Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
File:                     5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft (raw, json)
Hash identifier:          kFCweO9bWJI68nxT5CFPiCvkfXzw9bki4p99LvKC8iY=
Subject key identifier:   59:B9:3F:19:4A:04:D5:E7:1F:F5:A6:16:67:72:E8:D0:83:88:36:28
Authority key identifier: E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
Certificate issuer:       /CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Certificate serial:       01989336CA951659A1020BE6678A7AD65F12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
Manifest number:          1568
Signing time:             Sun 10 Aug 2025 09:01:38 +0000
Manifest this update:     Sun 10 Aug 2025 09:01:38 +0000
Manifest next update:     Mon 11 Aug 2025 09:01:38 +0000
Files and hashes:         1: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl (hash: HgYqdQGQimtPqwn0iCpZy32GU5KeCwv9k6ANC46YCHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:36:ca:95:16:59:a1:02:0b:e6:67:8a:7a:d6:5f:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
        Validity
            Not Before: Aug 10 09:01:38 2025 GMT
            Not After : Aug 11 09:01:38 2025 GMT
        Subject: CN=59b93f194a04d5e71ff5a6166772e8d083883628
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:a2:07:0a:71:2b:81:d9:8d:b7:51:05:95:d4:
                    96:f1:56:f9:24:b5:bd:e1:1f:50:5f:ba:64:fe:ca:
                    4d:df:e9:30:50:40:99:3c:91:48:00:ac:96:cc:ec:
                    79:16:78:d9:1f:a7:16:c2:b5:8e:bc:7c:f9:ab:3f:
                    08:a9:e3:03:2e:a2:7c:08:30:7e:22:ea:32:07:91:
                    9e:9e:3b:b0:b8:fb:cb:d0:0f:d0:a0:be:8e:c3:cf:
                    de:39:f6:d7:1a:5b:b0:00:70:cc:62:2b:97:60:15:
                    40:cd:76:6e:16:d5:47:1a:f7:93:1a:46:88:be:b2:
                    ef:70:fc:05:a9:30:21:e7:b2:3f:ac:f1:20:13:3c:
                    5e:d5:42:70:39:e3:ac:f3:5b:f8:5e:64:0d:1b:bb:
                    37:fc:d1:b1:04:4f:f7:7f:a7:cf:fc:95:ad:84:3e:
                    d1:e0:7f:0d:30:18:c1:dd:aa:ef:4d:0a:66:93:81:
                    b6:6e:35:34:e0:7e:6e:67:46:4e:80:1a:b4:96:41:
                    29:ec:f6:9d:95:47:ed:e9:1e:05:ce:ce:e5:a2:6d:
                    f5:5a:7b:54:84:34:52:5c:e9:2a:4b:1b:f2:cb:2c:
                    3c:11:45:51:04:f7:44:d8:42:c9:7a:0b:a2:40:94:
                    9e:97:00:3d:32:6c:c3:cb:c5:5c:50:46:52:d5:11:
                    b6:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:B9:3F:19:4A:04:D5:E7:1F:F5:A6:16:67:72:E8:D0:83:88:36:28
            X509v3 Authority Key Identifier:
                keyid:E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:8b:30:c2:e1:52:1e:15:40:1e:1a:73:dd:96:b3:85:10:84:
         f7:a1:b8:fb:9f:76:c2:1c:f0:5f:24:4a:86:dd:f0:84:33:40:
         99:44:ab:1e:95:d4:d3:86:fe:f4:c5:de:93:65:db:87:79:f2:
         4f:1d:ea:97:79:6a:11:82:06:7c:35:d9:93:4a:05:4a:f6:3f:
         c3:ec:b0:a2:d3:2e:22:ea:a5:20:ab:fa:13:2a:03:ca:ca:a6:
         57:03:4e:5b:b8:70:35:f6:a2:cb:b7:60:b0:0d:d4:f2:e6:67:
         52:a6:ba:29:9f:99:85:cd:e6:1e:73:0e:36:e6:40:37:c6:67:
         f2:9d:3d:cf:d4:72:cf:2e:70:2a:24:57:94:a2:ea:c1:ac:82:
         49:0e:ac:73:ad:c4:c3:db:49:b4:02:3b:dd:80:2d:da:34:6d:
         f1:86:6e:1f:d0:f4:64:30:1a:0d:e0:cf:6c:f7:54:aa:53:85:
         01:2f:97:e6:cd:0b:54:17:f7:e9:fd:b9:81:5d:f9:ec:01:e6:
         dc:45:d9:fe:da:ec:32:64:ef:d9:58:d8:a4:a5:8a:04:13:13:
         3a:6c:1c:67:6d:d2:5c:61:ce:71:5f:8e:5e:de:e6:0b:e8:11:
         8e:0c:b2:59:6b:2d:62:1c:34:6e:71:72:a4:ef:c3:94:5e:ba:
         b7:86:72:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTNsqVFlmhAgvmZ4p61l8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDA5ZThlZjE3MWU5YWUyMTYyN2NjYTc2ZWQ2NGZkMTdl
NmVlZDIwHhcNMjUwODEwMDkwMTM4WhcNMjUwODExMDkwMTM4WjAzMTEwLwYDVQQD
Eyg1OWI5M2YxOTRhMDRkNWU3MWZmNWE2MTY2NzcyZThkMDgzODgzNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+qIHCnErgdmNt1EFldSW8Vb5JLW9
4R9QX7pk/spN3+kwUECZPJFIAKyWzOx5FnjZH6cWwrWOvHz5qz8IqeMDLqJ8CDB+
IuoyB5GenjuwuPvL0A/QoL6Ow8/eOfbXGluwAHDMYiuXYBVAzXZuFtVHGveTGkaI
vrLvcPwFqTAh57I/rPEgEzxe1UJwOeOs81v4XmQNG7s3/NGxBE/3f6fP/JWthD7R
4H8NMBjB3arvTQpmk4G2bjU04H5uZ0ZOgBq0lkEp7PadlUft6R4Fzs7lom31WntU
hDRSXOkqSxvyyyw8EUVRBPdE2ELJeguiQJSelwA9MmzDy8VcUEZS1RG2WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFm5PxlKBNXnH/WmFmdy6NCDiDYoMB8GA1UdIwQY
MBaAFOTQno7xcemuIWJ8ynbtZP0X5u7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAt
M2MxNjI0MTAwNzUyLzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAtM2MxNjI0MTAwNzUy
LzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlIswwuFS
HhVAHhpz3ZazhRCE96G4+592whzwXyRKht3whDNAmUSrHpXU04b+9MXek2Xbh3ny
Tx3ql3lqEYIGfDXZk0oFSvY/w+ywotMuIuqlIKv6EyoDysqmVwNOW7hwNfaiy7dg
sA3U8uZnUqa6KZ+Zhc3mHnMONuZAN8Zn8p09z9Ryzy5wKiRXlKLqwayCSQ6sc63E
w9tJtAI73YAt2jRt8YZuH9D0ZDAaDeDPbPdUqlOFAS+X5s0LVBf36f25gV357AHm
3EXZ/trsMmTv2VjYpKWKBBMTOmwcZ23SXGHOcV+OXt7mC+gRjgyyWWstYhw0bnFy
pO/DlF66t4Zy3w==
-----END CERTIFICATE-----