Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft
File:                     5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft (raw, json)
Hash identifier:          tl8Y1B1/K998vmpS4LGXJ3zf6NBk9THIxn8qsUrgI9o=
Subject key identifier:   C0:28:EB:7B:9F:12:D7:E4:25:37:0E:F6:27:E3:F7:84:CA:BA:2A:89
Authority key identifier: E6:1B:9A:5D:6D:98:70:3C:38:72:A1:BB:3F:90:D1:03:68:5C:BD:04
Certificate issuer:       /CN=e61b9a5d6d98703c3872a1bb3f90d103685cbd04
Certificate serial:       019751215CF9DADC27048F10611A1C4FA3E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5huaXW2YcDw4cqG7P5DRA2hcvQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft
Manifest number:          157D
Signing time:             Sun 08 Jun 2025 20:00:30 +0000
Manifest this update:     Sun 08 Jun 2025 20:00:30 +0000
Manifest next update:     Mon 09 Jun 2025 20:00:30 +0000
Files and hashes:         1: 5huaXW2YcDw4cqG7P5DRA2hcvQQ.crl (hash: m54xHqTw0NWM43QigzOLOhnJzh23sKcdw2wWHrsjr2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5huaXW2YcDw4cqG7P5DRA2hcvQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:21:5c:f9:da:dc:27:04:8f:10:61:1a:1c:4f:a3:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e61b9a5d6d98703c3872a1bb3f90d103685cbd04
        Validity
            Not Before: Jun  8 20:00:30 2025 GMT
            Not After : Jun  9 20:00:30 2025 GMT
        Subject: CN=c028eb7b9f12d7e425370ef627e3f784caba2a89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:91:be:1b:70:74:8e:ce:99:85:a7:97:9f:d7:
                    3e:bc:30:92:e7:cf:88:9c:63:08:27:6e:f3:40:90:
                    8e:44:b3:5d:02:c9:f8:34:6b:f7:05:17:60:cc:3f:
                    9f:09:76:63:06:bd:41:8d:8b:1a:c6:09:e8:a1:7c:
                    f5:52:3f:a2:4f:a8:73:f7:9a:3f:1c:11:47:7f:75:
                    5e:f5:ab:f3:08:da:6a:64:89:70:21:5d:fb:bb:30:
                    c8:85:79:45:d6:8c:61:b2:cb:87:36:e4:88:4a:f4:
                    4b:02:c1:c3:e8:1b:4a:86:36:5b:23:59:99:55:e2:
                    a9:db:54:e4:dc:15:64:49:89:a2:b6:9f:2c:f5:c8:
                    6d:d6:73:97:9c:04:45:33:fa:94:9e:c9:75:eb:7e:
                    0e:fc:cd:ab:69:7b:30:4c:8c:f9:4d:f2:7d:1c:c2:
                    e8:d0:3b:8f:36:13:d7:34:88:f5:36:cf:84:66:fb:
                    38:61:4e:39:2d:5a:97:2d:7a:08:9d:73:2a:20:bb:
                    38:5e:13:d9:22:e3:77:49:c1:3d:86:07:83:3c:3e:
                    e1:8c:fb:77:f2:19:80:90:28:f4:67:5c:6a:72:7e:
                    57:65:ac:07:ee:77:6d:58:46:04:3f:26:a1:d8:3d:
                    c6:81:39:be:62:ce:f6:f3:d7:b9:85:6f:c7:f7:69:
                    ec:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:28:EB:7B:9F:12:D7:E4:25:37:0E:F6:27:E3:F7:84:CA:BA:2A:89
            X509v3 Authority Key Identifier:
