Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          uhchoGIHSFjC8PbwxzONCaaowkJhqqOHUYqj6+CAncc=
Subject key identifier:   57:6B:23:11:DF:17:C1:42:D7:67:D3:D7:7C:5E:C4:96:C6:40:EB:8A
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       019747E72D4864C7945F371A065E00BFA858
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          13A1
Signing time:             Sat 07 Jun 2025 01:00:22 +0000
Manifest this update:     Sat 07 Jun 2025 01:00:22 +0000
Manifest next update:     Sun 08 Jun 2025 01:00:22 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: MKJDbCs1dcEFyUyrHWNdejoMOsT4L7EbdLp4jKZq9p0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:e7:2d:48:64:c7:94:5f:37:1a:06:5e:00:bf:a8:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Jun  7 01:00:22 2025 GMT
            Not After : Jun  8 01:00:22 2025 GMT
        Subject: CN=576b2311df17c142d767d3d77c5ec496c640eb8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:43:44:db:f0:93:2e:8b:4b:51:a5:d4:5a:3c:
                    78:ad:99:df:1e:32:82:bd:7a:3e:bf:f6:b3:9f:9a:
                    38:a6:5d:37:51:75:c0:7d:67:d9:e6:f1:5c:4b:16:
                    c7:6d:28:b1:4d:8c:5d:e1:7a:d9:9a:75:4b:c7:46:
                    cf:00:70:a8:07:59:93:74:10:29:cd:25:46:aa:b0:
                    62:c9:ac:44:b7:3e:4d:71:ce:9c:df:ed:19:cc:c7:
                    c8:ee:f2:00:4f:e7:31:95:14:aa:89:06:75:5c:80:
                    01:b1:a0:17:5c:20:69:5c:ba:18:f6:58:68:f2:c9:
                    c3:1e:a8:28:93:dd:23:50:00:1f:6d:78:ee:b0:92:
                    c9:2d:b4:23:7f:0e:f2:06:ca:71:e8:98:cd:f2:f4:
                    bb:01:8f:3e:76:5d:ec:e8:54:36:d3:d6:b6:7b:82:
                    53:48:30:c3:70:cf:a2:0c:4f:2d:b5:89:ed:1b:25:
                    ca:ac:2c:b1:76:0a:cf:d0:10:c0:12:87:33:ef:f2:
                    7d:79:ed:a2:35:31:74:3c:7d:a3:8e:76:57:03:98:
                    a0:cd:7e:8f:4e:99:f0:db:84:d2:f5:23:14:36:f5:
                    73:79:a2:cd:a0:3e:fc:33:65:4e:56:65:e3:d4:06:
                    dd:2e:cd:d9:db:b0:b0:d6:76:b3:1b:12:5d:a8:c5:
                    e0:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:6B:23:11:DF:17:C1:42:D7:67:D3:D7:7C:5E:C4:96:C6:40:EB:8A
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:82:b8:60:33:ce:c7:04:0f:31:f4:ea:37:68:9f:b1:a3:2d:
         67:65:07:06:10:9b:b8:d5:4e:3f:a9:b3:ad:ca:ea:ba:58:99:
         f4:1c:89:69:79:fc:25:73:ad:f1:fc:0d:20:88:5f:3e:a2:b9:
         2f:64:0e:06:93:87:77:0a:4a:8f:ac:e5:f9:13:6d:9f:64:37:
         24:22:81:80:38:d2:df:11:93:fe:99:03:cc:39:ed:0d:71:6c:
         6d:c9:17:2e:97:34:fa:26:f9:76:e1:93:b1:cd:71:e8:f7:7b:
         65:bf:a4:41:c1:f9:fc:da:23:f1:96:4f:17:2b:e5:ab:1b:22:
         e6:a0:3c:0d:f8:d2:38:54:14:29:39:40:1b:fe:55:df:c6:27:
         d9:cd:96:8b:3b:93:47:29:96:f8:05:24:7f:95:7e:71:26:61:
         ff:22:af:6b:60:79:18:cb:0c:a8:ef:65:17:b1:39:44:11:c5:
         3f:ce:2f:00:f5:40:79:37:42:b3:38:08:25:f2:41:f7:b8:4c:
         4c:05:00:4f:a8:b4:ee:74:76:58:59:eb:23:0b:52:d4:5d:df:
         5c:0a:86:28:11:8e:c7:aa:54:90:8b:1b:24:cf:54:ce:6d:91:
         ca:93:97:ed:b4:f3:0b:0f:32:0e:f3:5d:77:2a:d2:cc:27:56:
         93:b3:45:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdH5y1IZMeUXzcaBl4Av6hYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUwNjA3MDEwMDIyWhcNMjUwNjA4MDEwMDIyWjAzMTEwLwYDVQQD
Eyg1NzZiMjMxMWRmMTdjMTQyZDc2N2QzZDc3YzVlYzQ5NmM2NDBlYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkNE2/CTLotLUaXUWjx4rZnfHjKC
vXo+v/azn5o4pl03UXXAfWfZ5vFcSxbHbSixTYxd4XrZmnVLx0bPAHCoB1mTdBAp
zSVGqrBiyaxEtz5Ncc6c3+0ZzMfI7vIAT+cxlRSqiQZ1XIABsaAXXCBpXLoY9lho
8snDHqgok90jUAAfbXjusJLJLbQjfw7yBspx6JjN8vS7AY8+dl3s6FQ209a2e4JT
SDDDcM+iDE8ttYntGyXKrCyxdgrP0BDAEocz7/J9ee2iNTF0PH2jjnZXA5igzX6P
Tpnw24TS9SMUNvVzeaLNoD78M2VOVmXj1AbdLs3Z27Cw1nazGxJdqMXgFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdrIxHfF8FC12fT13xexJbGQOuKMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI4K4YDPO
xwQPMfTqN2ifsaMtZ2UHBhCbuNVOP6mzrcrquliZ9ByJaXn8JXOt8fwNIIhfPqK5
L2QOBpOHdwpKj6zl+RNtn2Q3JCKBgDjS3xGT/pkDzDntDXFsbckXLpc0+ib5duGT
sc1x6Pd7Zb+kQcH5/Noj8ZZPFyvlqxsi5qA8DfjSOFQUKTlAG/5V38Yn2c2WizuT
RymW+AUkf5V+cSZh/yKva2B5GMsMqO9lF7E5RBHFP84vAPVAeTdCszgIJfJB97hM
TAUAT6i07nR2WFnrIwtS1F3fXAqGKBGOx6pUkIsbJM9Uzm2RypOX7bTzCw8yDvNd
dyrSzCdWk7NF7A==
-----END CERTIFICATE-----