Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft
File:                     v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft (raw, json)
Hash identifier:          epuHdplm8kJ8ftbpckcsmJVgqSxW2ksUhhDDaoVGetU=
Subject key identifier:   19:52:18:CD:F3:C9:77:12:DF:4B:C8:1C:EA:C9:D5:B8:8E:D9:33:17
Authority key identifier: BF:EE:53:11:55:60:71:46:30:4D:C6:5D:D5:76:FB:EE:9F:0D:6E:4E
Certificate issuer:       /CN=bfee531155607146304dc65dd576fbee9f0d6e4e
Certificate serial:       019678317C13797D9A61FE2E390CD82A35BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft
Manifest number:          0332
Signing time:             Sun 27 Apr 2025 17:00:30 +0000
Manifest this update:     Sun 27 Apr 2025 17:00:30 +0000
Manifest next update:     Mon 28 Apr 2025 17:00:30 +0000
Files and hashes:         1: v-5TEVVgcUYwTcZd1Xb77p8Nbk4.crl (hash: 5BE1UICAy+0BXR/MHieEXRPjC9ji5cUj2PMhDjfKOII=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:31:7c:13:79:7d:9a:61:fe:2e:39:0c:d8:2a:35:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfee531155607146304dc65dd576fbee9f0d6e4e
        Validity
            Not Before: Apr 27 17:00:30 2025 GMT
            Not After : Apr 28 17:00:30 2025 GMT
        Subject: CN=195218cdf3c97712df4bc81ceac9d5b88ed93317
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:fd:ea:21:7e:e0:48:01:b3:46:32:98:fd:24:
                    30:58:4a:a4:dd:09:c3:c1:b2:44:d9:cf:19:90:6b:
                    2e:f5:81:5f:18:11:df:a3:61:66:58:b7:d1:1a:97:
                    07:c7:dd:1d:de:34:9a:b2:fb:45:2f:ef:11:db:bf:
                    83:d4:75:32:ef:8c:f5:92:95:4b:09:2d:cb:4a:6e:
                    a9:33:5c:b4:00:99:e7:47:1a:0b:3a:1f:31:34:d9:
                    99:43:1a:2a:75:01:a7:c7:25:b6:cf:67:ca:0d:7e:
                    a7:d0:3c:79:c7:04:bb:09:05:23:ec:59:ce:ad:65:
                    0b:6a:7b:70:bf:a7:bf:ff:1b:88:9e:7e:f2:f4:eb:
                    85:69:f2:cc:8c:95:dd:b1:53:fe:19:2c:6c:8e:8a:
                    48:80:d6:da:9d:11:34:cc:8c:5d:77:73:d5:62:04:
                    c9:38:07:82:49:3a:10:88:68:9b:1b:78:f5:4e:ae:
                    82:0d:51:89:19:0f:26:71:2f:9f:9f:22:3b:84:ee:
                    bd:f1:4c:84:b0:cd:64:6c:ec:92:66:a8:15:1e:1b:
                    4e:10:44:41:a0:15:67:5d:43:57:5b:47:0f:7a:fe:
                    4b:d1:ab:9c:57:ed:ae:ae:a6:67:c6:9f:1c:63:0f:
                    93:9c:13:26:d3:62:8a:81:ad:ba:82:e5:da:22:97:
                    ae:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:52:18:CD:F3:C9:77:12:DF:4B:C8:1C:EA:C9:D5:B8:8E:D9:33:17
            X509v3 Authority Key Identifier:
