Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
File:                     5pgECu2WLzBoge6mVTBA-5ptNMk.mft (raw, json)
Hash identifier:          ePxGuNV78A5phhODZQF+hm9OZN5OaSxjd24Am4egL6U=
Subject key identifier:   2A:B1:44:63:D8:DF:62:A0:04:6C:B1:83:14:2B:6E:57:4A:08:10:1F
Authority key identifier: E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9
Certificate issuer:       /CN=e698040aed962f306881eea6553040fb9a6d34c9
Certificate serial:       01967C45B820F92DAEE5E21116666578E8DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
Manifest number:          03B6
Signing time:             Mon 28 Apr 2025 12:01:05 +0000
Manifest this update:     Mon 28 Apr 2025 12:01:05 +0000
Manifest next update:     Tue 29 Apr 2025 12:01:05 +0000
Files and hashes:         1: 5pgECu2WLzBoge6mVTBA-5ptNMk.crl (hash: wC7esghpbysExjYoc/8dHcO41tiTIT1coNoj0OnOQ5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7c:45:b8:20:f9:2d:ae:e5:e2:11:16:66:65:78:e8:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e698040aed962f306881eea6553040fb9a6d34c9
        Validity
            Not Before: Apr 28 12:01:05 2025 GMT
            Not After : Apr 29 12:01:05 2025 GMT
        Subject: CN=2ab14463d8df62a0046cb183142b6e574a08101f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:60:9b:05:97:5d:b9:6f:9b:4b:27:30:c5:69:
                    89:2f:c6:1f:4e:9d:c0:1e:d5:42:d9:87:c2:cc:f8:
                    7e:8a:b0:5a:a0:ec:85:7f:6b:d7:a0:4b:27:45:a4:
                    76:d7:d5:ed:c9:09:73:a3:61:54:ce:7d:2d:c8:5e:
                    0c:08:7c:38:94:9e:cd:4c:40:f1:7f:68:cc:cf:96:
                    eb:fe:b0:e7:ad:1b:c9:66:7c:4d:d5:76:bd:a5:3b:
                    6d:a6:d0:12:d1:d2:44:66:e4:d7:8b:04:bf:7b:7e:
                    61:f6:3b:da:4c:94:25:db:f6:f5:d9:54:4d:5b:21:
                    36:64:e0:28:57:18:c0:8f:37:78:fc:13:eb:9d:e1:
                    61:f1:59:70:53:5a:d4:63:37:35:b8:98:82:eb:28:
                    48:e9:f3:9d:a4:ed:68:e2:ba:dc:39:8e:51:26:c7:
                    d2:a9:d9:ad:6d:20:19:aa:2d:17:c7:e3:b7:b0:56:
                    ab:01:93:fe:70:e9:c3:a7:63:b1:d9:71:a9:59:1b:
                    89:36:0d:12:e3:bd:f7:8a:c9:1c:b4:f4:86:9f:aa:
                    83:50:04:45:55:7d:aa:3f:24:f4:e9:6b:68:c3:47:
                    b0:09:be:f0:9a:69:ed:28:98:d6:3b:27:41:eb:2c:
                    b7:65:70:76:fe:ea:b0:6b:fb:32:03:dc:5f:dd:8d:
                    c3:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:B1:44:63:D8:DF:62:A0:04:6C:B1:83:14:2B:6E:57:4A:08:10:1F
            X509v3 Authority Key Identifier:
                keyid:E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:4f:27:8f:a8:39:7e:02:db:a2:45:cf:c8:14:27:3b:c7:9b:
         a7:3c:8f:45:08:55:4b:7a:a3:f4:a9:66:ac:86:32:d5:72:8f:
         84:b0:8b:6e:40:4d:c5:ff:78:c6:ac:24:c0:ff:34:4d:d7:1a:
         d5:b1:77:9d:fd:78:ed:57:22:ad:4d:02:26:6c:73:16:7b:d9:
         fc:95:55:f9:8a:38:94:86:a4:62:5f:39:ed:f5:a2:8c:a7:4e:
         2a:4c:cd:17:03:43:9d:14:d3:9f:f8:4a:fd:42:ae:c8:03:f3:
         c8:a9:0f:a9:eb:e3:30:c5:bd:06:6a:ef:03:f5:3f:ca:a2:1d:
         84:50:35:cb:36:8d:34:5a:a6:a4:e5:7f:bd:1c:d8:1d:b9:a1:
         f8:f0:3f:07:bf:2b:a7:06:d8:29:fb:5e:90:ef:0d:6e:72:52:
         60:8c:ff:9c:0f:4d:c3:d8:64:06:c1:4a:90:78:56:bc:51:c0:
         f9:fa:9a:57:94:93:f3:d1:8a:97:46:47:0e:00:bd:8a:64:78:
         19:68:4d:d4:c0:72:12:42:b3:be:df:8c:85:40:64:dd:cd:83:
         f2:8b:7e:03:d9:e8:fa:93:2a:1e:16:a4:87:b4:c7:68:bb:c7:
         1b:9c:d7:a9:27:ec:38:ca:d1:e1:04:52:b8:60:99:09:6f:aa:
         cc:56:48:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8Rbgg+S2u5eIRFmZleOjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OTgwNDBhZWQ5NjJmMzA2ODgxZWVhNjU1MzA0MGZiOWE2
ZDM0YzkwHhcNMjUwNDI4MTIwMTA1WhcNMjUwNDI5MTIwMTA1WjAzMTEwLwYDVQQD
EygyYWIxNDQ2M2Q4ZGY2MmEwMDQ2Y2IxODMxNDJiNmU1NzRhMDgxMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2CbBZdduW+bSycwxWmJL8YfTp3A
HtVC2YfCzPh+irBaoOyFf2vXoEsnRaR219XtyQlzo2FUzn0tyF4MCHw4lJ7NTEDx
f2jMz5br/rDnrRvJZnxN1Xa9pTttptAS0dJEZuTXiwS/e35h9jvaTJQl2/b12VRN
WyE2ZOAoVxjAjzd4/BPrneFh8VlwU1rUYzc1uJiC6yhI6fOdpO1o4rrcOY5RJsfS
qdmtbSAZqi0Xx+O3sFarAZP+cOnDp2Ox2XGpWRuJNg0S4733iskctPSGn6qDUARF
VX2qPyT06Wtow0ewCb7wmmntKJjWOydB6yy3ZXB2/uqwa/syA9xf3Y3D6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqxRGPY32KgBGyxgxQrbldKCBAfMB8GA1UdIwQY
MBaAFOaYBArtli8waIHuplUwQPuabTTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYt
ZTIzNDk3MzkzYjhmLzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYtZTIzNDk3MzkzYjhm
LzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbU8nj6g5
fgLbokXPyBQnO8ebpzyPRQhVS3qj9KlmrIYy1XKPhLCLbkBNxf94xqwkwP80Tdca
1bF3nf147VcirU0CJmxzFnvZ/JVV+Yo4lIakYl857fWijKdOKkzNFwNDnRTTn/hK
/UKuyAPzyKkPqevjMMW9BmrvA/U/yqIdhFA1yzaNNFqmpOV/vRzYHbmh+PA/B78r
pwbYKftekO8NbnJSYIz/nA9Nw9hkBsFKkHhWvFHA+fqaV5ST89GKl0ZHDgC9imR4
GWhN1MByEkKzvt+MhUBk3c2D8ot+A9no+pMqHhakh7THaLvHG5zXqSfsOMrR4QRS
uGCZCW+qzFZIkw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:34:36 2025 by rpki-client