Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
File:                     5pgECu2WLzBoge6mVTBA-5ptNMk.mft (raw, json)
Hash identifier:          Xm1H8b6bRJAUlLB0efIMMYOOkBMkYRTVjC2hiytKByM=
Subject key identifier:   2F:58:F8:3C:FF:10:8D:F4:C3:01:46:24:37:CF:E8:67:7D:FF:2C:83
Authority key identifier: E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9
Certificate issuer:       /CN=e698040aed962f306881eea6553040fb9a6d34c9
Certificate serial:       019748FA0B552E544365A0F4903EFA466EF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
Manifest number:          0420
Signing time:             Sat 07 Jun 2025 06:00:35 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:35 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:35 +0000
Files and hashes:         1: 5pgECu2WLzBoge6mVTBA-5ptNMk.crl (hash: vM81SS3KfMY9F/JdgnQd2A18IF1v3CJl4nM7BUKl05A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:0b:55:2e:54:43:65:a0:f4:90:3e:fa:46:6e:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e698040aed962f306881eea6553040fb9a6d34c9
        Validity
            Not Before: Jun  7 06:00:35 2025 GMT
            Not After : Jun  8 06:00:35 2025 GMT
        Subject: CN=2f58f83cff108df4c301462437cfe8677dff2c83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:89:3b:57:0b:c3:87:f7:5b:7d:d8:89:91:83:
                    a7:be:d1:31:34:7d:1d:98:b0:45:4b:42:1c:f0:d9:
                    3c:c5:1b:49:bb:f3:f4:7a:48:f4:02:36:35:97:5b:
                    dc:1a:4a:e6:89:65:bf:ca:49:f2:f6:d9:88:f8:bd:
                    94:04:3c:06:e0:59:f6:13:43:2f:e9:2e:a0:01:0f:
                    bd:67:4b:fd:30:26:5a:8b:c5:51:52:17:5a:27:a5:
                    8b:10:0b:0f:c3:56:5a:f1:dc:b4:15:31:2b:48:eb:
                    58:b8:5d:b1:49:e7:ba:57:39:65:60:e8:a5:66:03:
                    81:d3:d1:96:1c:7b:97:01:fa:dc:60:c4:ed:a3:00:
                    4e:62:5d:00:ab:d2:d4:62:ea:c1:80:36:ee:b4:48:
                    99:70:10:9d:e8:72:8a:c3:4d:7f:3c:a1:ba:2c:6e:
                    08:a7:46:29:89:00:f7:de:a8:12:10:a1:9c:32:e7:
                    9e:9e:13:90:cd:84:3d:27:bf:e4:a1:ab:d6:64:2a:
                    c3:82:38:2b:1e:7d:4b:f8:08:4a:59:77:69:ec:8f:
                    68:82:71:60:b9:17:47:ef:c8:3c:6c:2b:eb:8e:91:
                    b9:72:80:ae:8d:c3:76:62:8e:3d:0b:d4:f3:a9:21:
                    a5:0e:03:4d:f3:a0:91:10:0a:29:63:6c:a7:13:e5:
                    08:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:58:F8:3C:FF:10:8D:F4:C3:01:46:24:37:CF:E8:67:7D:FF:2C:83
            X509v3 Authority Key Identifier:
                keyid:E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:45:9f:b9:82:30:d3:6a:6f:17:67:8a:e5:d2:3a:c5:ec:a5:
         bd:4c:fd:89:21:a3:35:d8:04:bb:92:fe:5b:c6:67:c6:10:40:
         48:b2:65:9f:fb:8a:68:1c:ed:d7:52:a9:23:a0:e8:08:8a:75:
         d4:cf:04:8c:1a:60:5f:87:3c:80:b8:d2:39:02:4c:02:d9:2e:
         5a:39:c4:e0:4a:47:8d:61:ee:d4:64:c8:8c:5f:57:a6:39:fb:
         7e:85:8e:4f:9f:bf:1e:05:c4:34:b6:dc:fc:ff:19:96:53:17:
         1e:1c:8a:bb:6f:f0:99:64:f2:77:21:8b:e8:5f:a2:47:12:ea:
         3f:a1:b6:b1:e1:06:a0:1e:ec:b3:75:f9:41:35:4a:36:22:63:
         6c:b6:2e:c8:e6:3a:1a:bb:2f:91:9b:78:5e:f5:e6:68:c1:27:
         a2:3a:00:7c:08:f9:3a:a3:36:26:02:9a:a5:0c:23:f7:0a:aa:
         e6:c5:84:d6:e8:01:09:ff:5b:d6:ab:8e:c3:56:2c:a0:74:bf:
         ee:4d:b3:36:21:29:b4:2f:db:6d:e2:4d:4c:cf:34:50:73:c2:
         60:6e:bf:26:52:cf:ab:72:6e:a3:ce:15:d0:99:84:5e:65:39:
         46:e6:f2:b9:ad:55:5f:b9:f9:e6:d9:cb:a8:f8:7c:88:c2:c8:
         5b:63:d9:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+gtVLlRDZaD0kD76Rm75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OTgwNDBhZWQ5NjJmMzA2ODgxZWVhNjU1MzA0MGZiOWE2
ZDM0YzkwHhcNMjUwNjA3MDYwMDM1WhcNMjUwNjA4MDYwMDM1WjAzMTEwLwYDVQQD
EygyZjU4ZjgzY2ZmMTA4ZGY0YzMwMTQ2MjQzN2NmZTg2NzdkZmYyYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIk7VwvDh/dbfdiJkYOnvtExNH0d
mLBFS0Ic8Nk8xRtJu/P0ekj0AjY1l1vcGkrmiWW/ykny9tmI+L2UBDwG4Fn2E0Mv
6S6gAQ+9Z0v9MCZai8VRUhdaJ6WLEAsPw1Za8dy0FTErSOtYuF2xSee6VzllYOil
ZgOB09GWHHuXAfrcYMTtowBOYl0Aq9LUYurBgDbutEiZcBCd6HKKw01/PKG6LG4I
p0YpiQD33qgSEKGcMueenhOQzYQ9J7/koavWZCrDgjgrHn1L+AhKWXdp7I9ognFg
uRdH78g8bCvrjpG5coCujcN2Yo49C9TzqSGlDgNN86CREAopY2ynE+UIGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9Y+Dz/EI30wwFGJDfP6Gd9/yyDMB8GA1UdIwQY
MBaAFOaYBArtli8waIHuplUwQPuabTTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYt
ZTIzNDk3MzkzYjhmLzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYtZTIzNDk3MzkzYjhm
LzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApUWfuYIw
02pvF2eK5dI6xeylvUz9iSGjNdgEu5L+W8ZnxhBASLJln/uKaBzt11KpI6DoCIp1
1M8EjBpgX4c8gLjSOQJMAtkuWjnE4EpHjWHu1GTIjF9Xpjn7foWOT5+/HgXENLbc
/P8ZllMXHhyKu2/wmWTydyGL6F+iRxLqP6G2seEGoB7ss3X5QTVKNiJjbLYuyOY6
GrsvkZt4XvXmaMEnojoAfAj5OqM2JgKapQwj9wqq5sWE1ugBCf9b1quOw1YsoHS/
7k2zNiEptC/bbeJNTM80UHPCYG6/JlLPq3Juo84V0JmEXmU5Rubyua1VX7n55tnL
qPh8iMLIW2PZ8Q==
-----END CERTIFICATE-----