Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
File:                     t5im6ZG5VaKTURGf9312hksNOEo.mft (raw, json)
Hash identifier:          3t7hNXqR7RSl7s49hczrOBK9qXhLk9At1LZnN1/T0eA=
Subject key identifier:   BC:59:A5:AF:C7:1D:34:9E:5C:FC:05:08:C7:05:61:85:46:36:F1:D8
Authority key identifier: B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A
Certificate issuer:       /CN=b798a6e991b955a29351119ff77d76864b0d384a
Certificate serial:       01975234C734E00801EEFBA1C8F5BE2F2D72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
Manifest number:          0CA4
Signing time:             Mon 09 Jun 2025 01:01:19 +0000
Manifest this update:     Mon 09 Jun 2025 01:01:19 +0000
Manifest next update:     Tue 10 Jun 2025 01:01:19 +0000
Files and hashes:         1: t5im6ZG5VaKTURGf9312hksNOEo.crl (hash: H2NjSXvdfgxKa9MerPOyQ4o4TiAzsfhNur3WRL+Gq4A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:34:c7:34:e0:08:01:ee:fb:a1:c8:f5:be:2f:2d:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b798a6e991b955a29351119ff77d76864b0d384a
        Validity
            Not Before: Jun  9 01:01:19 2025 GMT
            Not After : Jun 10 01:01:19 2025 GMT
        Subject: CN=bc59a5afc71d349e5cfc0508c70561854636f1d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:12:c0:30:18:a5:2a:ad:28:0a:65:65:b9:22:
                    69:df:45:86:1d:c9:8a:30:52:f7:36:16:4c:e1:20:
                    31:36:bf:11:4e:ba:c0:00:e8:4e:d8:ef:af:09:49:
                    ce:8f:a2:36:67:61:f5:f9:60:76:14:15:ec:25:b5:
                    8f:bf:37:d5:23:5b:0d:0e:fd:34:17:cf:c5:f8:d4:
                    d0:df:b0:c9:eb:7e:41:3f:84:81:ca:f3:97:12:f1:
                    00:57:a3:29:8c:4e:c8:d8:b8:a0:32:ac:58:d7:18:
                    fd:35:9f:5f:cb:96:f1:ad:8f:95:f1:49:3d:56:1e:
                    ac:34:b3:8d:62:25:08:99:d5:29:df:9b:1a:f6:b5:
                    0c:89:48:c3:97:ab:3f:49:13:66:db:79:88:b3:ff:
                    7e:a7:a0:01:e3:b7:83:3d:24:57:1b:88:14:fc:cd:
                    8e:47:c2:75:31:d6:c0:4f:d3:b8:88:0d:73:f2:f8:
                    f9:dc:8a:46:47:6a:ef:e6:72:a3:3a:8d:d9:e8:16:
                    4b:82:3c:df:c4:d9:c7:15:d6:38:63:6a:40:41:fd:
                    ae:dc:b9:33:79:7d:dd:68:05:f8:ca:77:b8:00:68:
                    49:51:11:66:53:fb:90:24:c6:fc:bf:7c:32:a1:dd:
                    e5:39:5e:d1:42:9f:11:09:18:a2:61:e4:7a:46:64:
                    bc:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:59:A5:AF:C7:1D:34:9E:5C:FC:05:08:C7:05:61:85:46:36:F1:D8
            X509v3 Authority Key Identifier:
                keyid:B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:d4:50:fb:7e:a3:98:74:6d:96:a2:81:25:2f:af:70:8d:ea:
         4a:3a:fd:99:4d:8a:a9:cd:f5:fb:1a:ca:d6:a9:6e:5e:20:10:
         4b:f3:ec:55:b4:ee:d8:54:9b:5a:db:34:c7:fc:05:32:56:5e:
         aa:8e:50:35:fd:28:35:31:1c:0e:c9:a4:f8:15:fd:1d:5e:c3:
         b0:e1:b3:ec:fe:f8:d8:c0:2c:43:9b:03:07:d0:2e:a1:25:44:
         18:84:f2:ea:85:77:83:c1:56:5c:ff:55:b6:0e:49:ec:80:d8:
         fe:43:8a:94:17:a4:22:2f:cb:99:5c:7b:a7:e9:45:2b:ba:1c:
         97:99:a8:d9:83:19:66:3f:0c:3f:64:23:ee:a1:b4:8f:c1:a1:
         e5:f8:d5:55:83:5d:72:3a:c9:96:31:84:07:c0:23:77:5a:e9:
         4e:bf:fb:b2:64:47:af:13:e3:a1:9f:a1:b2:d3:ab:af:83:9d:
         54:0c:24:31:bd:c9:d7:f7:15:31:30:f2:c4:b8:80:36:00:ff:
         b4:12:ed:44:e7:c0:b5:ae:36:9d:c2:9b:4f:79:73:95:bf:f0:
         be:f2:f8:5f:5f:be:e8:c2:96:51:97:9b:b2:3e:9c:19:cf:c3:
         bf:90:cd:16:87:03:e6:49:7b:08:79:c1:56:07:73:e6:3f:b6:
         f4:14:9e:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNMc04AgB7vuhyPW+Ly1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OThhNmU5OTFiOTU1YTI5MzUxMTE5ZmY3N2Q3Njg2NGIw
ZDM4NGEwHhcNMjUwNjA5MDEwMTE5WhcNMjUwNjEwMDEwMTE5WjAzMTEwLwYDVQQD
EyhiYzU5YTVhZmM3MWQzNDllNWNmYzA1MDhjNzA1NjE4NTQ2MzZmMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohLAMBilKq0oCmVluSJp30WGHcmK
MFL3NhZM4SAxNr8RTrrAAOhO2O+vCUnOj6I2Z2H1+WB2FBXsJbWPvzfVI1sNDv00
F8/F+NTQ37DJ635BP4SByvOXEvEAV6MpjE7I2LigMqxY1xj9NZ9fy5bxrY+V8Uk9
Vh6sNLONYiUImdUp35sa9rUMiUjDl6s/SRNm23mIs/9+p6AB47eDPSRXG4gU/M2O
R8J1MdbAT9O4iA1z8vj53IpGR2rv5nKjOo3Z6BZLgjzfxNnHFdY4Y2pAQf2u3Lkz
eX3daAX4yne4AGhJURFmU/uQJMb8v3wyod3lOV7RQp8RCRiiYeR6RmS8bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxZpa/HHTSeXPwFCMcFYYVGNvHYMB8GA1UdIwQY
MBaAFLeYpumRuVWik1ERn/d9doZLDThKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMt
NjljNzJmMTY4Njg5LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMtNjljNzJmMTY4Njg5
LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXtRQ+36j
mHRtlqKBJS+vcI3qSjr9mU2Kqc31+xrK1qluXiAQS/PsVbTu2FSbWts0x/wFMlZe
qo5QNf0oNTEcDsmk+BX9HV7DsOGz7P742MAsQ5sDB9AuoSVEGITy6oV3g8FWXP9V
tg5J7IDY/kOKlBekIi/LmVx7p+lFK7ocl5mo2YMZZj8MP2Qj7qG0j8Gh5fjVVYNd
cjrJljGEB8Ajd1rpTr/7smRHrxPjoZ+hstOrr4OdVAwkMb3J1/cVMTDyxLiANgD/
tBLtROfAta42ncKbT3lzlb/wvvL4X1++6MKWUZebsj6cGc/Dv5DNFocD5kl7CHnB
Vgdz5j+29BSejw==
-----END CERTIFICATE-----