Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
File:                     5pgECu2WLzBoge6mVTBA-5ptNMk.mft (raw, json)
Hash identifier:          d1xw1KZ4XVYeVyee5wofFuTABPm9jzvc/TjIAakns4g=
Subject key identifier:   7C:53:E6:E6:2A:25:95:B8:87:CD:87:82:07:B1:18:A0:BE:AF:4F:F9
Authority key identifier: E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9
Certificate issuer:       /CN=e698040aed962f306881eea6553040fb9a6d34c9
Certificate serial:       01967E33E4312A528981F09CF09CEAD9E98B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
Manifest number:          03B7
Signing time:             Mon 28 Apr 2025 21:00:52 +0000
Manifest this update:     Mon 28 Apr 2025 21:00:52 +0000
Manifest next update:     Tue 29 Apr 2025 21:00:52 +0000
Files and hashes:         1: 5pgECu2WLzBoge6mVTBA-5ptNMk.crl (hash: RM/3ChiqyTYFT96LJIIsJSWcGJcuj7ZmbRqipKq+hvM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 21:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:33:e4:31:2a:52:89:81:f0:9c:f0:9c:ea:d9:e9:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e698040aed962f306881eea6553040fb9a6d34c9
        Validity
            Not Before: Apr 28 21:00:52 2025 GMT
            Not After : Apr 29 21:00:52 2025 GMT
        Subject: CN=7c53e6e62a2595b887cd878207b118a0beaf4ff9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d8:41:9c:0b:a9:15:fb:67:3b:ec:b3:b7:08:
                    70:92:fb:af:47:c7:c3:3d:b4:4a:af:0a:91:43:49:
                    45:7c:b9:26:d3:c1:17:3d:42:ca:b6:9e:0b:a9:d0:
                    dd:c6:16:0c:c2:fe:6e:03:7c:da:48:79:4d:4c:10:
                    4f:41:a0:83:31:73:07:16:95:98:13:c1:54:bc:41:
                    90:f6:56:99:f6:36:bc:a5:2e:46:78:fb:be:27:88:
                    b7:3b:54:2b:99:5d:6b:5c:ca:04:5f:83:58:34:f6:
                    4f:24:38:a0:ff:ac:d1:98:3d:90:55:7d:b0:95:f7:
                    4d:8f:c2:69:78:09:19:42:a6:f9:29:50:4d:43:40:
                    79:76:d2:ea:ab:37:42:1e:e8:40:04:85:a9:4d:95:
                    73:9f:89:bc:f3:f6:f6:e2:e0:a1:05:8e:db:85:06:
                    ac:bc:72:97:ad:03:a2:d3:f4:5a:bd:d8:1c:63:72:
                    1f:1c:6b:68:fe:a1:67:6e:f2:23:f1:12:f6:b7:37:
                    ff:2d:71:5c:19:98:71:b2:2a:3b:b3:af:f0:d4:40:
                    3f:b8:c9:6d:27:9f:be:86:06:02:12:e5:c1:fd:e0:
                    26:da:95:58:51:8b:7c:a3:c4:0a:5c:09:ff:f3:6a:
                    a4:ea:a7:c3:e4:65:ab:a6:22:c9:20:1f:cb:49:fd:
                    16:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:53:E6:E6:2A:25:95:B8:87:CD:87:82:07:B1:18:A0:BE:AF:4F:F9
            X509v3 Authority Key Identifier:
                keyid:E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:c8:fa:b7:1c:df:73:60:51:d0:c3:70:9c:69:a2:6f:4f:12:
         64:10:de:91:93:7c:0d:15:ca:07:43:e7:ee:b0:5d:f1:d1:38:
         71:ae:78:69:8a:63:bc:f6:80:6b:f1:ef:6f:74:9e:c4:de:07:
         57:db:ac:64:c3:57:d0:af:c3:6c:52:75:72:d1:a4:07:7b:c2:
         a3:ff:0a:7e:fe:2c:93:f4:63:a8:ac:ed:2f:1e:7f:ae:d9:11:
         6b:c5:b1:27:41:39:92:ba:30:22:63:d5:4e:26:38:cc:c5:c8:
         dd:19:60:a1:78:9f:66:49:0a:38:82:1a:5d:b4:60:94:ef:0b:
         e4:04:c5:1e:3d:d3:22:2a:1d:dc:2a:1a:7c:6a:95:4f:4f:79:
         2f:47:42:ac:8e:f2:64:54:2b:eb:82:fe:51:f7:e8:b6:3b:6b:
         67:ae:91:0f:52:cd:c3:61:5f:78:be:ed:e9:1a:a4:96:09:84:
         a2:41:43:b6:aa:9c:54:9c:b1:ac:c4:cc:9a:c6:a1:bb:0f:7e:
         32:cb:30:47:0e:7f:5f:fa:88:f3:50:06:d1:6c:17:6a:da:3e:
         6f:2e:d3:3f:26:8a:4b:41:c4:34:4c:35:f7:d0:b2:ff:5d:02:
         1a:2c:e5:24:55:72:39:f1:d8:e1:1e:92:45:77:bf:83:03:5e:
         0f:84:64:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+M+QxKlKJgfCc8Jzq2emLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OTgwNDBhZWQ5NjJmMzA2ODgxZWVhNjU1MzA0MGZiOWE2
ZDM0YzkwHhcNMjUwNDI4MjEwMDUyWhcNMjUwNDI5MjEwMDUyWjAzMTEwLwYDVQQD
Eyg3YzUzZTZlNjJhMjU5NWI4ODdjZDg3ODIwN2IxMThhMGJlYWY0ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNhBnAupFftnO+yztwhwkvuvR8fD
PbRKrwqRQ0lFfLkm08EXPULKtp4LqdDdxhYMwv5uA3zaSHlNTBBPQaCDMXMHFpWY
E8FUvEGQ9laZ9ja8pS5GePu+J4i3O1QrmV1rXMoEX4NYNPZPJDig/6zRmD2QVX2w
lfdNj8JpeAkZQqb5KVBNQ0B5dtLqqzdCHuhABIWpTZVzn4m88/b24uChBY7bhQas
vHKXrQOi0/RavdgcY3IfHGto/qFnbvIj8RL2tzf/LXFcGZhxsio7s6/w1EA/uMlt
J5++hgYCEuXB/eAm2pVYUYt8o8QKXAn/82qk6qfD5GWrpiLJIB/LSf0WjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxT5uYqJZW4h82HggexGKC+r0/5MB8GA1UdIwQY
MBaAFOaYBArtli8waIHuplUwQPuabTTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYt
ZTIzNDk3MzkzYjhmLzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYtZTIzNDk3MzkzYjhm
LzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc8j6txzf
c2BR0MNwnGmib08SZBDekZN8DRXKB0Pn7rBd8dE4ca54aYpjvPaAa/Hvb3SexN4H
V9usZMNX0K/DbFJ1ctGkB3vCo/8Kfv4sk/RjqKztLx5/rtkRa8WxJ0E5krowImPV
TiY4zMXI3RlgoXifZkkKOIIaXbRglO8L5ATFHj3TIiod3CoafGqVT095L0dCrI7y
ZFQr64L+UffotjtrZ66RD1LNw2FfeL7t6RqklgmEokFDtqqcVJyxrMTMmsahuw9+
MsswRw5/X/qI81AG0WwXato+by7TPyaKS0HENEw199Cy/10CGizlJFVyOfHY4R6S
RXe/gwNeD4RkUg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 02:13:52 2025 by rpki-client