Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
File:                     q7lESdTSRidxdzvAimJFB9pRKw0.mft (raw, json)
Hash identifier:          t1oDxDhVxxPPx8egxiSCg1bxsGi2qFQQpu8fIbAEUgs=
Subject key identifier:   D3:95:83:C8:6D:26:B1:0F:E8:31:CE:2A:40:03:84:BE:55:1F:5C:6F
Authority key identifier: AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D
Certificate issuer:       /CN=abb94449d4d2462771773bc08a624507da512b0d
Certificate serial:       019646A0765092D152B3326FC16C31E28411
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
Manifest number:          05DB
Signing time:             Fri 18 Apr 2025 02:00:43 +0000
Manifest this update:     Fri 18 Apr 2025 02:00:43 +0000
Manifest next update:     Sat 19 Apr 2025 02:00:43 +0000
Files and hashes:         1: q7lESdTSRidxdzvAimJFB9pRKw0.crl (hash: IQ+4yl/ceu9013SancHfihLDn1VB4/LcVLoYI1z1fF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:46:a0:76:50:92:d1:52:b3:32:6f:c1:6c:31:e2:84:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abb94449d4d2462771773bc08a624507da512b0d
        Validity
            Not Before: Apr 18 02:00:43 2025 GMT
            Not After : Apr 19 02:00:43 2025 GMT
        Subject: CN=d39583c86d26b10fe831ce2a400384be551f5c6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:58:47:0f:64:64:06:99:92:87:12:b1:48:9b:
                    cb:a0:2f:4a:a5:68:b4:fe:94:3d:a5:ef:85:9d:3e:
                    1f:3c:b5:3a:a9:9e:33:24:16:29:d2:3d:dc:06:4f:
                    22:2b:25:29:8e:3c:3e:50:32:fc:c0:6d:30:42:a6:
                    27:f0:1f:d9:83:2c:33:80:6b:a0:2a:ef:23:a0:a6:
                    c1:0a:af:47:f5:ea:09:80:e7:40:65:20:02:01:6b:
                    b1:f3:45:72:ab:29:7a:5b:49:52:ab:a6:18:39:80:
                    f8:42:07:3d:38:b6:4c:a4:23:7e:53:ee:2a:a3:ad:
                    d4:5a:a4:11:ed:3f:5d:7c:f3:70:55:ae:97:6f:b9:
                    7b:8d:ef:e0:c5:76:06:f7:72:79:d5:0a:0a:96:07:
                    d5:e1:39:72:7d:c4:ac:5f:60:0c:2f:cf:3e:1d:11:
                    eb:d3:3e:a6:8d:b4:b0:10:bb:cf:8c:a6:9a:e5:20:
                    fb:6b:95:47:e8:d0:e1:24:23:7b:0c:e7:fe:28:33:
                    ea:1d:46:8a:10:57:ae:0b:37:91:48:ad:c6:35:16:
                    fa:5a:04:ea:08:fa:89:a2:b1:cf:63:c4:0c:54:49:
                    fb:08:9d:a8:5d:e0:bc:b8:f7:c4:8a:7f:32:fe:18:
                    2a:70:c9:08:9e:12:d2:8b:99:bc:8f:7a:9b:cf:cc:
                    60:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:95:83:C8:6D:26:B1:0F:E8:31:CE:2A:40:03:84:BE:55:1F:5C:6F
            X509v3 Authority Key Identifier:
                keyid:AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:22:c7:1e:5a:2f:75:e4:f1:8c:c8:2b:76:a9:db:69:1f:db:
         a2:b2:73:33:c3:49:84:c0:4a:e8:c8:e4:54:8a:75:50:f8:37:
         db:99:6e:21:04:72:2f:d2:e2:06:5c:a5:26:d1:c1:a3:fd:96:
         d2:93:42:00:2f:97:f4:96:8b:f9:e5:4b:75:62:5f:65:9d:d4:
         58:57:54:fe:4a:21:d1:a5:3e:0b:ad:f3:f2:bf:9b:70:b2:d9:
         b4:c7:48:4e:c6:3d:b6:57:96:2b:1e:18:06:61:f3:4d:3b:15:
         ea:59:c2:38:01:72:08:7f:b5:2c:a7:2a:bb:53:58:de:7c:2b:
         1d:64:fd:78:10:5e:5d:48:2f:ca:bf:f9:29:36:5d:aa:d7:48:
         90:dd:ec:32:07:72:ac:bc:1e:22:8c:f9:2c:d7:d2:e6:8e:f3:
         e3:d4:e0:f2:15:03:33:61:0e:be:df:48:1e:35:6e:75:96:4b:
         21:e2:c9:40:a3:5e:f8:88:2e:46:c2:5e:d9:8c:b7:32:7e:f0:
         74:cf:7c:15:6a:b8:42:56:6c:c3:04:28:04:39:db:fb:d2:c7:
         f2:ad:08:7e:0d:ae:74:ff:f0:1c:2b:02:a1:87:f9:33:0d:30:
         9c:c9:93:d5:b7:34:0d:b2:2c:83:52:42:06:c4:48:5a:50:d9:
         7f:ef:e8:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZGoHZQktFSszJvwWwx4oQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYjk0NDQ5ZDRkMjQ2Mjc3MTc3M2JjMDhhNjI0NTA3ZGE1
MTJiMGQwHhcNMjUwNDE4MDIwMDQzWhcNMjUwNDE5MDIwMDQzWjAzMTEwLwYDVQQD
EyhkMzk1ODNjODZkMjZiMTBmZTgzMWNlMmE0MDAzODRiZTU1MWY1YzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFhHD2RkBpmShxKxSJvLoC9KpWi0
/pQ9pe+FnT4fPLU6qZ4zJBYp0j3cBk8iKyUpjjw+UDL8wG0wQqYn8B/ZgywzgGug
Ku8joKbBCq9H9eoJgOdAZSACAWux80Vyqyl6W0lSq6YYOYD4Qgc9OLZMpCN+U+4q
o63UWqQR7T9dfPNwVa6Xb7l7je/gxXYG93J51QoKlgfV4TlyfcSsX2AML88+HRHr
0z6mjbSwELvPjKaa5SD7a5VH6NDhJCN7DOf+KDPqHUaKEFeuCzeRSK3GNRb6WgTq
CPqJorHPY8QMVEn7CJ2oXeC8uPfEin8y/hgqcMkInhLSi5m8j3qbz8xglwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOVg8htJrEP6DHOKkADhL5VH1xvMB8GA1UdIwQY
MBaAFKu5REnU0kYncXc7wIpiRQfaUSsNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgt
NzBjMGMxNWJjODBhLzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgtNzBjMGMxNWJjODBh
LzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyLHHlov
deTxjMgrdqnbaR/borJzM8NJhMBK6MjkVIp1UPg325luIQRyL9LiBlylJtHBo/2W
0pNCAC+X9JaL+eVLdWJfZZ3UWFdU/koh0aU+C63z8r+bcLLZtMdITsY9tleWKx4Y
BmHzTTsV6lnCOAFyCH+1LKcqu1NY3nwrHWT9eBBeXUgvyr/5KTZdqtdIkN3sMgdy
rLweIoz5LNfS5o7z49Tg8hUDM2EOvt9IHjVudZZLIeLJQKNe+IguRsJe2Yy3Mn7w
dM98FWq4QlZswwQoBDnb+9LH8q0Ifg2udP/wHCsCoYf5Mw0wnMmT1bc0DbIsg1JC
BsRIWlDZf+/o8A==
-----END CERTIFICATE-----