Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/bd311e-c901-4aef-b185-ffb1bec32721/1/5i7oJCK3hJkSKWNhQEZJp__smOU.mft
File:                     5i7oJCK3hJkSKWNhQEZJp__smOU.mft (raw, json)
Hash identifier:          5jRg60Cy/mPM1pI2Ymlp94t/ERkPz2vtNq6NAcUw/4A=
Subject key identifier:   45:20:B4:B1:7D:4A:DA:3D:09:C8:23:B0:0F:C4:D6:FF:84:4F:0E:E2
Authority key identifier: E6:2E:E8:24:22:B7:84:99:12:29:63:61:40:46:49:A7:FF:EC:98:E5
Certificate issuer:       /CN=e62ee82422b7849912296361404649a7ffec98e5
Certificate serial:       01968B4B5524650B85B93E00F68E38504A33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5i7oJCK3hJkSKWNhQEZJp__smOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/bd311e-c901-4aef-b185-ffb1bec32721/1/5i7oJCK3hJkSKWNhQEZJp__smOU.mft
Manifest number:          0BDA
Signing time:             Thu 01 May 2025 10:01:31 +0000
Manifest this update:     Thu 01 May 2025 10:01:31 +0000
Manifest next update:     Fri 02 May 2025 10:01:31 +0000
Files and hashes:         1: 5i7oJCK3hJkSKWNhQEZJp__smOU.crl (hash: YWgJ549yKD8+mf3c5gGklcRaZoFu/43YndOPF5UJIr8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/bd311e-c901-4aef-b185-ffb1bec32721/1/5i7oJCK3hJkSKWNhQEZJp__smOU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/bd311e-c901-4aef-b185-ffb1bec32721/1/5i7oJCK3hJkSKWNhQEZJp__smOU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5i7oJCK3hJkSKWNhQEZJp__smOU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:4b:55:24:65:0b:85:b9:3e:00:f6:8e:38:50:4a:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e62ee82422b7849912296361404649a7ffec98e5
        Validity
            Not Before: May  1 10:01:31 2025 GMT
            Not After : May  2 10:01:31 2025 GMT
        Subject: CN=4520b4b17d4ada3d09c823b00fc4d6ff844f0ee2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:33:9a:89:b2:30:57:2b:8e:9a:31:3f:5e:f2:
                    74:ee:d8:29:85:bf:3c:5a:e2:f8:fa:73:52:89:1c:
                    61:fb:a9:85:0d:32:b4:1c:a9:26:97:0c:ee:f9:29:
                    8f:43:7e:fb:b0:d8:07:9d:75:9c:7e:73:8e:bc:94:
                    a2:ba:ab:cf:78:1d:8c:d8:4b:02:cb:2b:bd:d9:6a:
                    7b:6b:f2:c5:de:f0:03:93:77:e5:c2:2c:ec:5a:5d:
                    0b:a0:3f:3d:b5:94:d1:b7:7b:49:e8:aa:86:01:60:
                    b1:f8:13:a7:c2:4e:c8:05:06:c4:a7:fb:50:e8:53:
                    88:85:43:d1:0b:a8:c2:7c:32:97:90:a7:ca:c9:ce:
                    3b:49:8d:bc:df:b9:12:aa:dc:af:cf:b5:11:09:6d:
                    ac:e0:80:30:33:05:21:56:d1:52:c7:f5:2f:d9:6e:
                    3c:0a:71:36:8b:0f:c7:fa:b8:78:97:0d:1a:3a:4d:
                    81:3f:b7:08:bd:ed:40:f9:2e:a3:8f:ff:a1:f1:fc:
                    f2:0e:62:ae:87:1b:48:7a:8d:2f:43:3e:aa:66:d1:
                    e4:67:fe:b7:3c:1d:9e:39:7b:0b:e9:14:fe:e3:ab:
                    90:db:c1:ac:52:dc:20:24:c1:5c:e4:98:e0:07:73:
                    30:99:69:43:cd:10:67:37:0f:46:db:29:f6:e2:98:
                    d6:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:20:B4:B1:7D:4A:DA:3D:09:C8:23:B0:0F:C4:D6:FF:84:4F:0E:E2
