Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/825b0b-976f-472e-a6a1-ce4d96f492ec/1/w5JjfwbbxBhtlQKakrKbMOn0lA0.mft
File:                     w5JjfwbbxBhtlQKakrKbMOn0lA0.mft (raw, json)
Hash identifier:          Upijgc0nS+viuaSxabzrLh3t8sB54+sUJx2T1mRnfek=
Subject key identifier:   82:76:52:EB:4C:F8:F8:C7:DD:E3:A5:C6:E0:3D:8E:12:D9:54:55:BE
Authority key identifier: C3:92:63:7F:06:DB:C4:18:6D:95:02:9A:92:B2:9B:30:E9:F4:94:0D
Certificate issuer:       /CN=c392637f06dbc4186d95029a92b29b30e9f4940d
Certificate serial:       01968322E07B3033C35202BB1854D370224B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w5JjfwbbxBhtlQKakrKbMOn0lA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/825b0b-976f-472e-a6a1-ce4d96f492ec/1/w5JjfwbbxBhtlQKakrKbMOn0lA0.mft
Manifest number:          028E
Signing time:             Tue 29 Apr 2025 20:00:23 +0000
Manifest this update:     Tue 29 Apr 2025 20:00:23 +0000
Manifest next update:     Wed 30 Apr 2025 20:00:23 +0000
Files and hashes:         1: w5JjfwbbxBhtlQKakrKbMOn0lA0.crl (hash: krrS/+OxaikUwuBk0lo88hyldisox7yyNRK/VWWlvQw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/825b0b-976f-472e-a6a1-ce4d96f492ec/1/w5JjfwbbxBhtlQKakrKbMOn0lA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/825b0b-976f-472e-a6a1-ce4d96f492ec/1/w5JjfwbbxBhtlQKakrKbMOn0lA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w5JjfwbbxBhtlQKakrKbMOn0lA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:22:e0:7b:30:33:c3:52:02:bb:18:54:d3:70:22:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c392637f06dbc4186d95029a92b29b30e9f4940d
        Validity
            Not Before: Apr 29 20:00:23 2025 GMT
            Not After : Apr 30 20:00:23 2025 GMT
        Subject: CN=827652eb4cf8f8c7dde3a5c6e03d8e12d95455be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:dc:03:ef:43:8a:29:2d:29:df:fc:23:48:ef:
                    49:48:81:23:ee:33:7d:c5:e2:a7:ae:a2:85:37:8a:
                    87:fb:52:43:32:7d:38:ec:da:fb:cb:c2:63:e3:a6:
                    2c:6b:65:31:ea:37:40:78:8a:a9:66:91:1b:53:01:
                    6a:d7:f7:be:62:7c:0e:50:30:39:5b:8f:17:7e:54:
                    ed:02:6a:58:88:a1:24:20:3e:ca:d6:16:e9:9a:6c:
                    01:79:e4:ff:b3:82:f0:4f:a7:03:79:ca:a6:33:40:
                    e3:19:f0:19:f6:55:72:b8:5c:f1:67:cc:54:c9:e5:
                    35:9f:a6:f9:7d:20:04:b8:c6:53:10:07:52:eb:7c:
                    40:de:3b:97:4b:c3:54:46:2b:6b:cf:4f:f5:2d:32:
                    fd:4f:39:72:1e:11:01:cc:f6:58:86:11:04:31:46:
                    85:87:96:89:e5:8d:a3:65:95:f0:46:15:d4:c5:06:
                    b6:22:04:6d:a7:7e:b9:b2:be:c4:2e:95:a7:b4:5f:
                    96:9e:51:97:66:92:10:cc:a8:02:3a:3d:fd:39:39:
                    64:b1:f4:67:85:96:46:af:b4:a5:9a:8a:21:eb:99:
                    5d:3a:7a:6e:d7:99:0b:d9:52:91:42:9f:c9:3b:19:
                    57:d9:56:a2:88:4b:eb:fc:db:c2:7e:39:a8:65:8a:
                    e2:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:76:52:EB:4C:F8:F8:C7:DD:E3:A5:C6:E0:3D:8E:12:D9:54:55:BE
