Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.mft
File:                     5OIv9yeFHntJFhTwetExVxQcwwk.mft (raw, json)
Hash identifier:          o6WogXEb+WyqbVrMKlzlicdEQKnfRA73tIsPwL6QK+s=
Subject key identifier:   2D:71:34:58:76:96:D3:61:B5:EE:E7:1D:C6:17:AB:86:F6:CB:E3:BF
Authority key identifier: E4:E2:2F:F7:27:85:1E:7B:49:16:14:F0:7A:D1:31:57:14:1C:C3:09
Certificate issuer:       /CN=e4e22ff727851e7b491614f07ad13157141cc309
Certificate serial:       019676E84DE4604832BAC0470AD419417135
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5OIv9yeFHntJFhTwetExVxQcwwk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.mft
Manifest number:          13BE
Signing time:             Sun 27 Apr 2025 11:00:57 +0000
Manifest this update:     Sun 27 Apr 2025 11:00:57 +0000
Manifest next update:     Mon 28 Apr 2025 11:00:57 +0000
Files and hashes:         1: 5OIv9yeFHntJFhTwetExVxQcwwk.crl (hash: bKxLXA23zWVPsISyLDXzzoeQY1+9+fDRaaxUnAxJ6Pc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5OIv9yeFHntJFhTwetExVxQcwwk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:e8:4d:e4:60:48:32:ba:c0:47:0a:d4:19:41:71:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4e22ff727851e7b491614f07ad13157141cc309
        Validity
            Not Before: Apr 27 11:00:57 2025 GMT
            Not After : Apr 28 11:00:57 2025 GMT
        Subject: CN=2d7134587696d361b5eee71dc617ab86f6cbe3bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ea:97:60:dd:c6:24:da:e9:25:fc:9d:f4:96:
                    ae:a3:0e:92:41:3e:37:72:5a:db:cc:ba:9e:c9:10:
                    90:de:3e:52:b0:ca:e2:79:64:34:e8:79:e4:7e:f1:
                    b4:ae:60:20:c7:4a:6f:11:38:1d:1c:e9:39:46:dc:
                    9d:e1:96:eb:6e:df:55:5e:f9:4b:f6:63:25:ed:cd:
                    a6:e8:35:d5:9c:45:51:7e:04:e4:ac:d1:60:45:bb:
                    63:00:a7:fa:56:9e:d5:87:a7:f5:55:96:c4:05:3e:
                    50:47:fb:49:5e:7d:cb:88:fe:03:ea:e8:0e:45:0a:
                    6d:f3:42:d0:2b:ab:13:52:1b:fd:6b:94:4c:fb:11:
                    43:b4:c8:a8:5a:89:51:00:69:f3:d8:44:1a:61:2d:
                    e0:31:6e:b6:61:80:5d:2c:5e:05:67:6d:2d:cf:61:
                    59:47:a6:51:c3:e3:c9:58:78:b7:50:d6:39:65:0d:
                    2e:ea:90:e9:c1:59:38:0e:0c:c3:5d:e8:4e:ef:d7:
                    b0:8c:10:b6:75:1f:bf:6a:d1:9f:e1:69:5e:e8:ab:
                    ab:2f:6d:90:5a:42:8a:70:cb:ff:bf:e3:46:53:2b:
                    f6:a0:8b:4c:bf:f2:7d:d2:60:1e:35:f3:8f:2e:37:
                    ac:52:a5:6c:59:c8:f2:c1:82:b8:8c:b4:6b:b0:a0:
                    79:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:71:34:58:76:96:D3:61:B5:EE:E7:1D:C6:17:AB:86:F6:CB:E3:BF
            X509v3 Authority Key Identifier:
