Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          tGiynkI85rTinuA7vONsuzlYVOfd6Qzj9/uPCXaayrM=
Subject key identifier:   5E:24:09:B5:BD:D7:A2:09:EC:B0:46:0D:A4:45:A4:9E:28:AD:FF:CF
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       019677FB1A260949BD1FCF11AF7C00A06C72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 16:01:06 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:06 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:06 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: 45Iizstt3Niv5V/++cDThNI/KFSgH/ztGZRqSDs8Tok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:1a:26:09:49:bd:1f:cf:11:af:7c:00:a0:6c:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Apr 27 16:01:06 2025 GMT
            Not After : Apr 28 16:01:06 2025 GMT
        Subject: CN=5e2409b5bdd7a209ecb0460da445a49e28adffcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:30:e6:75:7e:3e:52:85:85:cd:d3:39:35:d5:
                    36:0e:9e:09:26:48:d0:20:ab:3a:ff:a8:a1:06:92:
                    e1:2e:e8:ed:5b:78:78:d0:21:fb:ff:9b:b7:e6:17:
                    49:2f:bf:d3:29:40:14:1d:f6:a3:05:1c:bb:76:7a:
                    26:cf:f7:d5:2a:8e:a2:3c:c2:9b:72:0c:32:e1:91:
                    41:80:6c:72:79:58:ed:fe:f4:99:b6:3e:18:2c:1b:
                    86:42:ca:9b:dd:b2:98:75:b6:d8:16:66:ec:5e:b7:
                    c0:13:5c:fb:d0:6b:7c:db:b9:6a:df:0a:7d:3a:22:
                    7f:e1:a0:88:82:f6:e5:57:29:9d:16:33:83:7a:07:
                    c6:6a:9d:76:4c:d2:37:5b:dd:8d:5c:70:7c:1e:51:
                    dc:c5:b2:d6:e7:f6:0b:60:e4:54:b2:eb:4c:73:32:
                    08:e3:ea:03:bc:81:16:fc:27:c6:98:1b:d2:30:f1:
                    c5:40:b2:93:18:3e:dd:f8:a2:da:69:68:38:99:3a:
                    0e:4f:35:06:2a:d7:7a:ab:83:16:8f:2c:9d:3b:f5:
                    98:64:15:0f:30:d3:71:cf:92:7a:67:38:7d:37:79:
                    8f:19:7b:62:c3:96:1f:2c:99:de:b2:18:5b:fa:92:
                    60:a9:5f:7d:e5:64:7c:99:6d:2a:ef:ff:25:5f:31:
                    12:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:24:09:B5:BD:D7:A2:09:EC:B0:46:0D:A4:45:A4:9E:28:AD:FF:CF
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:3e:f4:40:ea:36:9b:0f:93:98:3c:d3:bc:7d:51:02:99:32:
         5b:3e:c2:5c:59:d3:9d:92:f7:21:e9:42:1a:03:1e:3b:80:84:
         81:b5:73:26:6e:99:d1:e8:73:9b:ad:b4:4a:fb:7d:10:25:8d:
         32:3a:22:37:ba:d6:cb:21:d4:4b:ba:a8:ca:58:be:6b:18:73:
         82:21:5b:87:13:1d:e2:b3:24:34:c3:7a:3e:d0:6e:d7:15:02:
         6c:82:a2:94:22:97:63:00:e5:e3:c8:9e:03:c6:8e:d2:84:6f:
         ce:e9:32:cd:e5:d8:2d:60:a7:a3:ce:06:7f:33:95:a2:82:93:
         19:3a:4b:a4:e4:ed:8b:30:e4:5a:3e:84:89:a0:9c:8d:0a:d8:
         4e:0a:95:b4:de:65:fb:94:d4:1c:fa:88:77:a9:27:4b:24:37:
         be:30:1d:51:67:53:db:3a:aa:4f:e1:c5:f6:43:7c:dd:fe:b5:
         7b:14:c0:fb:b5:34:96:f3:6a:ba:ac:97:2b:00:bd:f9:8e:b2:
         3e:a4:69:ff:dd:25:7e:27:b4:19:f7:0d:7e:ad:59:29:21:f3:
         0b:a5:5a:76:29:f8:6d:d2:4c:58:cd:9e:6f:53:4c:58:d3:0a:
         75:19:7f:97:f6:a1:26:64:9d:ef:9e:69:e5:96:54:b9:93:8c:
         a4:79:0d:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+xomCUm9H88Rr3wAoGxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjUwNDI3MTYwMTA2WhcNMjUwNDI4MTYwMTA2WjAzMTEwLwYDVQQD
Eyg1ZTI0MDliNWJkZDdhMjA5ZWNiMDQ2MGRhNDQ1YTQ5ZTI4YWRmZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDDmdX4+UoWFzdM5NdU2Dp4JJkjQ
IKs6/6ihBpLhLujtW3h40CH7/5u35hdJL7/TKUAUHfajBRy7dnomz/fVKo6iPMKb
cgwy4ZFBgGxyeVjt/vSZtj4YLBuGQsqb3bKYdbbYFmbsXrfAE1z70Gt827lq3wp9
OiJ/4aCIgvblVymdFjODegfGap12TNI3W92NXHB8HlHcxbLW5/YLYORUsutMczII
4+oDvIEW/CfGmBvSMPHFQLKTGD7d+KLaaWg4mToOTzUGKtd6q4MWjyydO/WYZBUP
MNNxz5J6Zzh9N3mPGXtiw5YfLJneshhb+pJgqV995WR8mW0q7/8lXzESAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF4kCbW916IJ7LBGDaRFpJ4orf/PMB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjT70QOo2
mw+TmDzTvH1RApkyWz7CXFnTnZL3IelCGgMeO4CEgbVzJm6Z0ehzm620Svt9ECWN
MjoiN7rWyyHUS7qoyli+axhzgiFbhxMd4rMkNMN6PtBu1xUCbIKilCKXYwDl48ie
A8aO0oRvzukyzeXYLWCno84GfzOVooKTGTpLpOTtizDkWj6EiaCcjQrYTgqVtN5l
+5TUHPqId6knSyQ3vjAdUWdT2zqqT+HF9kN83f61exTA+7U0lvNquqyXKwC9+Y6y
PqRp/90lfie0GfcNfq1ZKSHzC6Vadin4bdJMWM2eb1NMWNMKdRl/l/ahJmSd755p
5ZZUuZOMpHkNaA==
-----END CERTIFICATE-----