Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
File:                     a-BR-5PgFam3YbtFr-EJ2740fGY.mft (raw, json)
Hash identifier:          KS/JZqaqZGnR2IacYA/mPbBZFPS+g0Coe4SoPgELGnI=
Subject key identifier:   B5:8E:13:42:63:1A:BD:AF:BA:54:EB:46:91:AF:A5:21:48:7E:82:66
Authority key identifier: 6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66
Certificate issuer:       /CN=6be051fb93e015a9b761bb45afe109dbbe347c66
Certificate serial:       01974967DDEA931EF617AA2EE927FAE9B0A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
Manifest number:          052D
Signing time:             Sat 07 Jun 2025 08:00:33 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:33 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:33 +0000
Files and hashes:         1: a-BR-5PgFam3YbtFr-EJ2740fGY.crl (hash: RUByqFtG7wdo0XSED/psOIKHUy+sfz73ToRUAhe0CMw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:dd:ea:93:1e:f6:17:aa:2e:e9:27:fa:e9:b0:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6be051fb93e015a9b761bb45afe109dbbe347c66
        Validity
            Not Before: Jun  7 08:00:33 2025 GMT
            Not After : Jun  8 08:00:33 2025 GMT
        Subject: CN=b58e1342631abdafba54eb4691afa521487e8266
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:30:cf:bd:95:b4:e9:24:bb:fb:e0:7c:76:a6:
                    a0:e1:66:4a:63:f2:69:26:f8:6a:8b:9d:65:ae:9f:
                    78:df:11:1f:eb:7e:a6:f3:63:98:40:bd:90:dd:24:
                    d0:4f:52:83:50:86:14:24:f0:1d:a6:7d:f2:db:9d:
                    2b:72:4f:82:c8:00:c1:ea:a5:1e:4b:67:a3:96:bb:
                    aa:09:72:bf:c0:cd:dc:25:8b:2c:fe:6f:0e:b2:b5:
                    b7:c0:fa:37:2f:d0:44:2e:3e:a7:56:bb:09:17:93:
                    d3:75:b6:3e:d7:2d:c8:58:a2:c2:26:49:aa:03:78:
                    e0:0a:56:d7:fa:df:7d:b8:0d:a9:83:25:90:d3:e9:
                    57:d3:c8:c8:2e:1e:a8:46:9f:21:59:25:54:09:f9:
                    d1:36:36:6c:1b:1e:68:df:66:bd:d4:ea:90:21:50:
                    20:94:dc:20:cb:f2:85:5a:af:07:87:00:3b:43:bf:
                    d5:f0:f6:41:99:06:25:c4:87:d8:e4:d3:c0:ad:de:
                    f1:07:ba:9a:89:f2:1b:9b:e8:8b:cf:5b:6d:77:de:
                    a6:db:68:df:b2:dd:07:82:b3:60:81:79:b6:de:d1:
                    ea:15:94:6b:05:ed:77:32:8b:8d:a6:7b:59:47:21:
                    05:dc:51:98:85:01:22:3d:fd:a3:39:b7:be:7a:06:
                    85:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:8E:13:42:63:1A:BD:AF:BA:54:EB:46:91:AF:A5:21:48:7E:82:66
            X509v3 Authority Key Identifier:
                keyid:6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:fd:eb:b2:3b:0a:93:db:08:0f:4c:7a:5e:21:50:5b:10:c3:
         5e:eb:ed:4c:2f:16:ec:a2:23:f9:6c:88:51:c6:2b:50:8c:76:
         77:b6:2d:77:46:be:b8:1f:5e:05:79:18:94:0d:ae:d8:2e:35:
         92:0f:24:af:d4:8e:61:fa:0a:92:78:14:dd:19:60:72:62:bd:
         80:ab:5e:00:90:53:f6:a3:fd:f0:2b:1c:9d:c5:ce:e9:be:5a:
         e5:51:48:5d:0b:85:6b:a7:d6:3a:d7:78:95:c5:40:20:37:14:
         75:1c:4b:2d:2d:a7:de:a3:3a:24:61:f0:13:96:d2:4c:dc:a0:
         c9:08:5a:79:76:56:7c:ab:81:d3:02:86:da:05:dd:98:71:5d:
         11:c8:aa:1a:2a:e7:f4:e4:28:73:7c:1e:14:59:f3:22:b3:ea:
         62:d3:6c:59:56:79:e4:d5:d1:85:c4:af:f6:f4:93:93:bd:43:
         75:20:df:53:e1:65:aa:18:16:fb:ed:4e:b3:77:84:b3:cc:f3:
         b7:84:02:d0:d1:f5:6b:40:04:72:c0:79:b2:da:6d:9e:2e:d3:
         06:95:14:af:ac:e5:25:bb:30:6d:7d:f9:98:8f:a9:e6:d4:ae:
         22:96:f3:ca:39:a5:2d:91:16:f9:53:85:eb:9a:e3:52:bf:44:
         99:e4:d8:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ93qkx72F6ou6Sf66bCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTA1MWZiOTNlMDE1YTliNzYxYmI0NWFmZTEwOWRiYmUz
NDdjNjYwHhcNMjUwNjA3MDgwMDMzWhcNMjUwNjA4MDgwMDMzWjAzMTEwLwYDVQQD
EyhiNThlMTM0MjYzMWFiZGFmYmE1NGViNDY5MWFmYTUyMTQ4N2U4MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zDPvZW06SS7++B8dqag4WZKY/Jp
Jvhqi51lrp943xEf636m82OYQL2Q3STQT1KDUIYUJPAdpn3y250rck+CyADB6qUe
S2ejlruqCXK/wM3cJYss/m8OsrW3wPo3L9BELj6nVrsJF5PTdbY+1y3IWKLCJkmq
A3jgClbX+t99uA2pgyWQ0+lX08jILh6oRp8hWSVUCfnRNjZsGx5o32a91OqQIVAg
lNwgy/KFWq8HhwA7Q7/V8PZBmQYlxIfY5NPArd7xB7qaifIbm+iLz1ttd96m22jf
st0HgrNggXm23tHqFZRrBe13MouNpntZRyEF3FGYhQEiPf2jObe+egaF6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWOE0JjGr2vulTrRpGvpSFIfoJmMB8GA1UdIwQY
MBaAFGvgUfuT4BWpt2G7Ra/hCdu+NHxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYt
ZjRlNTlmMzlhNzRhLzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYtZjRlNTlmMzlhNzRh
LzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABv3rsjsK
k9sID0x6XiFQWxDDXuvtTC8W7KIj+WyIUcYrUIx2d7Ytd0a+uB9eBXkYlA2u2C41
kg8kr9SOYfoKkngU3RlgcmK9gKteAJBT9qP98CscncXO6b5a5VFIXQuFa6fWOtd4
lcVAIDcUdRxLLS2n3qM6JGHwE5bSTNygyQhaeXZWfKuB0wKG2gXdmHFdEciqGirn
9OQoc3weFFnzIrPqYtNsWVZ55NXRhcSv9vSTk71DdSDfU+FlqhgW++1Os3eEs8zz
t4QC0NH1a0AEcsB5stptni7TBpUUr6zlJbswbX35mI+p5tSuIpbzyjmlLZEW+VOF
65rjUr9EmeTYJg==
-----END CERTIFICATE-----