                keyid:E4:E2:2F:F7:27:85:1E:7B:49:16:14:F0:7A:D1:31:57:14:1C:C3:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5OIv9yeFHntJFhTwetExVxQcwwk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:65:71:a4:7c:46:70:35:9a:7f:46:ca:80:e3:8e:89:10:7a:
         4e:ee:f0:60:e7:34:0e:2c:2e:70:13:80:0c:f5:a1:cd:e9:96:
         16:22:f2:fe:44:c2:f2:ba:e2:c0:c9:57:b8:d8:7d:98:83:a1:
         d6:e7:16:46:2f:be:7c:aa:a4:dc:73:fc:3c:8a:70:6f:f1:a4:
         d2:95:39:14:17:fe:9e:5a:05:dc:de:4b:60:6b:81:70:8c:61:
         36:59:6a:bc:58:61:b5:8a:2e:5d:1a:a3:40:c7:e7:eb:77:f0:
         43:1f:d2:1d:9d:e3:82:a5:ff:a4:cd:a7:4d:ea:d7:3c:13:ef:
         cd:31:27:45:2c:1c:85:36:17:73:f9:7c:5a:1b:01:63:a3:ca:
         93:be:42:6b:97:3f:f8:65:d4:68:e2:92:c1:4d:39:e1:9f:e4:
         45:df:b8:04:40:2c:12:11:31:96:c3:ca:c6:f0:4a:28:b5:16:
         24:7e:12:25:d9:e6:fb:58:2b:ad:39:2c:1e:fd:ac:32:5f:95:
         8d:69:cc:6f:2e:e3:68:b1:4d:67:51:ae:1e:73:e7:39:10:9c:
         21:aa:d8:78:45:b3:24:30:54:c6:24:f9:14:72:42:16:7a:98:
         19:53:ac:11:89:84:ce:57:07:56:c1:9a:32:e3:14:83:61:0b:
         71:d0:c9:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ26E3kYEgyusBHCtQZQXE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZTIyZmY3Mjc4NTFlN2I0OTE2MTRmMDdhZDEzMTU3MTQx
Y2MzMDkwHhcNMjUwNDI3MTEwMDU3WhcNMjUwNDI4MTEwMDU3WjAzMTEwLwYDVQQD
EygyZDcxMzQ1ODc2OTZkMzYxYjVlZWU3MWRjNjE3YWI4NmY2Y2JlM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+qXYN3GJNrpJfyd9Jauow6SQT43
clrbzLqeyRCQ3j5SsMrieWQ06HnkfvG0rmAgx0pvETgdHOk5Rtyd4Zbrbt9VXvlL
9mMl7c2m6DXVnEVRfgTkrNFgRbtjAKf6Vp7Vh6f1VZbEBT5QR/tJXn3LiP4D6ugO
RQpt80LQK6sTUhv9a5RM+xFDtMioWolRAGnz2EQaYS3gMW62YYBdLF4FZ20tz2FZ
R6ZRw+PJWHi3UNY5ZQ0u6pDpwVk4DgzDXehO79ewjBC2dR+/atGf4Wle6KurL22Q
WkKKcMv/v+NGUyv2oItMv/J90mAeNfOPLjesUqVsWcjywYK4jLRrsKB5/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1xNFh2ltNhte7nHcYXq4b2y+O/MB8GA1UdIwQY
MBaAFOTiL/cnhR57SRYU8HrRMVcUHMMJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU9Jdjl5ZUZIbnRKRmhUd2V0RXhWeFFjd3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC83MGU5NjQtNjAxZS00ZjRiLTkxMWUt
NmUzYTdkOTY5YTQwLzEvNU9Jdjl5ZUZIbnRKRmhUd2V0RXhWeFFjd3drLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC83MGU5NjQtNjAxZS00ZjRiLTkxMWUtNmUzYTdkOTY5YTQw
LzEvNU9Jdjl5ZUZIbnRKRmhUd2V0RXhWeFFjd3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkGVxpHxG
cDWaf0bKgOOOiRB6Tu7wYOc0DiwucBOADPWhzemWFiLy/kTC8rriwMlXuNh9mIOh
1ucWRi++fKqk3HP8PIpwb/Gk0pU5FBf+nloF3N5LYGuBcIxhNllqvFhhtYouXRqj
QMfn63fwQx/SHZ3jgqX/pM2nTerXPBPvzTEnRSwchTYXc/l8WhsBY6PKk75Ca5c/
+GXUaOKSwU054Z/kRd+4BEAsEhExlsPKxvBKKLUWJH4SJdnm+1grrTksHv2sMl+V
jWnMby7jaLFNZ1GuHnPnORCcIarYeEWzJDBUxiT5FHJCFnqYGVOsEYmEzlcHVsGa
MuMUg2ELcdDJZQ==
-----END CERTIFICATE-----