Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          A8wlsVr42KuasqW6VX+sHFlqtq2I+BXD2TagjDtdgkM=
Subject key identifier:   2D:57:5E:94:D2:66:75:55:AC:C1:B5:3F:CB:FB:4B:12:E8:06:73:4E
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       0196A879411B9145B4F140BD03EEDC493A87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0BAE
Signing time:             Wed 07 May 2025 02:00:40 +0000
Manifest this update:     Wed 07 May 2025 02:00:40 +0000
Manifest next update:     Thu 08 May 2025 02:00:40 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: F6tkru/1U6EJw35HkbQ5LTZAHEZiyts9r+n/8VsUNF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 02:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a8:79:41:1b:91:45:b4:f1:40:bd:03:ee:dc:49:3a:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: May  7 02:00:40 2025 GMT
            Not After : May  8 02:00:40 2025 GMT
        Subject: CN=2d575e94d2667555acc1b53fcbfb4b12e806734e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ad:7a:4c:fd:4a:3f:b4:9a:5a:9b:d0:02:36:
                    06:fd:c7:c6:18:c6:8f:85:5f:f5:0c:42:0c:d5:aa:
                    31:e6:0e:72:c9:fb:cc:16:a4:e4:61:ee:78:95:90:
                    90:26:50:fd:39:bd:af:b1:f0:ee:bb:95:b7:85:9b:
                    fa:bf:c9:59:83:76:7e:02:5e:f0:3e:e5:db:6f:67:
                    af:be:b1:97:66:17:ca:a8:8e:df:5c:01:81:c5:a2:
                    58:c7:dc:c4:ce:6d:a3:98:83:fc:c3:d8:5b:62:2f:
                    7f:75:71:23:97:5e:08:53:e2:78:b5:81:5d:2d:25:
                    5f:40:1a:cd:79:3c:6f:bb:19:af:16:6a:e1:e8:3b:
                    68:65:b3:11:31:0f:b6:31:92:06:a7:71:be:a2:37:
                    4f:62:41:e1:91:cd:dc:b9:d1:2c:c8:ed:5d:0b:81:
                    1b:3a:47:c0:7e:8e:ce:de:68:ef:9d:e4:88:46:7d:
                    9d:03:66:d3:27:bd:14:c0:01:32:d6:a6:a0:b2:e4:
                    72:1e:b3:9e:c0:8b:13:62:3e:68:1e:66:2e:cf:b5:
                    3f:6f:7b:3c:9d:31:4c:3d:98:cb:70:04:9c:48:19:
                    94:f0:38:99:b5:3b:3a:a5:c0:3c:75:52:a8:01:fd:
                    54:ba:3f:bd:59:e2:be:ed:87:a0:50:64:86:9a:0d:
                    20:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:57:5E:94:D2:66:75:55:AC:C1:B5:3F:CB:FB:4B:12:E8:06:73:4E
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:75:7c:00:29:1f:2d:68:c9:29:ee:e2:49:66:77:e5:c6:e9:
         76:2a:18:2a:1a:e4:40:c3:08:88:7e:c8:03:38:3f:e6:be:72:
         75:27:d6:60:80:25:24:5f:b0:77:2d:c9:51:5f:92:56:18:1b:
         4b:58:20:e3:2c:5e:3d:4e:59:75:8f:60:b5:f2:f7:86:d9:11:
         6c:be:4b:2c:de:74:ef:ae:6d:52:59:dd:6b:a2:99:9d:ae:02:
         72:c1:d7:a5:de:e1:6f:8c:2e:59:a3:c5:28:e9:65:4b:e4:f3:
         1e:5c:be:6e:9a:66:40:61:6c:9f:04:35:b9:33:5b:c1:6f:ea:
         77:69:da:2f:31:ee:3f:90:9b:41:aa:d3:52:67:b3:1e:97:65:
         9d:02:ad:d8:d3:97:fb:34:01:06:12:c9:a4:0a:86:9b:69:d8:
         f4:7f:69:74:65:9d:a3:76:fb:22:a5:df:a1:db:5e:1e:6b:f2:
         42:81:5a:36:c4:96:39:8f:57:96:4f:73:00:b4:5b:00:2f:69:
         47:49:8d:3c:77:85:78:23:17:ab:1d:27:4f:40:16:67:b3:47:
         25:c5:f8:e3:0b:3e:78:93:46:7a:46:df:4b:04:8c:d2:fa:ce:
         47:2d:03:3f:4d:68:4f:17:f9:e0:e4:53:e1:4e:fe:0a:fc:5f:
         2b:a1:b2:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaoeUEbkUW08UC9A+7cSTqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjUwNTA3MDIwMDQwWhcNMjUwNTA4MDIwMDQwWjAzMTEwLwYDVQQD
EygyZDU3NWU5NGQyNjY3NTU1YWNjMWI1M2ZjYmZiNGIxMmU4MDY3MzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa16TP1KP7SaWpvQAjYG/cfGGMaP
hV/1DEIM1aox5g5yyfvMFqTkYe54lZCQJlD9Ob2vsfDuu5W3hZv6v8lZg3Z+Al7w
PuXbb2evvrGXZhfKqI7fXAGBxaJYx9zEzm2jmIP8w9hbYi9/dXEjl14IU+J4tYFd
LSVfQBrNeTxvuxmvFmrh6DtoZbMRMQ+2MZIGp3G+ojdPYkHhkc3cudEsyO1dC4Eb
OkfAfo7O3mjvneSIRn2dA2bTJ70UwAEy1qagsuRyHrOewIsTYj5oHmYuz7U/b3s8
nTFMPZjLcAScSBmU8DiZtTs6pcA8dVKoAf1Uuj+9WeK+7YegUGSGmg0gYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1XXpTSZnVVrMG1P8v7SxLoBnNOMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXHV8ACkf
LWjJKe7iSWZ35cbpdioYKhrkQMMIiH7IAzg/5r5ydSfWYIAlJF+wdy3JUV+SVhgb
S1gg4yxePU5ZdY9gtfL3htkRbL5LLN50765tUlnda6KZna4CcsHXpd7hb4wuWaPF
KOllS+TzHly+bppmQGFsnwQ1uTNbwW/qd2naLzHuP5CbQarTUmezHpdlnQKt2NOX
+zQBBhLJpAqGm2nY9H9pdGWdo3b7IqXfodteHmvyQoFaNsSWOY9Xlk9zALRbAC9p
R0mNPHeFeCMXqx0nT0AWZ7NHJcX44ws+eJNGekbfSwSM0vrORy0DP01oTxf54ORT
4U7+CvxfK6Gyww==
-----END CERTIFICATE-----