Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft
File:                     5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft (raw, json)
Hash identifier:          uXHX7szm34kdZ7PCzAuqwqcvhYbck9amya7ogSn3KFg=
Subject key identifier:   8E:EC:C8:2E:4D:A0:94:68:71:B2:F8:5E:11:64:7A:F6:E2:FB:A3:E4
Authority key identifier: E6:1B:9A:5D:6D:98:70:3C:38:72:A1:BB:3F:90:D1:03:68:5C:BD:04
Certificate issuer:       /CN=e61b9a5d6d98703c3872a1bb3f90d103685cbd04
Certificate serial:       01963EE68375D660409CCE9888F2B5B1F889
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5huaXW2YcDw4cqG7P5DRA2hcvQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft
Manifest number:          14EF
Signing time:             Wed 16 Apr 2025 14:00:16 +0000
Manifest this update:     Wed 16 Apr 2025 14:00:16 +0000
Manifest next update:     Thu 17 Apr 2025 14:00:16 +0000
Files and hashes:         1: 5huaXW2YcDw4cqG7P5DRA2hcvQQ.crl (hash: OH5taYsqFz4B2jt40HEFYv/qPwVaBJmDEFPyZD9ZPNc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5huaXW2YcDw4cqG7P5DRA2hcvQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3e:e6:83:75:d6:60:40:9c:ce:98:88:f2:b5:b1:f8:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e61b9a5d6d98703c3872a1bb3f90d103685cbd04
        Validity
            Not Before: Apr 16 14:00:16 2025 GMT
            Not After : Apr 17 14:00:16 2025 GMT
        Subject: CN=8eecc82e4da0946871b2f85e11647af6e2fba3e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a9:e4:a5:1a:fa:d5:39:aa:64:39:90:3b:22:
                    08:9f:75:4f:fe:e1:52:f4:d0:9c:ca:9e:77:d2:c4:
                    f5:49:b8:ec:d3:69:5c:cd:10:f5:1a:4f:3f:de:a9:
                    0e:cb:d3:59:3b:b3:bd:9f:30:71:5f:be:a4:62:53:
                    37:36:d4:46:c2:c8:1d:f2:64:20:f6:83:4d:36:c3:
                    bc:46:23:f2:22:49:d6:58:0c:85:81:78:8a:c8:10:
                    ea:4f:78:26:51:a3:49:18:48:95:8c:f4:3f:69:33:
                    ad:8c:03:6f:1b:24:f0:41:40:01:71:92:aa:70:71:
                    19:44:26:d5:a9:52:5b:82:bc:b2:34:95:d1:e5:a4:
                    29:bc:f0:bf:75:24:c2:e3:d2:e6:7c:85:92:d1:25:
                    fa:07:74:66:fe:3d:b3:ea:1b:36:65:d5:8e:f5:ff:
                    01:db:d4:2b:eb:54:dc:2a:ce:52:48:c6:ea:b5:06:
                    98:ac:47:61:ff:bb:af:04:8a:16:dc:d6:5b:57:32:
                    ee:2a:a8:ce:c1:f6:98:23:22:47:78:c1:f2:0b:e9:
                    ea:14:da:61:43:60:5e:a4:56:4c:bd:cf:7a:9e:cd:
                    52:31:0d:7a:eb:c1:31:41:1a:ce:87:64:fd:67:40:
                    4b:b0:e1:a9:81:f2:6a:38:ab:0d:28:c5:18:f7:46:
                    41:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:EC:C8:2E:4D:A0:94:68:71:B2:F8:5E:11:64:7A:F6:E2:FB:A3:E4
            X509v3 Authority Key Identifier:
