Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
File:                     PuzIGOGpxqhRe81paldEKNbRekQ.mft (raw, json)
Hash identifier:          7IZUp/u1WgYJxmgtjL103y+1EvQyG25vFtLw1x4DWUs=
Subject key identifier:   02:F5:6A:3C:B1:F3:78:13:CA:93:21:19:EB:D6:02:F4:E1:79:C1:C3
Authority key identifier: 3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44
Certificate issuer:       /CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
Certificate serial:       019683C7FCCA47C437D9DBC7B1FEB628FCD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
Manifest number:          03C5
Signing time:             Tue 29 Apr 2025 23:00:43 +0000
Manifest this update:     Tue 29 Apr 2025 23:00:43 +0000
Manifest next update:     Wed 30 Apr 2025 23:00:43 +0000
Files and hashes:         1: PuzIGOGpxqhRe81paldEKNbRekQ.crl (hash: ArnDEy9c8eWv6NPpDbxY6/UIv4Czv3D3efi0JseOdHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 23:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:c7:fc:ca:47:c4:37:d9:db:c7:b1:fe:b6:28:fc:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
        Validity
            Not Before: Apr 29 23:00:43 2025 GMT
            Not After : Apr 30 23:00:43 2025 GMT
        Subject: CN=02f56a3cb1f37813ca932119ebd602f4e179c1c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8e:37:80:5b:d3:09:25:b3:20:27:c6:c9:b0:
                    0b:9f:22:b8:b2:4f:43:5d:cd:cf:1a:48:8f:ff:7d:
                    ec:b8:82:90:4d:4c:16:e8:5d:f0:d1:33:69:1f:b2:
                    04:c3:32:88:b2:29:9c:8d:ef:45:2b:2d:62:6e:80:
                    66:5f:3d:bc:47:cd:80:25:44:96:25:5f:c9:f6:09:
                    c1:7a:b4:16:cf:46:4c:c3:3c:12:01:f1:29:29:2e:
                    35:56:dc:81:55:dd:7f:12:43:7e:26:d4:05:91:77:
                    f0:eb:2e:8a:54:1a:d4:68:6c:4a:73:23:7b:02:d0:
                    ba:fe:2d:98:6b:15:23:af:d9:57:3d:11:da:97:f8:
                    8c:6c:ff:06:f2:8f:54:d8:83:40:53:69:bb:36:e1:
                    cd:ca:f7:c0:70:be:d3:cf:59:b5:de:9f:25:76:d1:
                    8e:52:9c:99:6d:81:cf:a8:e9:4f:0a:71:56:06:d6:
                    69:ca:98:b8:60:eb:90:99:eb:ad:8b:16:19:1d:e8:
                    d2:74:61:25:31:ef:e2:1b:e3:e5:01:43:f7:9a:87:
                    04:cb:38:31:ec:6f:f1:bc:03:01:ab:0b:44:1c:c5:
                    f4:36:aa:f5:43:1c:48:27:91:d7:88:80:10:e0:bf:
                    d6:72:66:5c:49:d1:64:83:1a:9c:c4:a0:1e:88:d9:
                    39:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:F5:6A:3C:B1:F3:78:13:CA:93:21:19:EB:D6:02:F4:E1:79:C1:C3
            X509v3 Authority Key Identifier:
                keyid:3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:0f:4e:c8:46:ea:5b:62:44:1b:5f:11:2b:c9:59:24:39:52:
         d6:49:db:21:ca:54:6c:21:4d:41:4e:96:7a:f9:94:2b:09:cc:
         ba:f9:66:08:47:08:48:22:c5:f1:1c:14:5b:58:f7:9f:4f:c7:
         a9:c3:a7:61:1e:e7:e2:60:0b:36:07:d6:bf:54:d0:91:d6:86:
         c7:91:b1:3e:b1:d2:37:e1:a5:9c:3e:4f:f1:e3:c4:d2:5b:51:
         2f:5c:a0:cb:b2:80:b5:22:19:b9:b7:a7:e3:b1:d0:86:2c:72:
         c1:eb:8c:4a:4a:64:20:88:9a:e3:4d:57:88:25:ba:16:d8:c2:
         4e:18:ae:96:62:d9:09:8c:01:c6:71:6a:1b:c9:61:2c:0a:8f:
         cc:b3:9f:74:e4:a9:90:e8:6b:31:d2:65:87:1d:e9:3d:ea:0a:
         23:d3:c0:5b:fe:81:15:ab:16:7d:a5:b0:30:19:a8:c7:6b:7d:
         7d:40:6f:4b:9c:b7:e5:ec:72:7c:84:fd:f9:4c:43:a8:da:25:
         63:ba:88:ac:7d:f9:39:fd:6f:da:80:6a:24:0a:c5:c6:02:3d:
         4f:bf:81:ad:60:2e:f0:ae:e7:c8:98:b8:66:2e:fc:be:c0:c6:
         b5:05:ae:59:e9:30:11:88:69:34:bc:98:25:99:f9:47:b7:36:
         a4:e7:2e:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDx/zKR8Q32dvHsf62KPzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNjODE4ZTFhOWM2YTg1MTdiY2Q2OTZhNTc0NDI4ZDZk
MTdhNDQwHhcNMjUwNDI5MjMwMDQzWhcNMjUwNDMwMjMwMDQzWjAzMTEwLwYDVQQD
EygwMmY1NmEzY2IxZjM3ODEzY2E5MzIxMTllYmQ2MDJmNGUxNzljMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY43gFvTCSWzICfGybALnyK4sk9D
Xc3PGkiP/33suIKQTUwW6F3w0TNpH7IEwzKIsimcje9FKy1iboBmXz28R82AJUSW
JV/J9gnBerQWz0ZMwzwSAfEpKS41VtyBVd1/EkN+JtQFkXfw6y6KVBrUaGxKcyN7
AtC6/i2YaxUjr9lXPRHal/iMbP8G8o9U2INAU2m7NuHNyvfAcL7Tz1m13p8ldtGO
UpyZbYHPqOlPCnFWBtZpypi4YOuQmeutixYZHejSdGElMe/iG+PlAUP3mocEyzgx
7G/xvAMBqwtEHMX0Nqr1QxxIJ5HXiIAQ4L/WcmZcSdFkgxqcxKAeiNk5jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAL1ajyx83gTypMhGevWAvThecHDMB8GA1UdIwQY
MBaAFD7syBjhqcaoUXvNaWpXRCjW0XpEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2Ut
OGQzZDUwNDgwZDlkLzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2UtOGQzZDUwNDgwZDlk
LzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkg9OyEbq
W2JEG18RK8lZJDlS1knbIcpUbCFNQU6WevmUKwnMuvlmCEcISCLF8RwUW1j3n0/H
qcOnYR7n4mALNgfWv1TQkdaGx5GxPrHSN+GlnD5P8ePE0ltRL1ygy7KAtSIZuben
47HQhixyweuMSkpkIIia401XiCW6FtjCThiulmLZCYwBxnFqG8lhLAqPzLOfdOSp
kOhrMdJlhx3pPeoKI9PAW/6BFasWfaWwMBmox2t9fUBvS5y35exyfIT9+UxDqNol
Y7qIrH35Of1v2oBqJArFxgI9T7+BrWAu8K7nyJi4Zi78vsDGtQWuWekwEYhpNLyY
JZn5R7c2pOcu3A==
-----END CERTIFICATE-----