Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
File:                     5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft (raw, json)
Hash identifier:          WIoYRSMOip4FBUN/rv3igqdhtGACFRKPC4zfXgyWC9A=
Subject key identifier:   AD:1B:C8:2F:F7:C7:88:90:39:AF:A3:36:03:74:24:B5:AF:D7:45:1C
Authority key identifier: E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
Certificate issuer:       /CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Certificate serial:       019691834C11B9336978A49E2E363DB125F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
Manifest number:          145E
Signing time:             Fri 02 May 2025 15:00:23 +0000
Manifest this update:     Fri 02 May 2025 15:00:23 +0000
Manifest next update:     Sat 03 May 2025 15:00:23 +0000
Files and hashes:         1: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl (hash: +KfLG1JpNbHthcNyDXknjjUhcr0U91zzIL39C3bMDYI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:91:83:4c:11:b9:33:69:78:a4:9e:2e:36:3d:b1:25:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
        Validity
            Not Before: May  2 15:00:23 2025 GMT
            Not After : May  3 15:00:23 2025 GMT
        Subject: CN=ad1bc82ff7c7889039afa336037424b5afd7451c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:bc:a3:d8:11:7e:6c:12:70:fa:9e:73:67:51:
                    08:4a:2c:fa:6f:2f:ab:31:32:77:84:d7:78:d5:5e:
                    52:47:75:59:9c:63:fb:0d:05:9c:5e:eb:4d:82:e2:
                    16:5b:60:03:9f:6b:9f:06:cc:fc:8f:74:4a:4a:cd:
                    1e:05:25:2b:1d:b3:c0:13:fd:53:35:c5:88:fb:14:
                    b8:c9:92:e6:3d:5d:5b:59:1b:f9:32:31:84:18:68:
                    89:be:54:7f:84:dc:1f:05:d9:c0:56:45:17:63:6c:
                    f9:67:41:23:23:e9:33:ff:4a:a2:d1:ac:2b:14:b3:
                    1b:82:b9:67:ff:f5:a3:12:4c:cb:91:64:eb:8a:b3:
                    a3:67:8f:e9:e5:38:4a:06:db:9e:df:63:27:18:34:
                    e4:92:38:51:70:e4:aa:ac:be:f1:15:c5:bb:c1:fc:
                    2c:b6:ad:d0:3a:2a:97:e9:e1:6a:a9:1f:df:71:61:
                    21:0d:6b:db:22:50:c5:ad:6f:b9:ab:82:71:ca:9e:
                    7d:2f:a5:05:43:49:51:27:c4:8e:51:c7:cf:1c:17:
                    0a:ba:f3:11:ef:ab:c5:48:62:60:72:ff:2f:86:b4:
                    63:de:ae:82:78:e9:1b:d8:f6:97:f1:91:6b:ea:f8:
                    25:7d:2e:6d:af:a1:93:f9:3d:dc:41:b8:a9:31:21:
                    34:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:1B:C8:2F:F7:C7:88:90:39:AF:A3:36:03:74:24:B5:AF:D7:45:1C
            X509v3 Authority Key Identifier:
                keyid:E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:5c:3c:8e:4f:f9:cc:cc:d5:c1:d6:42:a1:4e:24:c8:ef:5e:
         33:5a:7f:78:33:28:69:66:87:f6:d2:6f:4c:6c:b7:c7:a5:89:
         2f:48:34:1b:26:d0:72:24:85:38:94:ab:cc:a6:e2:49:d3:f7:
         73:a5:57:9e:21:64:21:a5:21:dc:cc:3c:73:a6:bf:60:9d:d1:
         8e:b3:cc:f6:b1:0d:d7:cf:16:0b:d0:8e:5a:42:e2:2b:14:f7:
         aa:cd:72:a9:8b:a7:fb:0b:d5:09:91:61:3a:43:13:55:b2:c1:
         4a:63:58:0a:2a:d3:1b:82:14:42:20:f1:2c:2c:36:1d:e5:9f:
         bf:da:2a:0b:d2:d7:27:d1:ba:ae:07:ab:6e:39:18:4b:51:6d:
         75:45:a9:8f:6d:a2:56:cb:bf:6f:b2:1c:f0:06:b1:d0:2a:8b:
         68:c8:ce:8a:9e:0d:d2:ce:f6:fb:63:14:cd:e3:f3:f6:4d:cd:
         c3:10:ff:8b:36:53:fe:2d:17:87:7a:24:55:1e:e8:1f:fb:07:
         cb:92:96:87:9a:f4:b5:bc:3f:b6:c6:0d:0c:a7:31:7f:2b:af:
         b3:20:c0:c2:32:2f:23:c8:61:bc:48:13:1e:59:71:6e:08:49:
         f0:78:dc:40:5f:e6:fd:63:a4:18:83:46:0f:e5:52:53:3d:db:
         63:f6:2a:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaRg0wRuTNpeKSeLjY9sSX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDA5ZThlZjE3MWU5YWUyMTYyN2NjYTc2ZWQ2NGZkMTdl
NmVlZDIwHhcNMjUwNTAyMTUwMDIzWhcNMjUwNTAzMTUwMDIzWjAzMTEwLwYDVQQD
EyhhZDFiYzgyZmY3Yzc4ODkwMzlhZmEzMzYwMzc0MjRiNWFmZDc0NTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Lyj2BF+bBJw+p5zZ1EISiz6by+r
MTJ3hNd41V5SR3VZnGP7DQWcXutNguIWW2ADn2ufBsz8j3RKSs0eBSUrHbPAE/1T
NcWI+xS4yZLmPV1bWRv5MjGEGGiJvlR/hNwfBdnAVkUXY2z5Z0EjI+kz/0qi0awr
FLMbgrln//WjEkzLkWTrirOjZ4/p5ThKBtue32MnGDTkkjhRcOSqrL7xFcW7wfws
tq3QOiqX6eFqqR/fcWEhDWvbIlDFrW+5q4Jxyp59L6UFQ0lRJ8SOUcfPHBcKuvMR
76vFSGJgcv8vhrRj3q6CeOkb2PaX8ZFr6vglfS5tr6GT+T3cQbipMSE0+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0byC/3x4iQOa+jNgN0JLWv10UcMB8GA1UdIwQY
MBaAFOTQno7xcemuIWJ8ynbtZP0X5u7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAt
M2MxNjI0MTAwNzUyLzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAtM2MxNjI0MTAwNzUy
LzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK1w8jk/5
zMzVwdZCoU4kyO9eM1p/eDMoaWaH9tJvTGy3x6WJL0g0GybQciSFOJSrzKbiSdP3
c6VXniFkIaUh3Mw8c6a/YJ3RjrPM9rEN188WC9COWkLiKxT3qs1yqYun+wvVCZFh
OkMTVbLBSmNYCirTG4IUQiDxLCw2HeWfv9oqC9LXJ9G6rgerbjkYS1FtdUWpj22i
Vsu/b7Ic8Aax0CqLaMjOip4N0s72+2MUzePz9k3NwxD/izZT/i0Xh3okVR7oH/sH
y5KWh5r0tbw/tsYNDKcxfyuvsyDAwjIvI8hhvEgTHllxbghJ8HjcQF/m/WOkGING
D+VSUz3bY/YqGQ==
-----END CERTIFICATE-----