            X509v3 Authority Key Identifier:
                keyid:E6:2E:E8:24:22:B7:84:99:12:29:63:61:40:46:49:A7:FF:EC:98:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5i7oJCK3hJkSKWNhQEZJp__smOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/bd311e-c901-4aef-b185-ffb1bec32721/1/5i7oJCK3hJkSKWNhQEZJp__smOU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/bd311e-c901-4aef-b185-ffb1bec32721/1/5i7oJCK3hJkSKWNhQEZJp__smOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:56:1e:7d:35:4d:79:b6:85:31:1d:22:0f:23:2e:44:f7:21:
         39:71:72:73:5a:3d:82:c3:0b:3c:b3:29:7e:a2:f7:f7:58:48:
         48:b7:09:00:7e:5d:17:79:a4:d1:1a:bd:c0:c6:d0:3a:25:5b:
         99:4a:7a:68:7e:46:f3:3c:00:83:73:43:56:2a:00:c4:f6:96:
         88:62:b1:82:f3:66:b9:05:c1:4b:62:c2:9a:b2:e1:f4:ff:f8:
         e5:d8:49:1a:0e:ad:cb:b5:81:e9:23:84:38:8a:7f:ed:6f:2e:
         4a:05:11:0c:a8:0d:e9:cd:e2:0c:55:52:6f:16:44:31:c8:8a:
         e0:9d:25:ec:d7:05:d0:d6:e7:5c:01:e9:ac:a4:43:aa:46:96:
         d8:5e:71:28:17:45:c1:25:20:9d:73:ff:21:ea:8f:a9:f1:f2:
         fb:26:a7:2d:ab:1c:00:3e:bc:69:7b:aa:eb:45:0c:e1:d5:b5:
         ac:f1:2b:dc:ed:e7:86:27:45:c9:17:96:3e:7f:33:09:57:07:
         e0:8e:d3:e7:b9:d0:8d:60:2b:a6:52:a5:15:90:a5:0d:b5:19:
         15:fe:29:2f:23:bc:88:6c:da:a8:e8:86:bb:d9:d6:6d:d3:d3:
         f9:f5:14:14:2e:b6:43:c1:e1:24:84:21:47:48:61:d8:e3:49:
         4d:3d:0a:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaLS1UkZQuFuT4A9o44UEozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MmVlODI0MjJiNzg0OTkxMjI5NjM2MTQwNDY0OWE3ZmZl
Yzk4ZTUwHhcNMjUwNTAxMTAwMTMxWhcNMjUwNTAyMTAwMTMxWjAzMTEwLwYDVQQD
Eyg0NTIwYjRiMTdkNGFkYTNkMDljODIzYjAwZmM0ZDZmZjg0NGYwZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTOaibIwVyuOmjE/XvJ07tgphb88
WuL4+nNSiRxh+6mFDTK0HKkmlwzu+SmPQ377sNgHnXWcfnOOvJSiuqvPeB2M2EsC
yyu92Wp7a/LF3vADk3flwizsWl0LoD89tZTRt3tJ6KqGAWCx+BOnwk7IBQbEp/tQ
6FOIhUPRC6jCfDKXkKfKyc47SY2837kSqtyvz7URCW2s4IAwMwUhVtFSx/Uv2W48
CnE2iw/H+rh4lw0aOk2BP7cIve1A+S6jj/+h8fzyDmKuhxtIeo0vQz6qZtHkZ/63
PB2eOXsL6RT+46uQ28GsUtwgJMFc5JjgB3MwmWlDzRBnNw9G2yn24pjWgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUgtLF9Sto9CcgjsA/E1v+ETw7iMB8GA1UdIwQY
MBaAFOYu6CQit4SZEiljYUBGSaf/7JjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWk3b0pDSzNoSmtTS1dOaFFFWkpwX19zbU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iZDMxMWUtYzkwMS00YWVmLWIxODUt
ZmZiMWJlYzMyNzIxLzEvNWk3b0pDSzNoSmtTS1dOaFFFWkpwX19zbU9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iZDMxMWUtYzkwMS00YWVmLWIxODUtZmZiMWJlYzMyNzIx
LzEvNWk3b0pDSzNoSmtTS1dOaFFFWkpwX19zbU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACFYefTVN
ebaFMR0iDyMuRPchOXFyc1o9gsMLPLMpfqL391hISLcJAH5dF3mk0Rq9wMbQOiVb
mUp6aH5G8zwAg3NDVioAxPaWiGKxgvNmuQXBS2LCmrLh9P/45dhJGg6ty7WB6SOE
OIp/7W8uSgURDKgN6c3iDFVSbxZEMciK4J0l7NcF0NbnXAHprKRDqkaW2F5xKBdF
wSUgnXP/IeqPqfHy+yanLascAD68aXuq60UM4dW1rPEr3O3nhidFyReWPn8zCVcH
4I7T57nQjWArplKlFZClDbUZFf4pLyO8iGzaqOiGu9nWbdPT+fUUFC62Q8HhJIQh
R0hh2ONJTT0KAQ==
-----END CERTIFICATE-----