                keyid:E6:1B:9A:5D:6D:98:70:3C:38:72:A1:BB:3F:90:D1:03:68:5C:BD:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5huaXW2YcDw4cqG7P5DRA2hcvQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cb879b-9c96-429a-9bb3-e18d998c64ef/1/5huaXW2YcDw4cqG7P5DRA2hcvQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:f6:0a:4b:08:57:b3:b3:c0:eb:6e:75:42:f7:6c:82:fe:41:
         8a:af:56:5e:46:5e:f5:32:f0:7a:97:05:f7:37:65:56:0a:19:
         3a:21:f9:83:2c:4b:00:5f:14:86:92:41:19:bf:8f:ae:1a:f1:
         58:09:32:e9:34:67:f9:1c:7e:ca:d0:2c:c7:3d:bf:cc:37:e4:
         9a:e1:26:05:f5:75:bf:71:7d:b3:25:ea:ba:63:28:f0:8b:9c:
         74:6d:bd:9f:da:9c:81:72:da:39:f7:f0:4e:1a:09:42:9b:c5:
         c7:d9:59:ea:1d:3f:61:35:01:d3:a7:83:17:f3:a0:66:9e:60:
         f5:01:73:d7:37:c8:5d:0c:8c:df:53:47:24:90:85:19:3d:2b:
         75:d3:fd:f2:36:01:cd:e4:8f:f3:b9:6e:3e:01:d8:b4:e3:70:
         12:71:0d:ad:37:ff:c1:bb:48:cd:e7:a7:ae:1f:95:9d:9c:51:
         1f:ce:9a:27:d5:94:79:3a:2b:27:53:30:28:df:9a:5e:b1:8e:
         58:bf:78:f6:90:37:ad:1f:a3:1b:89:76:53:57:4a:50:7d:f9:
         d8:4f:29:b6:1e:51:fa:80:91:9e:be:62:54:1f:35:c5:42:f2:
         28:0f:14:d2:74:dc:06:89:96:8f:b4:86:ca:f1:9d:c4:57:7d:
         0a:2a:55:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY+5oN11mBAnM6YiPK1sfiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWI5YTVkNmQ5ODcwM2MzODcyYTFiYjNmOTBkMTAzNjg1
Y2JkMDQwHhcNMjUwNDE2MTQwMDE2WhcNMjUwNDE3MTQwMDE2WjAzMTEwLwYDVQQD
Eyg4ZWVjYzgyZTRkYTA5NDY4NzFiMmY4NWUxMTY0N2FmNmUyZmJhM2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKnkpRr61TmqZDmQOyIIn3VP/uFS
9NCcyp530sT1Sbjs02lczRD1Gk8/3qkOy9NZO7O9nzBxX76kYlM3NtRGwsgd8mQg
9oNNNsO8RiPyIknWWAyFgXiKyBDqT3gmUaNJGEiVjPQ/aTOtjANvGyTwQUABcZKq
cHEZRCbVqVJbgryyNJXR5aQpvPC/dSTC49LmfIWS0SX6B3Rm/j2z6hs2ZdWO9f8B
29Qr61TcKs5SSMbqtQaYrEdh/7uvBIoW3NZbVzLuKqjOwfaYIyJHeMHyC+nqFNph
Q2BepFZMvc96ns1SMQ1668ExQRrOh2T9Z0BLsOGpgfJqOKsNKMUY90ZBNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7syC5NoJRocbL4XhFkevbi+6PkMB8GA1UdIwQY
MBaAFOYbml1tmHA8OHKhuz+Q0QNoXL0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh1YVhXMlljRHc0Y3FHN1A1RFJBMmhjdlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jYjg3OWItOWM5Ni00MjlhLTliYjMt
ZTE4ZDk5OGM2NGVmLzEvNWh1YVhXMlljRHc0Y3FHN1A1RFJBMmhjdlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jYjg3OWItOWM5Ni00MjlhLTliYjMtZTE4ZDk5OGM2NGVm
LzEvNWh1YVhXMlljRHc0Y3FHN1A1RFJBMmhjdlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA/YKSwhX
s7PA6251Qvdsgv5Biq9WXkZe9TLwepcF9zdlVgoZOiH5gyxLAF8UhpJBGb+Prhrx
WAky6TRn+Rx+ytAsxz2/zDfkmuEmBfV1v3F9syXqumMo8IucdG29n9qcgXLaOffw
ThoJQpvFx9lZ6h0/YTUB06eDF/OgZp5g9QFz1zfIXQyM31NHJJCFGT0rddP98jYB
zeSP87luPgHYtONwEnENrTf/wbtIzeenrh+VnZxRH86aJ9WUeTorJ1MwKN+aXrGO
WL949pA3rR+jG4l2U1dKUH352E8pth5R+oCRnr5iVB81xULyKA8U0nTcBomWj7SG
yvGdxFd9CipVQQ==
-----END CERTIFICATE-----