheGwSRY-G9y4.mft (raw, json)
Hash identifier:          FnfydMAOjs0k5fphnoMKgvvHQu5GDy9StWQ6gheZndY=
Subject key identifier:   E4:0D:63:37:A7:D0:6A:05:60:57:1F:A4:FA:DB:20:F4:03:46:82:29
Authority key identifier: E7:FC:B7:AC:D5:5F:63:49:B9:D8:14:61:78:6C:12:45:8F:86:F7:2E
Certificate issuer:       /CN=e7fcb7acd55f6349b9d81461786c12458f86f72e
Certificate serial:       019768BBC5B39A0D1730686B417C6CE0DDBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 10:00:25 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:25 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:25 +0000
Files and hashes:         1: 5_y3rNVfY0m52BRheGwSRY-G9y4.crl (hash: ooUANJ3geSMGD+sU/F0d0yvWe5D7TeHrAIsqiPUPugk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bb:c5:b3:9a:0d:17:30:68:6b:41:7c:6c:e0:dd:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7fcb7acd55f6349b9d81461786c12458f86f72e
        Validity
            Not Before: Jun 13 10:00:25 2025 GMT
            Not After : Jun 14 10:00:25 2025 GMT
        Subject: CN=e40d6337a7d06a0560571fa4fadb20f403468229
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:17:14:e8:30:f4:24:5e:5b:58:96:a3:cd:37:
                    be:44:aa:69:d3:45:dc:db:0e:7f:97:ef:9f:02:79:
                    0c:a6:8a:ea:e6:6d:e0:b4:13:b8:b9:05:82:9c:03:
                    22:d2:63:be:9b:e9:c6:b4:3c:5d:00:a1:c8:ce:6b:
                    68:53:95:ae:c9:db:c8:69:0f:db:02:42:e8:94:ad:
                    08:96:31:bf:9d:7d:6c:1c:ef:7e:cd:01:bd:aa:87:
                    5c:39:86:a1:ab:7c:8a:48:8c:db:01:0d:1b:6c:d3:
                    e6:bd:7a:c3:e7:9f:dc:79:0f:46:c2:6b:da:12:03:
                    fe:55:47:4c:98:68:e1:9b:0b:c6:45:f5:96:92:e2:
                    ec:ce:df:ee:90:f9:79:2a:9b:fb:90:77:d8:5e:bc:
                    80:ec:4c:2b:a3:94:4a:21:e9:70:0b:91:03:6a:42:
                    2d:e9:5a:3b:ec:8a:d2:25:d7:76:d0:73:f5:24:07:
                    e7:de:cc:6e:b9:92:07:bc:b5:b6:85:b9:01:38:21:
                    96:1f:26:67:d6:bc:ef:66:c5:1e:20:0b:d2:90:dd:
                    c6:a4:8d:83:f0:86:fa:83:40:e2:46:91:fa:06:05:
                    97:5f:df:51:df:62:f6:f6:56:2f:01:23:94:3e:19:
                    85:32:25:86:e9:67:23:ce:4d:f5:3e:b6:01:b3:a5:
                    b4:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:0D:63:37:A7:D0:6A:05:60:57:1F:A4:FA:DB:20:F4:03:46:82:29
            X509v3 Authority Key Identifier:
