Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
File:                     5IKZWNgAyhrebhPKeygLIpzmYC4.mft (raw, json)
Hash identifier:          hVFjo8PAX7Hi0a7DMQ07V8mLq+y3Hxc6uUVYjrZanRk=
Subject key identifier:   5F:96:A3:94:6C:D6:14:78:A2:35:77:76:CF:4D:13:CC:92:1B:2C:EA
Authority key identifier: E4:82:99:58:D8:00:CA:1A:DE:6E:13:CA:7B:28:0B:22:9C:E6:60:2E
Certificate issuer:       /CN=e4829958d800ca1ade6e13ca7b280b229ce6602e
Certificate serial:       01967DC68D0F60F31265C4E60F6E65A50ECE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
Manifest number:          1510
Signing time:             Mon 28 Apr 2025 19:01:26 +0000
Manifest this update:     Mon 28 Apr 2025 19:01:26 +0000
Manifest next update:     Tue 29 Apr 2025 19:01:26 +0000
Files and hashes:         1: 5IKZWNgAyhrebhPKeygLIpzmYC4.crl (hash: Wcml9e/lfgCaJ6LKlUUpyZ1TauRcMW4mHAaFI6z9T2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:c6:8d:0f:60:f3:12:65:c4:e6:0f:6e:65:a5:0e:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4829958d800ca1ade6e13ca7b280b229ce6602e
        Validity
            Not Before: Apr 28 19:01:26 2025 GMT
            Not After : Apr 29 19:01:26 2025 GMT
        Subject: CN=5f96a3946cd61478a2357776cf4d13cc921b2cea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:63:8f:6e:d9:38:05:38:63:5e:d3:1b:90:7b:
                    2e:95:ae:f0:64:f0:2d:1f:88:91:d8:3a:99:75:7b:
                    9e:ca:be:85:d8:d4:29:dd:df:06:28:6a:a2:27:90:
                    76:4f:34:e4:ca:3d:14:24:30:08:40:c8:c3:00:98:
                    5d:9d:86:e7:8b:df:a0:ef:b5:0c:ce:4c:9f:db:93:
                    50:e5:bb:29:c4:b3:13:1d:c7:00:6c:0c:73:ef:0d:
                    87:5b:d9:f6:96:22:e7:86:c3:7f:65:88:9c:8d:87:
                    98:8c:c0:a7:3a:7f:9a:00:7b:e7:b5:eb:4a:d7:3a:
                    c3:54:7c:3a:88:9f:f4:37:f7:4b:44:3c:7a:b1:a9:
                    ea:e4:39:e8:b2:64:aa:cd:15:24:29:a0:45:6c:cb:
                    86:c8:30:9e:93:b9:1b:6e:60:1f:8b:d1:ce:30:f0:
                    a2:20:ca:12:29:e8:01:19:d7:72:44:57:b3:54:b5:
                    c2:1b:5f:d5:93:48:dd:70:1d:79:ba:21:4c:3f:59:
                    d0:c4:c6:5c:ba:8a:b8:17:2f:13:a7:f4:63:2a:4e:
                    4c:41:83:9c:ae:b5:2e:a8:b4:b0:2d:8c:36:70:f9:
                    b4:d1:b1:55:6b:33:ce:a4:69:c2:ea:89:a4:54:d6:
                    6c:5a:63:63:5a:03:f7:a4:46:57:d5:d4:59:97:5c:
                    81:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:96:A3:94:6C:D6:14:78:A2:35:77:76:CF:4D:13:CC:92:1B:2C:EA
