Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
File:                     5pgECu2WLzBoge6mVTBA-5ptNMk.mft (raw, json)
Hash identifier:          XOItCw+n1kqI8jlVBFfabmCqRe/ln3tQPCRmIXMtxn8=
Subject key identifier:   A1:10:18:AD:4A:B6:32:87:E9:C7:67:9D:CF:46:41:2D:53:82:CB:A0
Authority key identifier: E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9
Certificate issuer:       /CN=e698040aed962f306881eea6553040fb9a6d34c9
Certificate serial:       019655A5DD6B08B31BE900022A612923447A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
Manifest number:          03A2
Signing time:             Mon 21 Apr 2025 00:00:55 +0000
Manifest this update:     Mon 21 Apr 2025 00:00:55 +0000
Manifest next update:     Tue 22 Apr 2025 00:00:55 +0000
Files and hashes:         1: 5pgECu2WLzBoge6mVTBA-5ptNMk.crl (hash: z0hf9VuPQgZGQqMdi5qViNEKmwbzllVL4Pjh6ax4Ais=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a5:dd:6b:08:b3:1b:e9:00:02:2a:61:29:23:44:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e698040aed962f306881eea6553040fb9a6d34c9
        Validity
            Not Before: Apr 21 00:00:55 2025 GMT
            Not After : Apr 22 00:00:55 2025 GMT
        Subject: CN=a11018ad4ab63287e9c7679dcf46412d5382cba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:f7:86:df:d2:81:42:50:c6:36:0b:41:74:0d:
                    5c:a8:ab:d0:21:99:61:c1:05:32:e1:54:1f:54:0a:
                    67:7d:86:64:9b:83:d9:a4:7d:fc:56:34:7a:62:33:
                    c8:c1:81:e0:37:14:5c:16:de:98:b6:f1:ce:b4:f0:
                    32:9e:8b:e1:36:4d:04:6d:30:dc:8c:cd:3d:18:97:
                    e5:89:c7:8a:64:eb:b5:a0:d9:82:bd:bb:39:89:32:
                    ad:08:c7:9f:39:c1:12:f8:6b:4d:6e:64:e3:b1:49:
                    16:2d:dc:59:12:55:87:d9:ff:10:5b:33:c4:b3:9a:
                    65:cf:e2:4e:66:d5:86:5d:64:b5:f6:65:58:fe:2b:
                    35:d6:64:c7:01:56:10:bd:e7:6d:bd:3a:10:07:17:
                    5e:02:4f:ef:1d:ce:00:77:bd:6b:b9:fe:38:54:f4:
                    09:c4:4e:12:ca:e6:05:26:83:31:12:73:a7:b0:65:
                    6a:3f:8f:31:9b:3d:e5:5c:36:40:53:e5:b8:89:9d:
                    89:03:42:b7:79:4c:39:59:79:a8:3a:ae:18:b6:88:
                    8c:4d:d1:00:7e:4d:1a:ca:34:93:cc:84:28:48:5e:
                    19:32:fd:b1:09:18:0a:7a:17:4e:6a:1d:03:b4:f4:
                    2e:04:2a:69:75:20:2b:c1:55:39:dd:b3:93:a7:6a:
                    4c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:10:18:AD:4A:B6:32:87:E9:C7:67:9D:CF:46:41:2D:53:82:CB:A0
            X509v3 Authority Key Identifier:
                keyid:E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:87:9f:a2:9c:ad:02:5d:70:1c:b8:05:d8:e4:d9:64:62:a7:
         18:35:10:ed:bf:94:d1:e0:1b:c5:81:33:20:da:45:93:1a:84:
         e8:7c:08:90:09:fd:b4:b3:dd:7b:65:47:51:10:ca:cd:69:4c:
         76:2d:47:6a:18:41:b4:0f:03:65:dc:7e:e2:99:93:13:54:8a:
         a2:96:99:6c:07:f2:b9:7d:3c:d9:fa:ef:e7:2d:ae:ff:5f:e2:
         88:d3:e2:88:d8:5d:54:3f:53:81:44:29:8e:30:70:44:88:47:
         83:26:c6:35:8d:19:c8:74:9c:40:e2:01:28:99:b4:63:1a:f2:
         37:bc:76:8a:63:54:9b:62:05:65:61:de:0f:27:05:e7:a2:96:
         c2:84:88:d8:ea:56:ba:e6:5e:f2:98:5d:83:30:82:1d:44:bf:
         4d:13:86:43:18:c7:c2:b9:98:65:d5:e4:8c:86:26:3d:e0:20:
         66:0c:d6:17:cc:41:a3:95:82:f4:22:c4:cd:96:55:71:bc:1d:
         ed:34:de:38:af:1a:fb:29:15:6a:26:9c:fb:f4:d9:85:8c:be:
         04:50:b6:92:91:ac:50:d8:dc:40:5d:a7:50:21:12:aa:e5:f6:
         e6:fd:03:f0:ba:34:d2:1d:e3:4c:1a:af:91:b6:62:aa:63:8c:
         2f:76:a5:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpd1rCLMb6QACKmEpI0R6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OTgwNDBhZWQ5NjJmMzA2ODgxZWVhNjU1MzA0MGZiOWE2
ZDM0YzkwHhcNMjUwNDIxMDAwMDU1WhcNMjUwNDIyMDAwMDU1WjAzMTEwLwYDVQQD
EyhhMTEwMThhZDRhYjYzMjg3ZTljNzY3OWRjZjQ2NDEyZDUzODJjYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/eG39KBQlDGNgtBdA1cqKvQIZlh
wQUy4VQfVApnfYZkm4PZpH38VjR6YjPIwYHgNxRcFt6YtvHOtPAynovhNk0EbTDc
jM09GJfliceKZOu1oNmCvbs5iTKtCMefOcES+GtNbmTjsUkWLdxZElWH2f8QWzPE
s5plz+JOZtWGXWS19mVY/is11mTHAVYQvedtvToQBxdeAk/vHc4Ad71ruf44VPQJ
xE4SyuYFJoMxEnOnsGVqP48xmz3lXDZAU+W4iZ2JA0K3eUw5WXmoOq4YtoiMTdEA
fk0ayjSTzIQoSF4ZMv2xCRgKehdOah0DtPQuBCppdSArwVU53bOTp2pM4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEQGK1KtjKH6cdnnc9GQS1TgsugMB8GA1UdIwQY
MBaAFOaYBArtli8waIHuplUwQPuabTTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYt
ZTIzNDk3MzkzYjhmLzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYtZTIzNDk3MzkzYjhm
LzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoIefopyt
Al1wHLgF2OTZZGKnGDUQ7b+U0eAbxYEzINpFkxqE6HwIkAn9tLPde2VHURDKzWlM
di1HahhBtA8DZdx+4pmTE1SKopaZbAfyuX082frv5y2u/1/iiNPiiNhdVD9TgUQp
jjBwRIhHgybGNY0ZyHScQOIBKJm0YxryN7x2imNUm2IFZWHeDycF56KWwoSI2OpW
uuZe8phdgzCCHUS/TROGQxjHwrmYZdXkjIYmPeAgZgzWF8xBo5WC9CLEzZZVcbwd
7TTeOK8a+ykVaiac+/TZhYy+BFC2kpGsUNjcQF2nUCESquX25v0D8Lo00h3jTBqv
kbZiqmOML3al+Q==
-----END CERTIFICATE-----