                keyid:E7:FC:B7:AC:D5:5F:63:49:B9:D8:14:61:78:6C:12:45:8F:86:F7:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:df:18:10:08:9b:79:77:18:cd:15:b9:b1:bb:50:bc:41:46:
         cf:23:5b:9f:d7:08:1c:15:9c:09:6a:48:be:be:56:07:c1:ea:
         b7:c1:dd:cf:ac:7e:6a:93:ca:bc:2b:8b:69:09:21:e8:cc:c0:
         5b:41:44:25:3a:ba:9d:26:0d:bd:b7:0f:f3:41:bd:89:82:15:
         bd:a0:2f:e5:3d:ed:b1:4b:a6:35:40:03:ce:32:d7:9a:d2:56:
         28:0b:0b:75:f8:d5:a1:df:02:b9:50:ac:b5:9e:a8:59:c4:26:
         a4:cd:7d:45:64:44:9b:2e:58:4a:bc:bb:81:31:d9:1f:51:3a:
         1b:4f:ed:43:af:01:75:e1:b0:e0:f2:46:e8:07:d3:1a:a3:00:
         3e:19:6d:9a:40:98:03:50:86:b5:80:47:d7:fc:b1:ff:12:df:
         18:95:dc:49:9d:93:35:1e:93:69:87:93:9b:d2:a1:3e:49:94:
         b4:82:04:f4:c6:40:97:09:90:f1:24:fa:1d:cf:d2:c3:ca:d7:
         03:52:90:1a:e9:8b:14:3c:28:54:53:d3:2a:7a:92:e9:ce:bc:
         df:7e:88:59:47:2c:5f:64:0b:58:b7:b7:1f:b9:f0:ca:be:d0:
         bb:f6:20:34:6c:cf:91:4e:62:15:d2:bb:a3:c4:6c:98:b8:c9:
         ee:59:1c:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdou8Wzmg0XMGhrQXxs4N2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmNiN2FjZDU1ZjYzNDliOWQ4MTQ2MTc4NmMxMjQ1OGY4
NmY3MmUwHhcNMjUwNjEzMTAwMDI1WhcNMjUwNjE0MTAwMDI1WjAzMTEwLwYDVQQD
EyhlNDBkNjMzN2E3ZDA2YTA1NjA1NzFmYTRmYWRiMjBmNDAzNDY4MjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRcU6DD0JF5bWJajzTe+RKpp00Xc
2w5/l++fAnkMporq5m3gtBO4uQWCnAMi0mO+m+nGtDxdAKHIzmtoU5WuydvIaQ/b
AkLolK0IljG/nX1sHO9+zQG9qodcOYahq3yKSIzbAQ0bbNPmvXrD55/ceQ9Gwmva
EgP+VUdMmGjhmwvGRfWWkuLszt/ukPl5Kpv7kHfYXryA7Ewro5RKIelwC5EDakIt
6Vo77IrSJdd20HP1JAfn3sxuuZIHvLW2hbkBOCGWHyZn1rzvZsUeIAvSkN3GpI2D
8Ib6g0DiRpH6BgWXX99R32L29lYvASOUPhmFMiWG6Wcjzk31PrYBs6W0hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQNYzen0GoFYFcfpPrbIPQDRoIpMB8GA1UdIwQY
MBaAFOf8t6zVX2NJudgUYXhsEkWPhvcuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82OTgzMzktNTkwNS00NjM3LWI5ODMt
Y2RiM2E2NTdkOWVlLzEvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82OTgzMzktNTkwNS00NjM3LWI5ODMtY2RiM2E2NTdkOWVl
LzEvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZd8YEAib
eXcYzRW5sbtQvEFGzyNbn9cIHBWcCWpIvr5WB8Hqt8Hdz6x+apPKvCuLaQkh6MzA
W0FEJTq6nSYNvbcP80G9iYIVvaAv5T3tsUumNUADzjLXmtJWKAsLdfjVod8CuVCs
tZ6oWcQmpM19RWREmy5YSry7gTHZH1E6G0/tQ68BdeGw4PJG6AfTGqMAPhltmkCY
A1CGtYBH1/yx/xLfGJXcSZ2TNR6TaYeTm9KhPkmUtIIE9MZAlwmQ8ST6Hc/Sw8rX
A1KQGumLFDwoVFPTKnqS6c68336IWUcsX2QLWLe3H7nwyr7Qu/YgNGzPkU5iFdK7
o8RsmLjJ7lkcow==
-----END CERTIFICATE-----