            X509v3 Authority Key Identifier:
                keyid:E4:82:99:58:D8:00:CA:1A:DE:6E:13:CA:7B:28:0B:22:9C:E6:60:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:0c:84:83:2d:3d:78:34:41:15:cf:3c:64:ec:81:49:ec:c5:
         74:08:a9:b4:0e:53:54:82:54:03:64:72:6b:50:3a:50:f4:d7:
         7e:d6:71:f3:3d:8e:1a:1b:f6:4c:f9:3c:2d:57:82:61:08:b8:
         b5:09:4d:e5:74:65:16:8f:4d:98:31:68:6c:79:5c:a5:3c:75:
         92:85:5c:81:2a:f0:92:bd:9d:9b:36:ed:50:76:d1:f3:7e:bb:
         52:63:f6:54:81:26:e7:40:43:d9:08:75:42:ab:71:be:e7:2f:
         9e:fa:77:13:64:47:90:2a:15:9a:cd:f8:55:b9:92:06:59:b3:
         47:e2:f5:ad:eb:48:d9:fc:8e:e6:36:ba:d8:32:c4:f4:91:8a:
         84:03:30:a8:7e:71:a2:03:2d:9d:47:0a:28:5a:58:62:49:65:
         5f:8e:ca:c8:8d:39:51:57:c1:49:7e:77:08:2d:0c:de:92:c3:
         f8:8d:5e:22:d8:22:a1:e9:96:40:21:f3:5d:a2:ab:60:45:32:
         1b:e2:b2:fe:80:08:f0:f3:de:00:0c:bf:e2:ad:d5:da:00:e2:
         d4:56:ec:a3:2f:c9:75:4d:e3:d4:30:3d:bf:41:53:b4:c4:a2:
         98:f2:13:49:80:5f:47:85:85:f2:70:03:19:ec:1a:a5:76:6d:
         e4:33:39:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xo0PYPMSZcTmD25lpQ7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ODI5OTU4ZDgwMGNhMWFkZTZlMTNjYTdiMjgwYjIyOWNl
NjYwMmUwHhcNMjUwNDI4MTkwMTI2WhcNMjUwNDI5MTkwMTI2WjAzMTEwLwYDVQQD
Eyg1Zjk2YTM5NDZjZDYxNDc4YTIzNTc3NzZjZjRkMTNjYzkyMWIyY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGOPbtk4BThjXtMbkHsula7wZPAt
H4iR2DqZdXueyr6F2NQp3d8GKGqiJ5B2TzTkyj0UJDAIQMjDAJhdnYbni9+g77UM
zkyf25NQ5bspxLMTHccAbAxz7w2HW9n2liLnhsN/ZYicjYeYjMCnOn+aAHvntetK
1zrDVHw6iJ/0N/dLRDx6sanq5DnosmSqzRUkKaBFbMuGyDCek7kbbmAfi9HOMPCi
IMoSKegBGddyRFezVLXCG1/Vk0jdcB15uiFMP1nQxMZcuoq4Fy8Tp/RjKk5MQYOc
rrUuqLSwLYw2cPm00bFVazPOpGnC6omkVNZsWmNjWgP3pEZX1dRZl1yBMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+Wo5Rs1hR4ojV3ds9NE8ySGyzqMB8GA1UdIwQY
MBaAFOSCmVjYAMoa3m4TynsoCyKc5mAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS83M2FmN2MtNTY0Ny00MmQ3LWFhMWQt
MWQ1YmMwMDFhMWRlLzEvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS83M2FmN2MtNTY0Ny00MmQ3LWFhMWQtMWQ1YmMwMDFhMWRl
LzEvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFQyEgy09
eDRBFc88ZOyBSezFdAiptA5TVIJUA2Rya1A6UPTXftZx8z2OGhv2TPk8LVeCYQi4
tQlN5XRlFo9NmDFobHlcpTx1koVcgSrwkr2dmzbtUHbR8367UmP2VIEm50BD2Qh1
Qqtxvucvnvp3E2RHkCoVms34VbmSBlmzR+L1retI2fyO5ja62DLE9JGKhAMwqH5x
ogMtnUcKKFpYYkllX47KyI05UVfBSX53CC0M3pLD+I1eItgioemWQCHzXaKrYEUy
G+Ky/oAI8PPeAAy/4q3V2gDi1Fbsoy/JdU3j1DA9v0FTtMSimPITSYBfR4WF8nAD
GewapXZt5DM5DA==
-----END CERTIFICATE-----