Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft
File:                     eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft (raw, json)
Hash identifier:          Kxs8f0GT5Ae+O8Z+ShkwTMuLPVKZnPphRQHvC5pmUI8=
Subject key identifier:   9B:2B:C7:BB:AA:D3:66:89:A8:B9:5A:FB:3D:6B:32:A8:0B:96:02:B6
Authority key identifier: 79:95:F9:1E:99:82:25:01:5F:47:06:3C:32:8E:0C:50:1D:68:B5:9D
Certificate issuer:       /CN=7995f91e998225015f47063c328e0c501d68b59d
Certificate serial:       019677C38A4010C118B611D13479B9158492
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft
Manifest number:          0FE8
Signing time:             Sun 27 Apr 2025 15:00:25 +0000
Manifest this update:     Sun 27 Apr 2025 15:00:25 +0000
Manifest next update:     Mon 28 Apr 2025 15:00:25 +0000
Files and hashes:         1: eZX5HpmCJQFfRwY8Mo4MUB1otZ0.crl (hash: glpbXGbn2D+VIyx4NbJIga2EM5ZiB5mecaZ48ea+dpk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:c3:8a:40:10:c1:18:b6:11:d1:34:79:b9:15:84:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7995f91e998225015f47063c328e0c501d68b59d
        Validity
            Not Before: Apr 27 15:00:25 2025 GMT
            Not After : Apr 28 15:00:25 2025 GMT
        Subject: CN=9b2bc7bbaad36689a8b95afb3d6b32a80b9602b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e1:fb:e1:19:b2:04:bc:44:01:7d:41:c2:96:
                    23:bc:df:5c:46:7c:0a:5f:15:34:4e:67:6e:fe:9a:
                    06:c5:5f:0d:88:9b:d0:64:d0:5f:f7:24:45:85:c2:
                    49:01:9a:50:06:11:80:3f:f9:b8:9c:39:eb:9e:e8:
                    49:8f:b3:04:ff:ef:cd:b9:36:a8:6f:df:b1:3f:18:
                    c7:a1:6b:07:10:f5:4b:a1:67:e4:f4:7c:30:3f:ce:
                    6b:be:85:5e:f6:91:6e:eb:22:f0:43:84:06:be:37:
                    1f:d2:53:d6:cb:48:55:63:2a:b6:ea:58:9b:91:31:
                    b2:ea:fb:ac:0c:20:02:66:2c:4c:2b:cd:3c:ca:dc:
                    34:6b:f7:eb:f9:c9:8c:3b:41:dd:31:cd:08:05:fc:
                    6c:23:26:62:fb:37:81:62:f1:df:d4:a1:cc:f6:9d:
                    ab:e8:76:0e:15:7d:1e:c7:5b:45:73:62:43:82:52:
                    01:d7:42:c5:33:d7:a2:ec:7b:a5:ae:e9:72:fa:a0:
                    91:ea:8d:6a:84:fb:9f:8e:39:36:4a:33:a7:04:e6:
                    fc:26:33:ca:c1:8c:ee:cb:5f:ee:c6:de:e1:4a:ba:
                    12:68:9c:a0:90:88:10:aa:56:b9:ac:ae:05:e8:5b:
                    03:d4:d6:79:db:c5:a7:99:4c:04:ed:29:af:bf:7f:
                    4f:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:2B:C7:BB:AA:D3:66:89:A8:B9:5A:FB:3D:6B:32:A8:0B:96:02:B6
            X509v3 Authority Key Identifier:
