Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          XqXYGnxQIhb/I69AtQHtXs9id+Cm0Bp2yXAsH9nvJlE=
Subject key identifier:   16:5C:81:90:FC:FD:E7:95:0E:44:B9:2D:D9:B6:64:7B:B3:39:0E:6E
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       01974A7B1F855D75300E5B830C27DEDC980D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          1046
Signing time:             Sat 07 Jun 2025 13:01:12 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:12 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:12 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: 3OncVvMDQQJvQ316picpfTEfMLq8jJ8fkJOvnR6kbL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:1f:85:5d:75:30:0e:5b:83:0c:27:de:dc:98:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Jun  7 13:01:12 2025 GMT
            Not After : Jun  8 13:01:12 2025 GMT
        Subject: CN=165c8190fcfde7950e44b92dd9b6647bb3390e6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:eb:cc:a9:6f:4c:f8:82:da:85:4c:56:41:3e:
                    ae:a3:d0:7e:dc:6c:14:b7:93:66:b1:4f:74:a5:e0:
                    0a:8f:ba:79:d7:b9:bf:0e:11:89:ef:e6:f7:28:c6:
                    ba:76:cd:63:f6:ee:8a:c5:90:c8:01:6a:88:0b:b2:
                    d3:c3:42:c8:b4:ed:b1:a5:7c:cf:81:11:c0:3d:c4:
                    1b:0a:92:6b:b2:ea:03:3f:53:95:19:24:77:70:43:
                    57:ca:c1:38:89:de:c1:23:8a:d5:dd:ea:9c:6b:17:
                    38:12:f9:3d:92:6a:18:bf:37:80:71:d5:e0:bd:a2:
                    1c:d7:b2:0a:c1:17:48:7d:6a:b1:84:40:1e:7d:6e:
                    b5:6b:1d:a1:c0:44:ab:e5:2c:8c:1e:b1:53:50:42:
                    b8:bd:05:cb:9b:63:a6:39:c1:60:00:6b:94:49:7f:
                    b1:a0:ac:eb:24:2c:49:4e:09:45:1f:d3:d1:af:76:
                    d7:eb:ea:77:72:32:1f:21:c9:a1:3c:72:44:dc:50:
                    20:54:c4:a3:aa:d6:e3:62:79:ce:c9:bd:bb:f4:ea:
                    d1:2e:46:45:c1:c3:bc:13:17:64:a0:08:fc:ed:1a:
                    f5:fa:94:56:64:15:2a:d3:5d:53:2b:84:bb:41:e0:
                    06:85:f7:70:83:bc:6a:76:a5:9f:a9:08:32:1f:3f:
                    cf:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:5C:81:90:FC:FD:E7:95:0E:44:B9:2D:D9:B6:64:7B:B3:39:0E:6E
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:75:73:3a:45:1a:d4:88:43:16:8f:59:2e:cd:bc:d6:c5:9b:
         7a:53:f9:d0:07:b4:c2:b8:b7:e8:19:46:b2:b6:2d:6b:ba:c4:
         60:c5:4d:d9:52:e7:51:d3:e7:3b:00:e9:8c:4e:4f:b9:32:8d:
         ad:58:a4:9f:e6:24:84:b8:0b:6c:32:14:aa:1d:d1:1e:8a:25:
         b6:f8:85:cd:6f:99:80:32:c0:17:52:b1:63:c6:26:6f:e7:4f:
         c2:44:64:0a:b7:d6:e3:ef:26:f3:1d:71:32:d4:e9:24:d4:88:
         8e:32:4f:91:4c:85:fa:79:9d:9e:59:3e:6f:5c:55:40:3e:97:
         fe:33:a6:b4:fe:36:75:1c:01:25:29:1e:a1:ef:8c:00:77:a6:
         a1:51:03:69:b3:82:d9:b6:a9:c1:2e:d4:1b:2a:05:62:37:70:
         f4:bc:a2:a0:bd:6f:58:33:39:45:1c:3d:d3:3f:62:ed:f7:99:
         5c:59:a8:03:30:6d:70:27:1d:fe:cd:d0:8c:70:2a:cd:98:f8:
         1b:ae:b8:0d:37:dd:ab:54:2c:47:f1:0c:b4:65:cf:f1:46:84:
         35:86:94:84:bf:2e:1b:91:23:1e:5d:e5:fb:d6:65:81:4d:88:
         56:a7:f7:fa:f3:49:49:44:33:ff:10:57:59:b9:a9:02:14:12:
         33:52:8e:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKex+FXXUwDluDDCfe3JgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjUwNjA3MTMwMTEyWhcNMjUwNjA4MTMwMTEyWjAzMTEwLwYDVQQD
EygxNjVjODE5MGZjZmRlNzk1MGU0NGI5MmRkOWI2NjQ3YmIzMzkwZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOvMqW9M+ILahUxWQT6uo9B+3GwU
t5NmsU90peAKj7p517m/DhGJ7+b3KMa6ds1j9u6KxZDIAWqIC7LTw0LItO2xpXzP
gRHAPcQbCpJrsuoDP1OVGSR3cENXysE4id7BI4rV3eqcaxc4Evk9kmoYvzeAcdXg
vaIc17IKwRdIfWqxhEAefW61ax2hwESr5SyMHrFTUEK4vQXLm2OmOcFgAGuUSX+x
oKzrJCxJTglFH9PRr3bX6+p3cjIfIcmhPHJE3FAgVMSjqtbjYnnOyb279OrRLkZF
wcO8ExdkoAj87Rr1+pRWZBUq011TK4S7QeAGhfdwg7xqdqWfqQgyHz/P8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZcgZD8/eeVDkS5Ldm2ZHuzOQ5uMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAenVzOkUa
1IhDFo9ZLs281sWbelP50Ae0wri36BlGsrYta7rEYMVN2VLnUdPnOwDpjE5PuTKN
rVikn+YkhLgLbDIUqh3RHooltviFzW+ZgDLAF1KxY8Ymb+dPwkRkCrfW4+8m8x1x
MtTpJNSIjjJPkUyF+nmdnlk+b1xVQD6X/jOmtP42dRwBJSkeoe+MAHemoVEDabOC
2bapwS7UGyoFYjdw9LyioL1vWDM5RRw90z9i7feZXFmoAzBtcCcd/s3QjHAqzZj4
G664DTfdq1QsR/EMtGXP8UaENYaUhL8uG5EjHl3l+9ZlgU2IVqf3+vNJSUQz/xBX
WbmpAhQSM1KOEQ==
-----END CERTIFICATE-----