Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          Xf4I1kinIePEhmTS5+40/ftoB/eT5zHiva5UiH57ezc=
Subject key identifier:   9B:A7:D3:54:77:D9:DD:23:96:B7:FA:47:25:22:6E:A2:7A:4F:0C:77
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       019749D5C0DE4A73BDE1F361F7F898FE5933
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          050D
Signing time:             Sat 07 Jun 2025 10:00:34 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:34 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:34 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: bknun8tncovvmZbeHAWuILuWFeyEQJB3Kw7BCWY2sk0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:c0:de:4a:73:bd:e1:f3:61:f7:f8:98:fe:59:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: Jun  7 10:00:34 2025 GMT
            Not After : Jun  8 10:00:34 2025 GMT
        Subject: CN=9ba7d35477d9dd2396b7fa4725226ea27a4f0c77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bf:f3:64:c1:d1:28:94:98:6d:6f:ed:c8:0c:
                    35:ce:d3:5a:0a:a1:b8:44:42:13:48:d9:fc:f3:58:
                    f8:74:ed:28:b7:5d:a4:6e:15:26:c6:95:9b:7a:96:
                    b2:87:8a:2a:2c:97:e1:36:70:a0:aa:b7:e0:bf:3f:
                    31:a9:ad:9d:16:16:ba:d4:63:03:c9:a4:54:4d:35:
                    55:a1:41:22:0b:30:ca:b8:7c:cb:2b:31:26:19:3e:
                    01:9d:90:07:3f:b4:65:6b:6f:22:12:aa:ec:9a:70:
                    bd:61:33:45:97:e7:9c:4f:9f:b6:84:cb:c8:3d:5a:
                    2d:dc:38:dd:5b:83:bc:64:e0:cc:e9:03:4e:27:ab:
                    87:c3:64:6e:aa:07:7f:48:60:86:29:5b:5b:dd:81:
                    7c:db:00:8c:c1:58:db:6f:7c:2a:a4:e3:41:d3:f4:
                    31:a0:26:9f:ad:75:6f:b9:70:29:ee:e4:f5:21:d0:
                    38:fc:5a:74:46:95:bb:05:61:29:70:d0:e5:ba:c8:
                    3f:33:db:f3:0d:f2:f3:73:21:76:f7:85:07:e2:25:
                    54:51:1a:f9:53:83:b8:b7:b8:a5:b8:7f:00:9e:6f:
                    a0:63:72:7f:8e:87:11:15:80:f4:1c:03:21:49:48:
                    be:60:b9:4c:79:89:06:58:99:ff:84:f4:72:e9:c7:
                    6f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:A7:D3:54:77:D9:DD:23:96:B7:FA:47:25:22:6E:A2:7A:4F:0C:77
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:07:de:84:06:46:5e:f0:f9:3f:59:4f:da:3a:70:49:37:39:
         70:9b:d5:03:b4:96:82:be:a4:c8:d4:4b:52:da:fa:35:03:a9:
         40:0b:fc:40:e6:ce:59:05:d1:a9:f4:46:f2:a5:f1:ee:9c:65:
         8c:02:79:46:9e:8c:f5:54:ca:ea:42:47:5f:2b:87:e9:71:91:
         17:19:2c:ec:56:4a:17:23:24:18:04:f5:13:c8:24:6f:32:41:
         fc:6f:55:31:44:26:69:2f:2e:85:33:69:e1:67:f4:00:1c:22:
         61:1c:42:ae:2f:6c:bb:fb:85:c8:be:38:e5:f4:a2:f1:61:e6:
         7e:1f:d7:89:b8:a0:b6:4a:10:c3:c1:c8:18:fb:33:77:b8:a8:
         63:2a:7a:61:56:ff:64:79:d7:b7:de:22:6d:d3:66:c5:c6:32:
         8d:d7:ec:ef:d3:22:41:de:47:80:40:58:4f:50:d9:cb:7f:d6:
         0e:5c:b4:82:a9:00:94:15:25:19:b2:52:82:12:8c:3d:a4:31:
         74:b8:57:10:fb:8e:55:27:97:c1:9d:75:d9:1a:fa:bc:39:5f:
         34:02:8c:23:74:91:56:e7:47:72:bc:aa:05:46:7a:da:60:97:
         f0:89:9b:57:5d:78:0f:73:6c:7f:59:92:af:e1:7d:a6:80:af:
         75:6c:be:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1cDeSnO94fNh9/iY/lkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjUwNjA3MTAwMDM0WhcNMjUwNjA4MTAwMDM0WjAzMTEwLwYDVQQD
Eyg5YmE3ZDM1NDc3ZDlkZDIzOTZiN2ZhNDcyNTIyNmVhMjdhNGYwYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr/zZMHRKJSYbW/tyAw1ztNaCqG4
REITSNn881j4dO0ot12kbhUmxpWbepayh4oqLJfhNnCgqrfgvz8xqa2dFha61GMD
yaRUTTVVoUEiCzDKuHzLKzEmGT4BnZAHP7Rla28iEqrsmnC9YTNFl+ecT5+2hMvI
PVot3DjdW4O8ZODM6QNOJ6uHw2Ruqgd/SGCGKVtb3YF82wCMwVjbb3wqpONB0/Qx
oCafrXVvuXAp7uT1IdA4/Fp0RpW7BWEpcNDlusg/M9vzDfLzcyF294UH4iVUURr5
U4O4t7iluH8Anm+gY3J/jocRFYD0HAMhSUi+YLlMeYkGWJn/hPRy6cdvJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJun01R32d0jlrf6RyUibqJ6Twx3MB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApwfehAZG
XvD5P1lP2jpwSTc5cJvVA7SWgr6kyNRLUtr6NQOpQAv8QObOWQXRqfRG8qXx7pxl
jAJ5Rp6M9VTK6kJHXyuH6XGRFxks7FZKFyMkGAT1E8gkbzJB/G9VMUQmaS8uhTNp
4Wf0ABwiYRxCri9su/uFyL445fSi8WHmfh/XibigtkoQw8HIGPszd7ioYyp6YVb/
ZHnXt94ibdNmxcYyjdfs79MiQd5HgEBYT1DZy3/WDly0gqkAlBUlGbJSghKMPaQx
dLhXEPuOVSeXwZ112Rr6vDlfNAKMI3SRVudHcryqBUZ62mCX8ImbV114D3Nsf1mS
r+F9poCvdWy+ow==
-----END CERTIFICATE-----