Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          QE8Zv/Pwmn5b1rUOQhCoWP1IR3dR7whNb7XDpDGJU+s=
Subject key identifier:   CC:DA:65:53:55:6B:9A:C0:EC:1D:E9:04:8A:F3:55:39:2D:9E:08:77
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019677FA870F453F1362047248EB78CDF7EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          0E41
Signing time:             Sun 27 Apr 2025 16:00:29 +0000
Manifest this update:     Sun 27 Apr 2025 16:00:29 +0000
Manifest next update:     Mon 28 Apr 2025 16:00:29 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: wp3aD6C7DK1BWSbIVMDfvaUhsCMRNMTNroXpU1Ba4Rg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fa:87:0f:45:3f:13:62:04:72:48:eb:78:cd:f7:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Apr 27 16:00:29 2025 GMT
            Not After : Apr 28 16:00:29 2025 GMT
        Subject: CN=ccda6553556b9ac0ec1de9048af355392d9e0877
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e7:21:fe:47:57:25:ea:81:65:a9:4f:b0:40:
                    6a:b2:d1:23:9e:e0:61:fa:0d:fa:a0:26:a7:44:0d:
                    fa:7d:26:9a:51:29:44:a9:2a:f6:fd:4e:63:eb:68:
                    de:ff:d6:46:03:5d:f8:a2:c5:89:9b:b3:f1:16:24:
                    be:9c:4d:54:0b:a9:7c:d7:54:a6:8f:f3:61:69:aa:
                    c0:b7:9b:a8:3a:90:1f:4c:10:42:eb:fe:84:17:c8:
                    02:82:22:b1:a7:96:c0:67:97:b5:2f:fe:cc:8e:70:
                    68:e5:8c:05:1a:0b:a7:9a:a7:b6:ae:22:a1:b1:4d:
                    cd:9b:4a:92:8b:97:76:7b:4e:a0:91:aa:7d:c2:05:
                    ef:ee:74:e7:06:b0:25:52:e2:e8:df:e0:ec:d6:c5:
                    34:7e:86:31:b0:34:30:88:80:b6:dc:a4:d2:fe:b4:
                    1e:9e:42:c9:ed:2a:9a:85:67:a2:f0:fc:6b:ce:ca:
                    5b:57:7a:60:98:44:27:2a:7f:f7:36:fe:b6:4b:7d:
                    46:a5:14:5a:61:7e:21:02:ad:aa:b5:8e:ec:04:cd:
                    2e:56:a4:90:50:8f:20:d3:63:1c:79:59:25:5a:90:
                    a8:68:61:c8:37:f5:47:23:b9:e4:6b:c8:62:f0:c3:
                    39:01:49:e2:43:59:7f:d7:7c:49:33:4e:fe:c6:4e:
                    49:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:DA:65:53:55:6B:9A:C0:EC:1D:E9:04:8A:F3:55:39:2D:9E:08:77
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:aa:a5:02:be:c3:3f:59:6e:57:28:66:2a:1c:d3:9b:2e:50:
         e1:db:a3:39:46:6d:92:bc:35:c5:7e:96:1f:e7:81:fb:b3:6f:
         d3:ab:c0:9a:b7:0f:31:d4:a5:0d:b8:fc:ba:6e:77:4a:26:e7:
         4d:bb:56:0b:17:0f:e5:e3:ef:ba:11:f4:94:a5:59:b6:d7:79:
         b0:b1:ee:68:6d:1b:c3:c6:53:be:8f:ec:b7:63:86:00:cf:c8:
         ad:69:e1:7e:e7:e9:32:39:57:c7:22:a5:97:e2:e3:70:9b:80:
         3a:2b:b0:91:2c:c7:90:69:51:e6:80:ba:e3:14:da:02:b9:f6:
         63:be:1c:52:33:22:f6:b2:1d:3b:8f:b4:29:8a:27:90:cb:7b:
         98:b1:34:31:9a:15:c4:44:60:b4:15:31:b9:f8:4c:2b:e2:41:
         b2:80:d5:c0:ff:85:e6:66:d0:a8:e2:b3:f3:24:05:8d:de:be:
         bd:c3:a7:57:71:9d:d8:46:0c:9e:79:7f:cf:b3:27:2d:ed:91:
         1c:3c:51:5f:06:eb:b5:4e:47:4a:59:c8:27:8f:74:61:eb:de:
         49:90:0d:37:9f:44:31:cc:45:4b:91:71:03:2e:c3:f1:7c:c8:
         46:32:d5:cc:d2:b5:e9:bb:f2:88:ad:11:f5:0f:03:99:0f:b3:
         e6:da:55:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+ocPRT8TYgRySOt4zffqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjUwNDI3MTYwMDI5WhcNMjUwNDI4MTYwMDI5WjAzMTEwLwYDVQQD
EyhjY2RhNjU1MzU1NmI5YWMwZWMxZGU5MDQ4YWYzNTUzOTJkOWUwODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+ch/kdXJeqBZalPsEBqstEjnuBh
+g36oCanRA36fSaaUSlEqSr2/U5j62je/9ZGA134osWJm7PxFiS+nE1UC6l811Sm
j/NhaarAt5uoOpAfTBBC6/6EF8gCgiKxp5bAZ5e1L/7MjnBo5YwFGgunmqe2riKh
sU3Nm0qSi5d2e06gkap9wgXv7nTnBrAlUuLo3+Ds1sU0foYxsDQwiIC23KTS/rQe
nkLJ7SqahWei8PxrzspbV3pgmEQnKn/3Nv62S31GpRRaYX4hAq2qtY7sBM0uVqSQ
UI8g02MceVklWpCoaGHIN/VHI7nka8hi8MM5AUniQ1l/13xJM07+xk5JxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzaZVNVa5rA7B3pBIrzVTktngh3MB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvaqlAr7D
P1luVyhmKhzTmy5Q4dujOUZtkrw1xX6WH+eB+7Nv06vAmrcPMdSlDbj8um53Sibn
TbtWCxcP5ePvuhH0lKVZttd5sLHuaG0bw8ZTvo/st2OGAM/IrWnhfufpMjlXxyKl
l+LjcJuAOiuwkSzHkGlR5oC64xTaArn2Y74cUjMi9rIdO4+0KYonkMt7mLE0MZoV
xERgtBUxufhMK+JBsoDVwP+F5mbQqOKz8yQFjd6+vcOnV3Gd2EYMnnl/z7MnLe2R
HDxRXwbrtU5HSlnIJ490YeveSZANN59EMcxFS5FxAy7D8XzIRjLVzNK16bvyiK0R
9Q8DmQ+z5tpVng==
-----END CERTIFICATE-----