                keyid:79:95:F9:1E:99:82:25:01:5F:47:06:3C:32:8E:0C:50:1D:68:B5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:4a:08:14:a7:ae:d5:05:89:8e:3a:49:f8:c7:3b:10:37:b8:
         75:c5:b4:12:63:f4:3d:6e:6e:1e:b9:50:72:e7:10:0b:35:17:
         a0:9e:c4:71:23:4a:60:f3:94:6a:52:32:9e:39:58:98:ba:46:
         0a:20:94:4a:20:e0:db:fa:9d:10:85:8d:95:c2:6e:ed:6f:61:
         7e:cd:a8:db:07:21:15:03:1d:7a:a8:1d:b3:d8:8c:c9:36:7e:
         b6:c9:78:1e:1f:12:77:9a:1f:58:c4:93:d2:e1:73:6e:11:fc:
         a0:7c:f8:39:99:46:36:3b:e8:2d:05:bc:6f:f8:15:88:f1:4a:
         a7:9a:f0:9d:f1:15:90:77:95:45:4a:62:74:36:f6:16:b7:e4:
         23:e7:5c:7e:f4:48:2d:00:2b:b2:f4:c2:cd:bd:6f:c9:75:59:
         ee:8c:09:88:9d:55:3a:dc:96:4a:08:32:a6:bf:d7:6a:1f:68:
         9c:b5:9c:4b:e3:3c:7d:98:35:9f:d4:c6:db:91:e2:cb:7c:38:
         e9:59:7f:30:93:ac:51:c0:06:37:26:b4:f0:5e:18:61:d8:a0:
         9f:8c:0e:73:74:2c:7f:5c:c6:79:0d:6c:9c:1a:a1:8a:3f:d1:
         bc:ce:a1:cd:e3:45:df:66:a9:13:7d:c6:8e:ef:a9:29:d0:d1:
         b0:4d:cf:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3w4pAEMEYthHRNHm5FYSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OTVmOTFlOTk4MjI1MDE1ZjQ3MDYzYzMyOGUwYzUwMWQ2
OGI1OWQwHhcNMjUwNDI3MTUwMDI1WhcNMjUwNDI4MTUwMDI1WjAzMTEwLwYDVQQD
Eyg5YjJiYzdiYmFhZDM2Njg5YThiOTVhZmIzZDZiMzJhODBiOTYwMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+H74RmyBLxEAX1BwpYjvN9cRnwK
XxU0Tmdu/poGxV8NiJvQZNBf9yRFhcJJAZpQBhGAP/m4nDnrnuhJj7ME/+/NuTao
b9+xPxjHoWsHEPVLoWfk9HwwP85rvoVe9pFu6yLwQ4QGvjcf0lPWy0hVYyq26lib
kTGy6vusDCACZixMK808ytw0a/fr+cmMO0HdMc0IBfxsIyZi+zeBYvHf1KHM9p2r
6HYOFX0ex1tFc2JDglIB10LFM9ei7Hulruly+qCR6o1qhPufjjk2SjOnBOb8JjPK
wYzuy1/uxt7hSroSaJygkIgQqla5rK4F6FsD1NZ528WnmUwE7Smvv39PZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsrx7uq02aJqLla+z1rMqgLlgK2MB8GA1UdIwQY
MBaAFHmV+R6ZgiUBX0cGPDKODFAdaLWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVpYNUhwbUNKUUZmUndZOE1vNE1VQjFvdFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iNDExZjUtYTdmOC00Yjg0LTg1ZTMt
YTA5ZDZjNWQzNTUyLzEvZVpYNUhwbUNKUUZmUndZOE1vNE1VQjFvdFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iNDExZjUtYTdmOC00Yjg0LTg1ZTMtYTA5ZDZjNWQzNTUy
LzEvZVpYNUhwbUNKUUZmUndZOE1vNE1VQjFvdFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuEoIFKeu
1QWJjjpJ+Mc7EDe4dcW0EmP0PW5uHrlQcucQCzUXoJ7EcSNKYPOUalIynjlYmLpG
CiCUSiDg2/qdEIWNlcJu7W9hfs2o2wchFQMdeqgds9iMyTZ+tsl4Hh8Sd5ofWMST
0uFzbhH8oHz4OZlGNjvoLQW8b/gViPFKp5rwnfEVkHeVRUpidDb2FrfkI+dcfvRI
LQArsvTCzb1vyXVZ7owJiJ1VOtyWSggypr/Xah9onLWcS+M8fZg1n9TG25Hiy3w4
6Vl/MJOsUcAGNya08F4YYdign4wOc3Qsf1zGeQ1snBqhij/RvM6hzeNF32apE33G
ju+pKdDRsE3PLQ==
-----END CERTIFICATE-----