Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
File:                     K5Ro565AOUbluk3mHMHEej2b794.mft (raw, json)
Hash identifier:          y4prVYp43Stqml/ISUFmp4XR99YXxfzWC++R2nMEbB4=
Subject key identifier:   28:DC:C6:50:69:9B:70:6F:24:2C:53:74:CA:C6:1D:9D:7D:94:51:B4
Authority key identifier: 2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE
Certificate issuer:       /CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
Certificate serial:       0196512426F8616CEA477681596E12F6CDD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
Manifest number:          09B5
Signing time:             Sun 20 Apr 2025 03:00:45 +0000
Manifest this update:     Sun 20 Apr 2025 03:00:45 +0000
Manifest next update:     Mon 21 Apr 2025 03:00:45 +0000
Files and hashes:         1: K5Ro565AOUbluk3mHMHEej2b794.crl (hash: RqOzhPuXWE7gk/KS0ekkaqMZEFYwZA+fEtNSbS7roic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 03:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:24:26:f8:61:6c:ea:47:76:81:59:6e:12:f6:cd:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
        Validity
            Not Before: Apr 20 03:00:45 2025 GMT
            Not After : Apr 21 03:00:45 2025 GMT
        Subject: CN=28dcc650699b706f242c5374cac61d9d7d9451b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:8f:0a:7c:ca:ce:7f:79:0f:c5:10:dd:65:86:
                    94:1e:9b:0c:e3:5a:6e:5b:be:0a:c7:ea:94:1e:a0:
                    d8:11:75:76:17:f4:6c:d0:92:9c:e8:b7:6e:4f:f7:
                    7a:46:7c:88:18:e4:6b:e9:2a:fa:2c:e6:2b:2b:df:
                    fe:46:07:c0:66:fa:94:6d:5e:65:53:11:f2:6b:56:
                    a8:55:15:67:5e:30:d3:99:82:18:92:fb:e7:fb:69:
                    91:1b:0c:22:67:c5:11:7f:75:7e:4e:2c:62:2e:95:
                    4e:08:ce:a5:96:a9:dc:a4:df:df:65:a8:67:6a:bf:
                    c2:a3:b0:c2:b9:37:c1:94:d6:e3:c9:f1:2b:af:fd:
                    e9:16:5a:05:1e:31:52:95:e4:fd:f8:ce:fa:c7:19:
                    fd:12:7f:f2:90:08:0f:20:5a:33:0a:12:82:12:d6:
                    51:47:74:e3:b4:86:20:38:fd:7e:18:07:f7:5e:87:
                    3e:89:6a:5d:40:54:1a:9c:6f:e8:5a:69:77:05:0c:
                    a3:0d:b7:0c:dc:a3:13:59:f5:cf:e8:25:62:17:e6:
                    fb:bf:7c:7f:b7:0a:21:4a:0c:48:74:2b:f2:40:36:
                    cd:20:81:03:bb:49:67:79:89:f6:4f:69:84:b3:d9:
                    a0:78:90:4a:a0:15:6a:79:61:99:ce:e2:74:bc:c2:
                    f2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:DC:C6:50:69:9B:70:6F:24:2C:53:74:CA:C6:1D:9D:7D:94:51:B4
            X509v3 Authority Key Identifier:
                keyid:2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:70:09:03:49:d6:45:4a:16:d3:fe:60:8b:01:b8:75:d6:e5:
         6d:87:46:b6:d8:88:81:ef:4d:50:5d:be:54:33:62:29:1a:f1:
         de:8f:d8:b6:00:57:38:7e:e9:be:b1:02:85:bc:f0:44:3f:ff:
         2e:13:8d:e3:7d:29:7c:d6:9e:81:03:78:0f:30:85:5c:37:54:
         bf:0f:d5:f5:71:9e:c8:6c:0b:59:eb:53:0d:b0:61:9c:f8:df:
         99:b4:53:01:1a:4f:8f:c4:48:ce:bc:2b:72:23:93:55:a9:ec:
         a0:65:2c:98:fb:45:65:5f:6a:72:0f:fc:c9:65:8e:a9:95:6d:
         80:99:4d:25:9b:48:e7:d2:13:fa:0e:d9:13:97:4a:b0:d3:32:
         8d:81:bb:d2:fe:45:39:cc:60:84:07:c2:3c:90:92:8b:84:48:
         ed:42:20:9e:4d:b6:74:3e:47:1a:89:5e:f4:8e:a5:49:ac:a2:
         dd:ec:bb:c4:56:38:53:ae:51:3b:9e:5e:83:19:59:7c:92:c7:
         fe:95:51:f6:77:db:16:fb:50:09:b5:eb:6e:b3:57:84:25:fa:
         21:5f:45:e0:1f:9d:26:d3:78:36:63:f9:7f:23:cf:ea:a5:79:
         cd:93:24:54:7d:ca:a5:de:15:15:e6:1e:08:46:ca:5b:2e:5f:
         55:23:52:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRJCb4YWzqR3aBWW4S9s3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTQ2OGU3YWU0MDM5NDZlNWJhNGRlNjFjYzFjNDdhM2Q5
YmVmZGUwHhcNMjUwNDIwMDMwMDQ1WhcNMjUwNDIxMDMwMDQ1WjAzMTEwLwYDVQQD
EygyOGRjYzY1MDY5OWI3MDZmMjQyYzUzNzRjYWM2MWQ5ZDdkOTQ1MWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y8KfMrOf3kPxRDdZYaUHpsM41pu
W74Kx+qUHqDYEXV2F/Rs0JKc6LduT/d6RnyIGORr6Sr6LOYrK9/+RgfAZvqUbV5l
UxHya1aoVRVnXjDTmYIYkvvn+2mRGwwiZ8URf3V+TixiLpVOCM6llqncpN/fZahn
ar/Co7DCuTfBlNbjyfErr/3pFloFHjFSleT9+M76xxn9En/ykAgPIFozChKCEtZR
R3TjtIYgOP1+GAf3Xoc+iWpdQFQanG/oWml3BQyjDbcM3KMTWfXP6CViF+b7v3x/
twohSgxIdCvyQDbNIIEDu0lneYn2T2mEs9mgeJBKoBVqeWGZzuJ0vMLynwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjcxlBpm3BvJCxTdMrGHZ19lFG0MB8GA1UdIwQY
MBaAFCuUaOeuQDlG5bpN5hzBxHo9m+/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTct
MjI2OWMxYWYyYWQzLzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTctMjI2OWMxYWYyYWQz
LzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPXAJA0nW
RUoW0/5giwG4ddblbYdGttiIge9NUF2+VDNiKRrx3o/YtgBXOH7pvrEChbzwRD//
LhON430pfNaegQN4DzCFXDdUvw/V9XGeyGwLWetTDbBhnPjfmbRTARpPj8RIzrwr
ciOTVansoGUsmPtFZV9qcg/8yWWOqZVtgJlNJZtI59IT+g7ZE5dKsNMyjYG70v5F
OcxghAfCPJCSi4RI7UIgnk22dD5HGole9I6lSayi3ey7xFY4U65RO55egxlZfJLH
/pVR9nfbFvtQCbXrbrNXhCX6IV9F4B+dJtN4NmP5fyPP6qV5zZMkVH3Kpd4VFeYe
CEbKWy5fVSNSWg==
-----END CERTIFICATE-----