Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
File:                     T5mJlOtWGejymrO956sq0U6r_P0.mft (raw, json)
Hash identifier:          eOpfnKQtnsRvr4OKH5rtyDXQ1CJ9ERN8qAGJNN9SN+Q=
Subject key identifier:   53:8F:3B:18:CB:48:C8:16:A3:F3:59:4E:E0:07:2A:55:92:39:7A:9D
Authority key identifier: 4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD
Certificate issuer:       /CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
Certificate serial:       01977A1D6E8DAD04470F04ABADE41B26F5BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
Manifest number:          1591
Signing time:             Mon 16 Jun 2025 19:00:38 +0000
Manifest this update:     Mon 16 Jun 2025 19:00:38 +0000
Manifest next update:     Tue 17 Jun 2025 19:00:38 +0000
Files and hashes:         1: T5mJlOtWGejymrO956sq0U6r_P0.crl (hash: nLGLipfG7BKFvXa/WBRyU0DuYK2299mWGC08L4482dk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 19:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7a:1d:6e:8d:ad:04:47:0f:04:ab:ad:e4:1b:26:f5:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
        Validity
            Not Before: Jun 16 19:00:38 2025 GMT
            Not After : Jun 17 19:00:38 2025 GMT
        Subject: CN=538f3b18cb48c816a3f3594ee0072a5592397a9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c5:51:ae:be:20:d2:dc:02:99:48:fb:17:88:
                    63:ae:cc:98:84:48:7c:7d:9a:12:f2:06:bb:24:99:
                    f2:8f:60:13:a1:1c:45:eb:04:2b:5e:b2:f9:52:6c:
                    91:27:11:ba:7a:7b:4b:a0:d7:dc:7e:6b:1d:32:5e:
                    21:fb:98:6f:06:82:53:79:37:3a:1c:ef:b0:42:5a:
                    fa:35:b2:13:73:65:31:a2:85:ef:70:da:47:9a:4b:
                    9c:fb:0c:73:e0:77:be:ee:04:7c:61:01:d2:7a:ed:
                    01:a1:b4:93:69:62:eb:d5:04:99:98:1f:f5:4f:17:
                    54:7a:af:da:02:f2:3d:94:a5:06:0e:ca:95:e6:3e:
                    e3:60:39:be:de:87:aa:0b:be:84:9b:09:b6:3f:3a:
                    58:be:12:c8:4d:3c:2e:bb:3c:32:48:3f:8c:69:a8:
                    c5:6b:23:f6:45:bf:87:ce:21:bf:13:07:b6:0a:24:
                    8e:f7:29:12:88:64:84:e2:90:d8:79:4b:99:e6:1c:
                    eb:de:71:81:fd:10:e4:09:43:a3:49:5c:2e:a5:a5:
                    4d:57:70:dd:0b:d9:bd:f9:a9:fb:9d:87:dd:7a:a9:
                    68:8e:f7:0b:81:48:89:c7:4e:8c:4c:0c:95:b5:c6:
                    43:08:30:58:10:b1:8b:7a:50:25:a6:87:ad:e0:05:
                    e8:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:8F:3B:18:CB:48:C8:16:A3:F3:59:4E:E0:07:2A:55:92:39:7A:9D
            X509v3 Authority Key Identifier:
                keyid:4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:92:f2:9c:39:de:1c:a7:a0:22:e0:41:ff:c1:e1:d7:6f:19:
         bf:14:9d:0c:26:e6:65:62:a0:85:65:73:ec:07:2f:24:f7:7c:
         d8:c2:7b:2f:64:71:f0:38:79:3a:05:81:c4:89:26:bf:01:8c:
         6d:5d:9d:0d:d4:ac:8d:2b:68:6d:77:af:77:d3:0f:02:1c:3b:
         8d:01:5a:56:e8:81:59:36:8b:7c:99:69:90:91:10:6f:37:8d:
         6f:20:f8:c3:35:ca:c1:0b:c9:1b:3b:ab:04:4b:1b:89:bc:c8:
         85:3a:c7:69:fc:d0:4c:cc:cc:3f:97:60:f3:44:e7:78:0b:90:
         8c:25:99:62:37:59:de:c8:18:22:cb:0b:4c:fb:1f:30:77:52:
         24:40:7c:08:85:d7:16:f7:94:7f:69:51:82:0a:a2:6e:64:bc:
         a1:a5:b1:33:17:c1:1a:db:32:6b:ab:4a:41:b5:41:7a:60:48:
         58:1b:65:7d:cd:6f:57:9f:cf:63:2f:71:dd:cb:b3:e1:41:5a:
         11:60:6f:69:af:de:86:b7:b4:0a:6c:db:22:ef:ff:16:34:38:
         f6:65:de:e8:a3:49:ab:78:2d:89:4e:04:12:86:de:18:91:f5:
         f5:31:ae:b4:0c:0c:91:e2:ad:d2:f7:31:3a:b1:bd:23:bf:21:
         a1:78:95:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd6HW6NrQRHDwSrreQbJvW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTk4OTk0ZWI1NjE5ZThmMjlhYjNiZGU3YWIyYWQxNGVh
YmZjZmQwHhcNMjUwNjE2MTkwMDM4WhcNMjUwNjE3MTkwMDM4WjAzMTEwLwYDVQQD
Eyg1MzhmM2IxOGNiNDhjODE2YTNmMzU5NGVlMDA3MmE1NTkyMzk3YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sVRrr4g0twCmUj7F4hjrsyYhEh8
fZoS8ga7JJnyj2AToRxF6wQrXrL5UmyRJxG6entLoNfcfmsdMl4h+5hvBoJTeTc6
HO+wQlr6NbITc2UxooXvcNpHmkuc+wxz4He+7gR8YQHSeu0BobSTaWLr1QSZmB/1
TxdUeq/aAvI9lKUGDsqV5j7jYDm+3oeqC76Emwm2PzpYvhLITTwuuzwySD+MaajF
ayP2Rb+HziG/Ewe2CiSO9ykSiGSE4pDYeUuZ5hzr3nGB/RDkCUOjSVwupaVNV3Dd
C9m9+an7nYfdeqlojvcLgUiJx06MTAyVtcZDCDBYELGLelAlpoet4AXooQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOPOxjLSMgWo/NZTuAHKlWSOXqdMB8GA1UdIwQY
MBaAFE+ZiZTrVhno8pqzveerKtFOq/z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgt
NDQ2OGQxMmYzMjJiLzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgtNDQ2OGQxMmYzMjJi
LzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf5LynDne
HKegIuBB/8Hh128ZvxSdDCbmZWKghWVz7AcvJPd82MJ7L2Rx8Dh5OgWBxIkmvwGM
bV2dDdSsjStobXevd9MPAhw7jQFaVuiBWTaLfJlpkJEQbzeNbyD4wzXKwQvJGzur
BEsbibzIhTrHafzQTMzMP5dg80TneAuQjCWZYjdZ3sgYIssLTPsfMHdSJEB8CIXX
FveUf2lRggqibmS8oaWxMxfBGtsya6tKQbVBemBIWBtlfc1vV5/PYy9x3cuz4UFa
EWBvaa/ehre0CmzbIu//FjQ49mXe6KNJq3gtiU4EEobeGJH19TGutAwMkeKt0vcx
OrG9I78hoXiVgQ==
-----END CERTIFICATE-----