                keyid:BF:EE:53:11:55:60:71:46:30:4D:C6:5D:D5:76:FB:EE:9F:0D:6E:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:08:ca:94:4a:85:fd:a8:fb:c4:e2:7a:23:e0:06:42:1b:42:
         3e:c6:7f:fa:f0:09:6f:e3:e4:4e:fb:41:7d:86:36:92:35:c5:
         8b:14:69:ce:20:0f:74:db:bf:db:19:22:f3:ab:74:0c:2b:40:
         d3:55:fd:58:a9:31:d3:93:bb:ca:de:64:28:55:fe:5f:ba:41:
         61:ad:8b:bb:88:52:a2:bd:4e:c6:c8:85:57:7c:f1:61:c4:8a:
         15:64:43:c1:b4:ae:25:0c:7b:ee:b7:fc:99:e4:3c:d8:ec:db:
         14:09:72:04:df:a1:fd:f3:f6:9e:e2:5a:f9:90:c8:5b:14:ae:
         00:ac:89:c5:7a:5d:a3:c7:cf:e1:4b:f9:c0:30:6f:06:79:7e:
         94:27:0a:2c:71:47:97:67:ad:c6:4c:04:27:fa:bb:5c:01:f9:
         45:96:67:40:23:1e:81:f1:8d:b4:8a:7e:81:6e:16:2e:ed:f4:
         7c:bf:2b:b5:d5:57:1a:3c:67:2a:73:31:db:d7:67:9e:9d:13:
         68:68:de:36:61:31:56:b4:6b:65:cb:e8:31:8e:3f:67:74:d4:
         b1:e8:2a:a5:db:4f:e7:8c:d3:8c:ea:bc:4b:44:3f:df:6b:76:
         ab:5a:16:fa:f1:d1:a2:cc:67:fc:39:d6:ea:1d:e9:82:44:b3:
         de:06:78:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4MXwTeX2aYf4uOQzYKjW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZWU1MzExNTU2MDcxNDYzMDRkYzY1ZGQ1NzZmYmVlOWYw
ZDZlNGUwHhcNMjUwNDI3MTcwMDMwWhcNMjUwNDI4MTcwMDMwWjAzMTEwLwYDVQQD
EygxOTUyMThjZGYzYzk3NzEyZGY0YmM4MWNlYWM5ZDViODhlZDkzMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP3qIX7gSAGzRjKY/SQwWEqk3QnD
wbJE2c8ZkGsu9YFfGBHfo2FmWLfRGpcHx90d3jSasvtFL+8R27+D1HUy74z1kpVL
CS3LSm6pM1y0AJnnRxoLOh8xNNmZQxoqdQGnxyW2z2fKDX6n0Dx5xwS7CQUj7FnO
rWULantwv6e//xuInn7y9OuFafLMjJXdsVP+GSxsjopIgNbanRE0zIxdd3PVYgTJ
OAeCSToQiGibG3j1Tq6CDVGJGQ8mcS+fnyI7hO698UyEsM1kbOySZqgVHhtOEERB
oBVnXUNXW0cPev5L0aucV+2urqZnxp8cYw+TnBMm02KKga26guXaIpeufQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBlSGM3zyXcS30vIHOrJ1biO2TMXMB8GA1UdIwQY
MBaAFL/uUxFVYHFGME3GXdV2++6fDW5OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi01VEVWVmdjVVl3VGNaZDFYYjc3cDhOYms0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWM2NGItZDNhMS00MzMxLTkyNTIt
ZDRmODMzODBhOWM1LzEvdi01VEVWVmdjVVl3VGNaZDFYYjc3cDhOYms0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWM2NGItZDNhMS00MzMxLTkyNTItZDRmODMzODBhOWM1
LzEvdi01VEVWVmdjVVl3VGNaZDFYYjc3cDhOYms0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZgjKlEqF
/aj7xOJ6I+AGQhtCPsZ/+vAJb+PkTvtBfYY2kjXFixRpziAPdNu/2xki86t0DCtA
01X9WKkx05O7yt5kKFX+X7pBYa2Lu4hSor1OxsiFV3zxYcSKFWRDwbSuJQx77rf8
meQ82OzbFAlyBN+h/fP2nuJa+ZDIWxSuAKyJxXpdo8fP4Uv5wDBvBnl+lCcKLHFH
l2etxkwEJ/q7XAH5RZZnQCMegfGNtIp+gW4WLu30fL8rtdVXGjxnKnMx29dnnp0T
aGjeNmExVrRrZcvoMY4/Z3TUsegqpdtP54zTjOq8S0Q/32t2q1oW+vHRosxn/DnW
6h3pgkSz3gZ4dw==
-----END CERTIFICATE-----