Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
File:                     5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft (raw, json)
Hash identifier:          isLMBAydzsL3J36PxKFKAPIMm9gWbY7MgYFxgiew36A=
Subject key identifier:   EC:7A:40:75:D4:7C:3A:E1:CC:69:34:64:28:D9:27:97:3A:92:59:15
Authority key identifier: E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
Certificate issuer:       /CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Certificate serial:       01968DA6B6B06CFA8E953742C3D9F52EB919
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
Manifest number:          145C
Signing time:             Thu 01 May 2025 21:00:35 +0000
Manifest this update:     Thu 01 May 2025 21:00:35 +0000
Manifest next update:     Fri 02 May 2025 21:00:35 +0000
Files and hashes:         1: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl (hash: 0HLw7NM0Fr91yAtLjTS8zzeg5BNy3UUYNsKq0UP8td8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8d:a6:b6:b0:6c:fa:8e:95:37:42:c3:d9:f5:2e:b9:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
        Validity
            Not Before: May  1 21:00:35 2025 GMT
            Not After : May  2 21:00:35 2025 GMT
        Subject: CN=ec7a4075d47c3ae1cc69346428d927973a925915
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:8d:9f:0f:71:79:71:34:94:06:c1:0f:29:c3:
                    f4:5e:2d:5d:6f:bc:91:04:34:a7:43:6f:73:5d:13:
                    79:fa:91:96:d0:74:7a:6d:aa:7a:7b:c0:da:f1:a1:
                    df:97:82:6a:eb:80:f7:12:c5:d5:0e:4d:2c:50:4a:
                    54:7d:96:37:2b:a2:66:29:50:5e:82:b2:4a:90:be:
                    bd:d3:b9:8f:a5:99:00:e0:cd:26:c2:c3:4f:52:a5:
                    49:5a:cd:33:57:2b:fe:97:24:b9:c6:87:27:f6:85:
                    8a:27:2f:1a:d0:95:c0:d0:6f:49:76:c8:03:df:e3:
                    99:8c:0c:08:29:e4:20:e4:60:9e:36:19:af:42:e2:
                    25:3e:be:ed:f7:c5:1d:1f:ed:76:39:90:a3:a2:60:
                    9f:6a:9d:38:09:29:41:b5:02:e9:1c:9b:b3:c3:68:
                    cb:26:55:d8:07:e5:68:27:5c:a1:99:cb:12:09:f7:
                    d9:06:f8:7e:7c:aa:19:96:d6:e5:71:23:ea:b5:29:
                    4c:d9:c5:85:6e:14:8d:91:2a:f3:af:48:e3:ea:b5:
                    a3:54:d2:7a:7d:52:08:fd:b5:7d:ab:fa:87:7b:3f:
                    52:f1:d5:91:34:50:1a:11:68:22:77:48:61:bc:29:
                    f0:8c:c7:cd:0d:ce:b0:ca:cc:7c:74:9c:ca:08:3e:
                    0a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:7A:40:75:D4:7C:3A:E1:CC:69:34:64:28:D9:27:97:3A:92:59:15
            X509v3 Authority Key Identifier:
                keyid:E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:13:f5:d4:d7:84:b1:a2:4a:d4:86:09:15:47:28:67:19:30:
         90:47:60:b7:ec:80:1f:48:69:90:c9:27:f3:d3:fc:b7:ef:d4:
         18:19:c2:db:29:a3:01:e4:03:f7:ef:22:e1:2e:91:7f:c6:d8:
         3d:da:86:c6:8f:3d:7f:f7:51:9e:38:5d:75:8f:40:1d:ac:1d:
         0a:5d:60:29:53:2c:0b:f3:74:0d:6e:74:2e:8c:1b:d3:bf:23:
         ab:14:ee:24:db:43:6a:80:cf:e1:78:ba:9c:a8:7f:a8:cb:bf:
         de:ee:a5:7d:64:fe:d3:56:7b:cb:e1:20:b7:7b:46:b3:8c:cc:
         9c:cf:38:ab:b8:97:d8:0a:93:a4:7c:03:98:c9:a8:81:ec:bc:
         af:6c:e1:4e:bd:15:1b:c9:2e:52:23:02:f8:71:47:a4:59:c7:
         42:11:cc:6c:4d:ac:bb:96:08:f9:06:d2:f9:c5:17:f6:59:c4:
         9d:f2:7b:cd:ea:3b:b5:07:d0:91:b8:00:3e:ca:97:b4:48:09:
         70:ee:a3:36:86:63:4b:40:04:75:10:34:55:ab:17:b7:55:9e:
         d8:f9:90:b3:8f:16:fd:d5:98:6d:db:e2:e9:07:b1:78:9b:0b:
         46:8b:14:08:bb:fc:30:12:78:bd:91:5d:f6:e4:ed:61:a8:74:
         05:cf:9c:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaNprawbPqOlTdCw9n1LrkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDA5ZThlZjE3MWU5YWUyMTYyN2NjYTc2ZWQ2NGZkMTdl
NmVlZDIwHhcNMjUwNTAxMjEwMDM1WhcNMjUwNTAyMjEwMDM1WjAzMTEwLwYDVQQD
EyhlYzdhNDA3NWQ0N2MzYWUxY2M2OTM0NjQyOGQ5Mjc5NzNhOTI1OTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu42fD3F5cTSUBsEPKcP0Xi1db7yR
BDSnQ29zXRN5+pGW0HR6bap6e8Da8aHfl4Jq64D3EsXVDk0sUEpUfZY3K6JmKVBe
grJKkL6907mPpZkA4M0mwsNPUqVJWs0zVyv+lyS5xocn9oWKJy8a0JXA0G9JdsgD
3+OZjAwIKeQg5GCeNhmvQuIlPr7t98UdH+12OZCjomCfap04CSlBtQLpHJuzw2jL
JlXYB+VoJ1yhmcsSCffZBvh+fKoZltblcSPqtSlM2cWFbhSNkSrzr0jj6rWjVNJ6
fVII/bV9q/qHez9S8dWRNFAaEWgid0hhvCnwjMfNDc6wysx8dJzKCD4KMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOx6QHXUfDrhzGk0ZCjZJ5c6klkVMB8GA1UdIwQY
MBaAFOTQno7xcemuIWJ8ynbtZP0X5u7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAt
M2MxNjI0MTAwNzUyLzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAtM2MxNjI0MTAwNzUy
LzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbRP11NeE
saJK1IYJFUcoZxkwkEdgt+yAH0hpkMkn89P8t+/UGBnC2ymjAeQD9+8i4S6Rf8bY
PdqGxo89f/dRnjhddY9AHawdCl1gKVMsC/N0DW50Lowb078jqxTuJNtDaoDP4Xi6
nKh/qMu/3u6lfWT+01Z7y+Egt3tGs4zMnM84q7iX2AqTpHwDmMmogey8r2zhTr0V
G8kuUiMC+HFHpFnHQhHMbE2su5YI+QbS+cUX9lnEnfJ7zeo7tQfQkbgAPsqXtEgJ
cO6jNoZjS0AEdRA0VasXt1We2PmQs48W/dWYbdvi6QexeJsLRosUCLv8MBJ4vZFd
9uTtYah0Bc+cCQ==
-----END CERTIFICATE-----
Generated at Thu May 1 23:34:14 2025 by rpki-client