                keyid:E6:1B:9A:5D:6D:98:70:3C:38:72:A1:BB:3F:90:D1:03:68:5C:BD:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5huaXW2YcDw4cqG7P5DRA2hcvQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:db:80:e5:0f:d4:37:be:8e:52:ae:58:f5:e0:7f:5c:da:63:
         58:41:e5:e8:7a:c7:0d:c7:27:13:55:94:cc:4c:75:18:d1:14:
         0a:85:f7:a1:d3:3e:23:09:5f:28:cf:76:76:8a:00:3e:6c:0b:
         95:5a:0d:7e:e4:57:6a:d3:97:b9:e9:14:ca:f7:1e:f7:a3:71:
         28:57:2c:24:3d:20:15:d0:6f:4b:eb:1b:5f:47:f8:47:5f:73:
         13:62:1e:bf:0f:b5:8d:db:c9:3a:b9:f7:13:40:4c:34:16:6f:
         d9:9d:3a:79:5f:c7:ab:48:a5:44:a3:3b:25:ff:13:82:ce:3d:
         cf:75:55:7f:ab:76:d6:30:fa:66:9f:45:08:f4:04:31:2c:9a:
         aa:1b:bc:bb:28:db:36:b4:46:17:2b:86:7f:74:18:8b:12:d5:
         5b:c7:cd:59:12:74:2e:ad:24:a3:26:1f:4e:71:21:b0:79:ba:
         c0:d0:3f:51:90:15:40:62:7c:cb:80:27:c0:44:c3:4f:38:28:
         10:ff:b8:70:b4:44:cc:a3:cd:b1:f3:8f:2e:60:0a:21:00:fb:
         91:64:c3:32:a1:9e:ad:f2:1e:7d:58:6d:bb:8c:bb:fe:6f:07:
         07:e4:71:c4:0b:5c:e5:4b:5d:45:f9:8a:5b:61:65:5e:a8:03:
         7d:08:48:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIVz52twnBI8QYRocT6PjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWI5YTVkNmQ5ODcwM2MzODcyYTFiYjNmOTBkMTAzNjg1
Y2JkMDQwHhcNMjUwNjA4MjAwMDMwWhcNMjUwNjA5MjAwMDMwWjAzMTEwLwYDVQQD
EyhjMDI4ZWI3YjlmMTJkN2U0MjUzNzBlZjYyN2UzZjc4NGNhYmEyYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJG+G3B0js6ZhaeXn9c+vDCS58+I
nGMIJ27zQJCORLNdAsn4NGv3BRdgzD+fCXZjBr1BjYsaxgnooXz1Uj+iT6hz95o/
HBFHf3Ve9avzCNpqZIlwIV37uzDIhXlF1oxhssuHNuSISvRLAsHD6BtKhjZbI1mZ
VeKp21Tk3BVkSYmitp8s9cht1nOXnARFM/qUnsl1634O/M2raXswTIz5TfJ9HMLo
0DuPNhPXNIj1Ns+EZvs4YU45LVqXLXoInXMqILs4XhPZIuN3ScE9hgeDPD7hjPt3
8hmAkCj0Z1xqcn5XZawH7ndtWEYEPyah2D3GgTm+Ys7289e5hW/H92nsUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAo63ufEtfkJTcO9ifj94TKuiqJMB8GA1UdIwQY
MBaAFOYbml1tmHA8OHKhuz+Q0QNoXL0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh1YVhXMlljRHc0Y3FHN1A1RFJBMmhjdlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jYjg3OWItOWM5Ni00MjlhLTliYjMt
ZTE4ZDk5OGM2NGVmLzEvNWh1YVhXMlljRHc0Y3FHN1A1RFJBMmhjdlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jYjg3OWItOWM5Ni00MjlhLTliYjMtZTE4ZDk5OGM2NGVm
LzEvNWh1YVhXMlljRHc0Y3FHN1A1RFJBMmhjdlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAktuA5Q/U
N76OUq5Y9eB/XNpjWEHl6HrHDccnE1WUzEx1GNEUCoX3odM+IwlfKM92dooAPmwL
lVoNfuRXatOXuekUyvce96NxKFcsJD0gFdBvS+sbX0f4R19zE2Ievw+1jdvJOrn3
E0BMNBZv2Z06eV/Hq0ilRKM7Jf8Tgs49z3VVf6t21jD6Zp9FCPQEMSyaqhu8uyjb
NrRGFyuGf3QYixLVW8fNWRJ0Lq0koyYfTnEhsHm6wNA/UZAVQGJ8y4AnwETDTzgo
EP+4cLREzKPNsfOPLmAKIQD7kWTDMqGerfIefVhtu4y7/m8HB+RxxAtc5UtdRfmK
W2FlXqgDfQhIXA==
-----END CERTIFICATE-----