Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          dWdTKF5saPU3pqaJtvD6HyBkkqylVft2QqnTGuTbekU=
Subject key identifier:   5F:CF:7A:4B:80:BD:C5:3B:C6:95:BB:87:6D:68:48:B9:91:B0:14:BC
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       0196963BF0AB50293FFBEED4E4F353CBF902
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0BFD
Signing time:             Sat 03 May 2025 13:00:32 +0000
Manifest this update:     Sat 03 May 2025 13:00:32 +0000
Manifest next update:     Sun 04 May 2025 13:00:32 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: umxn4ymZllxBJ0qBksHxWg5aQZNfViaGF1EW0vkx9SU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 04 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:96:3b:f0:ab:50:29:3f:fb:ee:d4:e4:f3:53:cb:f9:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: May  3 13:00:32 2025 GMT
            Not After : May  4 13:00:32 2025 GMT
        Subject: CN=5fcf7a4b80bdc53bc695bb876d6848b991b014bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b0:5c:d8:c3:75:59:07:87:10:a0:4f:8b:e7:
                    6d:db:ae:75:8b:cc:2c:1b:f2:3c:de:6b:2a:fe:7b:
                    ef:8b:9f:c0:a9:1a:49:0d:5d:d9:0a:4e:74:5b:84:
                    7b:77:16:39:a2:12:19:e4:fc:ff:11:6f:84:e1:c6:
                    d3:8e:71:8f:2a:97:3a:9a:23:f8:1c:02:40:58:db:
                    c2:e7:b8:ae:21:ec:b6:79:c8:45:53:b6:b7:91:1b:
                    9a:08:69:49:af:d5:96:12:3d:0d:f7:43:70:8c:bc:
                    21:24:33:bc:c7:20:5d:27:89:46:d2:f2:69:54:04:
                    2e:3b:81:e5:16:22:c1:6b:37:fe:35:d9:69:af:20:
                    40:e3:93:b1:c3:d5:66:0d:3f:03:cf:b6:39:40:e4:
                    eb:c7:a2:e3:e7:b8:f2:3b:ce:b0:41:df:c4:e4:79:
                    12:a5:4e:4c:fe:62:7e:2c:74:2c:b0:26:d7:c3:aa:
                    7f:99:56:f0:de:61:8e:04:09:f9:94:1d:8e:79:cf:
                    58:a0:db:f1:58:de:21:af:1e:c7:14:43:35:95:28:
                    1e:2d:36:ee:b0:95:de:86:31:da:77:be:a5:5b:fe:
                    dd:6c:eb:b1:15:8f:6e:d5:74:2b:7e:5e:ec:35:51:
                    bc:81:c7:7b:e9:91:d3:03:c0:b5:8c:cf:c2:06:f2:
                    78:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:CF:7A:4B:80:BD:C5:3B:C6:95:BB:87:6D:68:48:B9:91:B0:14:BC
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:9f:a3:a8:7b:0b:df:59:00:dd:9c:0e:6d:81:bf:9a:c2:33:
         4d:bf:3f:6b:5b:fd:20:3b:40:8e:87:72:ca:77:66:e1:dc:8c:
         32:8c:8d:81:e7:e6:51:c8:0d:a5:2f:b6:e4:73:61:c3:69:3e:
         81:38:58:b1:13:00:0a:5c:65:cb:87:e1:8d:c9:aa:85:64:bd:
         73:a9:d9:02:89:70:da:ef:b3:6b:19:62:0c:0e:9d:03:c0:c8:
         4b:b9:1c:09:23:00:dd:f2:3c:8c:ce:d4:00:1f:bb:24:50:82:
         c8:76:52:33:c9:2e:b6:36:d8:51:ef:72:c2:dd:fc:c5:6b:5d:
         de:0b:58:45:e7:31:c2:3d:3b:4d:31:1a:70:86:2d:80:85:68:
         de:47:c9:35:26:93:65:27:70:6b:8e:50:8f:4e:f9:30:40:5f:
         75:18:5d:b6:23:b8:5a:6b:4b:74:9c:5a:22:df:7b:48:27:f1:
         ea:2d:c1:a9:6b:3a:d2:2b:1e:0e:8d:61:16:fa:6e:65:82:f5:
         84:b4:7e:29:86:4e:cc:89:ff:7a:76:fc:c8:b5:54:90:c8:5d:
         bb:32:a5:f9:f3:47:1d:15:3e:81:94:62:a2:6e:52:3c:db:c5:
         d4:da:f4:27:a9:e4:de:a2:bc:e3:ec:3c:f0:b8:01:a1:d6:f6:
         b9:47:99:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaWO/CrUCk/++7U5PNTy/kCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjUwNTAzMTMwMDMyWhcNMjUwNTA0MTMwMDMyWjAzMTEwLwYDVQQD
Eyg1ZmNmN2E0YjgwYmRjNTNiYzY5NWJiODc2ZDY4NDhiOTkxYjAxNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Bc2MN1WQeHEKBPi+dt2651i8ws
G/I83msq/nvvi5/AqRpJDV3ZCk50W4R7dxY5ohIZ5Pz/EW+E4cbTjnGPKpc6miP4
HAJAWNvC57iuIey2echFU7a3kRuaCGlJr9WWEj0N90NwjLwhJDO8xyBdJ4lG0vJp
VAQuO4HlFiLBazf+NdlpryBA45Oxw9VmDT8Dz7Y5QOTrx6Lj57jyO86wQd/E5HkS
pU5M/mJ+LHQssCbXw6p/mVbw3mGOBAn5lB2Oec9YoNvxWN4hrx7HFEM1lSgeLTbu
sJXehjHad76lW/7dbOuxFY9u1XQrfl7sNVG8gcd76ZHTA8C1jM/CBvJ40wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/PekuAvcU7xpW7h21oSLmRsBS8MB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcZ+jqHsL
31kA3ZwObYG/msIzTb8/a1v9IDtAjodyyndm4dyMMoyNgefmUcgNpS+25HNhw2k+
gThYsRMAClxly4fhjcmqhWS9c6nZAolw2u+zaxliDA6dA8DIS7kcCSMA3fI8jM7U
AB+7JFCCyHZSM8kutjbYUe9ywt38xWtd3gtYRecxwj07TTEacIYtgIVo3kfJNSaT
ZSdwa45Qj075MEBfdRhdtiO4WmtLdJxaIt97SCfx6i3BqWs60iseDo1hFvpuZYL1
hLR+KYZOzIn/enb8yLVUkMhduzKl+fNHHRU+gZRiom5SPNvF1Nr0J6nk3qK84+w8
8LgBodb2uUeZtg==
-----END CERTIFICATE-----