Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
File:                     5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft (raw, json)
Hash identifier:          9l9mhF5xwe4VaaVzRGJB31v1MQrj1e+i6tY80L5XHRs=
Subject key identifier:   A6:67:28:B4:F0:DB:F7:C7:F3:8E:A7:AE:27:77:59:36:45:3C:9A:DF
Authority key identifier: E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9
Certificate issuer:       /CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
Certificate serial:       01968924CA253D97C5DB05855BFF3FA3FACB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
Manifest number:          02FD
Signing time:             Thu 01 May 2025 00:00:11 +0000
Manifest this update:     Thu 01 May 2025 00:00:11 +0000
Manifest next update:     Fri 02 May 2025 00:00:11 +0000
Files and hashes:         1: 5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl (hash: o79KcDAu7Z9hGwMWx/3VpxXqb13+g28I2Uhe3+wFv3g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:89:24:ca:25:3d:97:c5:db:05:85:5b:ff:3f:a3:fa:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
        Validity
            Not Before: May  1 00:00:11 2025 GMT
            Not After : May  2 00:00:11 2025 GMT
        Subject: CN=a66728b4f0dbf7c7f38ea7ae27775936453c9adf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e0:4b:6e:52:33:69:4c:f4:45:de:2c:9b:b3:
                    86:82:72:52:10:c8:e6:61:54:51:c0:60:77:e3:f7:
                    4d:60:3c:21:1b:a7:2a:90:d2:f1:09:b4:7b:27:db:
                    1d:7a:79:8d:97:08:c6:50:4e:06:fa:c5:7e:56:0d:
                    ac:45:6f:b7:c3:c8:b1:41:4a:5f:3b:ee:f4:64:be:
                    a1:2a:e3:b8:9a:4a:58:c0:7d:33:45:19:f1:ec:53:
                    80:ae:a4:3c:fa:16:f5:e6:a7:23:76:b1:57:79:61:
                    34:6b:76:fe:7b:9c:02:90:45:39:0d:3f:4f:57:e5:
                    f7:d1:2f:2c:0e:58:24:fc:03:0b:b5:6f:3d:38:62:
                    ac:bd:50:51:52:27:f7:fb:29:c5:da:6a:6f:66:d8:
                    57:eb:cb:c8:46:a8:c1:5f:c5:fd:27:fb:8d:ae:9a:
                    15:c6:e8:f6:db:18:d3:73:91:a4:62:16:e2:b5:94:
                    1e:9f:8d:b2:67:d9:3f:d3:e7:7e:f2:2a:45:30:ef:
                    4a:4c:fd:d7:4c:d8:9c:cd:0f:dd:19:51:48:59:e0:
                    93:e8:23:98:17:4e:71:a9:e0:f1:dd:66:65:76:d6:
                    43:30:2a:72:a6:de:78:1e:39:9b:91:1a:4f:0e:59:
                    6f:66:39:0f:4d:59:f4:99:1e:b0:8b:64:f9:f1:24:
                    e1:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:67:28:B4:F0:DB:F7:C7:F3:8E:A7:AE:27:77:59:36:45:3C:9A:DF
            X509v3 Authority Key Identifier:
                keyid:E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:4a:d2:f6:f7:34:9b:74:ce:0e:1f:0c:8e:9f:5c:a5:42:8c:
         d6:64:af:8a:04:6b:8e:02:52:5e:3e:1f:88:d7:d9:a1:18:33:
         22:70:81:6b:3e:2c:29:6e:e7:89:8a:d7:47:b3:00:2d:80:02:
         14:95:72:31:09:81:f1:b2:5f:c9:47:a4:d8:ce:b1:6e:af:65:
         25:d7:01:91:c5:e5:eb:20:85:39:1e:34:56:57:fc:65:84:f7:
         9f:98:95:e1:c6:a2:3a:12:59:3c:6d:cd:4b:26:cb:4a:e5:9b:
         12:1b:c6:ff:c2:7c:a0:25:1e:b0:33:15:b4:08:39:cb:8b:76:
         8e:dc:4d:41:99:66:04:2c:bf:5f:72:61:51:12:8a:24:d8:26:
         0c:65:e0:20:d7:93:4f:54:f3:a6:d5:bf:2a:18:0e:d4:41:82:
         87:f4:0b:4e:75:9e:fc:35:d6:c4:68:28:9b:1c:96:3d:da:be:
         50:7e:48:6c:6e:b2:68:74:1f:06:c9:4d:4d:9b:6d:61:06:de:
         61:af:18:b2:73:5b:94:a0:5f:e0:2f:4f:2f:d5:69:3d:99:58:
         88:82:f2:73:3f:b2:4d:6d:c5:a9:91:6b:27:19:33:fb:d7:14:
         f1:0a:5e:ee:d5:f4:4a:d5:48:01:27:34:b4:b2:d4:4f:6d:f9:
         09:96:2b:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJJMolPZfF2wWFW/8/o/rLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MThjZGRjMzlkMzQ3NTYzYzZkYzFlNWVjNWU1OTYyMWU0
MGU0ZDkwHhcNMjUwNTAxMDAwMDExWhcNMjUwNTAyMDAwMDExWjAzMTEwLwYDVQQD
EyhhNjY3MjhiNGYwZGJmN2M3ZjM4ZWE3YWUyNzc3NTkzNjQ1M2M5YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+BLblIzaUz0Rd4sm7OGgnJSEMjm
YVRRwGB34/dNYDwhG6cqkNLxCbR7J9sdenmNlwjGUE4G+sV+Vg2sRW+3w8ixQUpf
O+70ZL6hKuO4mkpYwH0zRRnx7FOArqQ8+hb15qcjdrFXeWE0a3b+e5wCkEU5DT9P
V+X30S8sDlgk/AMLtW89OGKsvVBRUif3+ynF2mpvZthX68vIRqjBX8X9J/uNrpoV
xuj22xjTc5GkYhbitZQen42yZ9k/0+d+8ipFMO9KTP3XTNiczQ/dGVFIWeCT6COY
F05xqeDx3WZldtZDMCpypt54HjmbkRpPDllvZjkPTVn0mR6wi2T58STh1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZnKLTw2/fH846nrid3WTZFPJrfMB8GA1UdIwQY
MBaAFOQYzdw500dWPG3B5exeWWIeQOTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMt
Nzc3ZTZjYTRlZmY2LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMtNzc3ZTZjYTRlZmY2
LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATErS9vc0
m3TODh8Mjp9cpUKM1mSvigRrjgJSXj4fiNfZoRgzInCBaz4sKW7niYrXR7MALYAC
FJVyMQmB8bJfyUek2M6xbq9lJdcBkcXl6yCFOR40Vlf8ZYT3n5iV4caiOhJZPG3N
SybLSuWbEhvG/8J8oCUesDMVtAg5y4t2jtxNQZlmBCy/X3JhURKKJNgmDGXgINeT
T1TzptW/KhgO1EGCh/QLTnWe/DXWxGgomxyWPdq+UH5IbG6yaHQfBslNTZttYQbe
Ya8YsnNblKBf4C9PL9VpPZlYiILycz+yTW3FqZFrJxkz+9cU8Qpe7tX0StVIASc0
tLLUT235CZYryg==
-----END CERTIFICATE-----