            X509v3 Authority Key Identifier:
                keyid:C3:92:63:7F:06:DB:C4:18:6D:95:02:9A:92:B2:9B:30:E9:F4:94:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5JjfwbbxBhtlQKakrKbMOn0lA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/825b0b-976f-472e-a6a1-ce4d96f492ec/1/w5JjfwbbxBhtlQKakrKbMOn0lA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/825b0b-976f-472e-a6a1-ce4d96f492ec/1/w5JjfwbbxBhtlQKakrKbMOn0lA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:3a:7a:b6:e9:8a:a2:bc:b4:7b:af:20:ae:9a:6d:ad:93:80:
         17:21:bc:d5:8f:6e:94:cb:f4:63:50:98:19:1a:d2:bc:75:14:
         ca:5f:86:a2:0e:30:8a:49:28:85:4b:28:8e:57:92:ce:41:dc:
         39:28:e8:3b:36:06:ad:4b:ab:45:1b:b8:c3:a3:73:f3:a7:23:
         cf:61:30:cc:66:a6:fe:c4:b1:16:b4:ba:67:6f:fb:4a:db:42:
         8f:94:b2:55:0a:5d:11:c5:d0:17:ed:e4:86:de:4e:a7:5b:ea:
         9d:e8:b0:a9:06:bc:af:8e:d9:90:fc:db:e3:13:d0:4d:01:54:
         9a:8c:02:ba:08:ee:d9:d4:66:6f:6c:bb:ed:20:e9:8e:3e:4f:
         a9:ab:a1:45:c8:8d:15:4b:0b:d1:c4:94:cd:47:c1:d9:b7:c9:
         ab:05:ea:bb:a4:dc:74:04:ae:a9:28:9a:a4:58:af:a0:f0:42:
         c6:fc:61:9a:51:12:5c:d4:e6:26:7c:a8:d2:77:cc:aa:c9:66:
         4e:2f:d1:a6:6b:43:56:f4:db:60:72:1b:b9:b7:cd:15:3d:b4:
         a3:43:91:c7:99:6c:11:cb:21:68:5d:76:0d:3f:85:d7:6d:52:
         d5:e9:2c:ff:94:73:ce:90:d8:73:9a:e6:fb:f1:98:75:55:c1:
         b9:3c:57:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDIuB7MDPDUgK7GFTTcCJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTI2MzdmMDZkYmM0MTg2ZDk1MDI5YTkyYjI5YjMwZTlm
NDk0MGQwHhcNMjUwNDI5MjAwMDIzWhcNMjUwNDMwMjAwMDIzWjAzMTEwLwYDVQQD
Eyg4Mjc2NTJlYjRjZjhmOGM3ZGRlM2E1YzZlMDNkOGUxMmQ5NTQ1NWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNwD70OKKS0p3/wjSO9JSIEj7jN9
xeKnrqKFN4qH+1JDMn047Nr7y8Jj46Ysa2Ux6jdAeIqpZpEbUwFq1/e+YnwOUDA5
W48XflTtAmpYiKEkID7K1hbpmmwBeeT/s4LwT6cDecqmM0DjGfAZ9lVyuFzxZ8xU
yeU1n6b5fSAEuMZTEAdS63xA3juXS8NURitrz0/1LTL9TzlyHhEBzPZYhhEEMUaF
h5aJ5Y2jZZXwRhXUxQa2IgRtp365sr7ELpWntF+WnlGXZpIQzKgCOj39OTlksfRn
hZZGr7Slmooh65ldOnpu15kL2VKRQp/JOxlX2VaiiEvr/NvCfjmoZYriRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIJ2UutM+PjH3eOlxuA9jhLZVFW+MB8GA1UdIwQY
MBaAFMOSY38G28QYbZUCmpKymzDp9JQNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVKamZ3YmJ4Qmh0bFFLYWtyS2JNT24wbEEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84MjViMGItOTc2Zi00NzJlLWE2YTEt
Y2U0ZDk2ZjQ5MmVjLzEvdzVKamZ3YmJ4Qmh0bFFLYWtyS2JNT24wbEEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84MjViMGItOTc2Zi00NzJlLWE2YTEtY2U0ZDk2ZjQ5MmVj
LzEvdzVKamZ3YmJ4Qmh0bFFLYWtyS2JNT24wbEEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcjp6tumK
ory0e68grpptrZOAFyG81Y9ulMv0Y1CYGRrSvHUUyl+Gog4wikkohUsojleSzkHc
OSjoOzYGrUurRRu4w6Nz86cjz2EwzGam/sSxFrS6Z2/7SttCj5SyVQpdEcXQF+3k
ht5Op1vqneiwqQa8r47ZkPzb4xPQTQFUmowCugju2dRmb2y77SDpjj5PqauhRciN
FUsL0cSUzUfB2bfJqwXqu6TcdASuqSiapFivoPBCxvxhmlESXNTmJnyo0nfMqslm
Ti/RpmtDVvTbYHIbubfNFT20o0ORx5lsEcshaF12DT+F121S1eks/5RzzpDYc5rm
+/GYdVXBuTxX2g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:41:16 2025 by rpki-client