Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/ebc804-e3c6-40e6-bfbe-bdf364ba77cd/1/kUPF9Ix3p5yYX15TYuCCrVTiMGM.mft
File:                     kUPF9Ix3p5yYX15TYuCCrVTiMGM.mft (raw, json)
Hash identifier:          +W9/IOr/+34QubpPmbpd/1hkZlsFqhrHJBgpYODNHMQ=
Subject key identifier:   0D:71:18:7D:CB:E4:8D:81:7C:71:9D:7A:4E:2D:CD:4B:50:E5:7E:88
Authority key identifier: 91:43:C5:F4:8C:77:A7:9C:98:5F:5E:53:62:E0:82:AD:54:E2:30:63
Certificate issuer:       /CN=9143c5f48c77a79c985f5e5362e082ad54e23063
Certificate serial:       01965537AA1F674277602CB2F2482333CCA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kUPF9Ix3p5yYX15TYuCCrVTiMGM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/ebc804-e3c6-40e6-bfbe-bdf364ba77cd/1/kUPF9Ix3p5yYX15TYuCCrVTiMGM.mft
Manifest number:          0BE3
Signing time:             Sun 20 Apr 2025 22:00:33 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:33 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:33 +0000
Files and hashes:         1: kUPF9Ix3p5yYX15TYuCCrVTiMGM.crl (hash: 7PcOTLCEHlgblfHBUoSTmMVJVsRbEd0TtTjLivaGdmc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/ebc804-e3c6-40e6-bfbe-bdf364ba77cd/1/kUPF9Ix3p5yYX15TYuCCrVTiMGM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/ebc804-e3c6-40e6-bfbe-bdf364ba77cd/1/kUPF9Ix3p5yYX15TYuCCrVTiMGM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kUPF9Ix3p5yYX15TYuCCrVTiMGM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:aa:1f:67:42:77:60:2c:b2:f2:48:23:33:cc:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9143c5f48c77a79c985f5e5362e082ad54e23063
        Validity
            Not Before: Apr 20 22:00:33 2025 GMT
            Not After : Apr 21 22:00:33 2025 GMT
        Subject: CN=0d71187dcbe48d817c719d7a4e2dcd4b50e57e88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:a4:72:05:b5:c1:fd:9a:92:75:3f:3a:c3:84:
                    a6:ca:e4:bd:c2:b9:14:69:33:de:8a:46:6a:02:12:
                    6d:38:8f:3f:b0:04:7b:63:c1:bd:f7:2f:54:cc:89:
                    e9:18:48:f3:4a:a8:5e:63:2e:d8:8c:a2:18:b1:9a:
                    e7:98:29:7f:a7:40:77:49:58:bd:b1:dc:ad:70:60:
                    42:63:f7:3d:d5:32:27:43:83:2a:e7:97:5f:8a:7a:
                    44:39:f1:f6:43:0d:41:ec:1b:1c:6f:fa:a4:4d:91:
                    50:fe:f4:94:46:58:fa:3c:10:91:b6:e5:f2:44:6e:
                    a8:d9:44:21:8a:67:d7:4b:2f:e3:11:d5:22:9d:73:
                    da:64:62:0d:7e:f7:d8:1e:60:ef:1d:df:ec:5c:d6:
                    08:84:77:fc:dd:ca:0d:57:51:ad:a2:61:7b:51:d5:
                    7e:e2:b7:43:8d:a4:90:06:4a:c7:46:b5:41:7b:4c:
                    39:71:a7:b3:98:a1:1a:66:e2:57:f4:12:30:b2:f7:
                    36:ac:76:d4:40:50:06:72:09:9d:6a:66:eb:38:19:
                    c0:7e:28:73:8e:aa:13:dd:7e:13:47:a0:06:a7:29:
                    00:5d:f7:a7:49:31:7b:00:81:6c:56:04:a8:f8:72:
                    47:57:ca:39:3f:95:20:26:66:91:d9:69:e1:a3:8a:
                    5b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:71:18:7D:CB:E4:8D:81:7C:71:9D:7A:4E:2D:CD:4B:50:E5:7E:88
            X509v3 Authority Key Identifier:
                keyid:91:43:C5:F4:8C:77:A7:9C:98:5F:5E:53:62:E0:82:AD:54:E2:30:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUPF9Ix3p5yYX15TYuCCrVTiMGM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ebc804-e3c6-40e6-bfbe-bdf364ba77cd/1/kUPF9Ix3p5yYX15TYuCCrVTiMGM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ebc804-e3c6-40e6-bfbe-bdf364ba77cd/1/kUPF9Ix3p5yYX15TYuCCrVTiMGM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:9e:3f:56:c3:08:5c:f5:d4:91:97:7c:5c:ee:5c:c5:ca:a0:
         5c:ec:a0:7f:c3:97:4c:41:c3:ea:cc:d7:13:be:32:74:66:3b:
         3e:c8:34:9b:f4:9c:83:55:21:fd:f6:2a:f2:e5:22:3a:15:c0:
         85:fb:89:2b:6a:87:9b:9f:ad:16:89:61:b8:f3:5e:35:0a:ea:
         16:86:5d:6a:0a:2b:66:99:98:36:1a:db:b5:d0:ea:e5:3f:ef:
         a3:12:2c:bb:63:5c:ba:e3:ca:d4:96:5b:c1:24:6c:40:b2:1d:
         37:8f:9e:e8:61:64:95:14:c1:e0:15:5b:fa:8f:c1:cc:01:fb:
         70:f3:80:f5:08:34:97:8d:95:14:a0:1a:b5:74:e5:a2:ae:a0:
         24:7c:18:d8:52:67:89:9c:5d:bd:91:dd:1a:cb:fb:de:c1:0d:
         2d:43:80:e2:fe:dd:5d:78:9e:69:7a:59:70:5e:00:f4:11:97:
         bc:03:64:fa:9d:76:76:9f:13:31:0f:20:fa:87:3f:f0:06:c5:
         67:3d:b5:c7:5d:6e:52:4f:45:de:cf:88:69:b7:ef:14:93:ab:
         9a:24:f6:83:fc:91:b8:4d:e6:45:20:7c:20:bd:f6:d4:38:e1:
         69:21:4f:16:7b:00:4b:ff:9c:fb:2a:46:6f:32:18:f3:82:8f:
         9c:18:7f:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN6ofZ0J3YCyy8kgjM8yhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNDNjNWY0OGM3N2E3OWM5ODVmNWU1MzYyZTA4MmFkNTRl
MjMwNjMwHhcNMjUwNDIwMjIwMDMzWhcNMjUwNDIxMjIwMDMzWjAzMTEwLwYDVQQD
EygwZDcxMTg3ZGNiZTQ4ZDgxN2M3MTlkN2E0ZTJkY2Q0YjUwZTU3ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6RyBbXB/ZqSdT86w4SmyuS9wrkU
aTPeikZqAhJtOI8/sAR7Y8G99y9UzInpGEjzSqheYy7YjKIYsZrnmCl/p0B3SVi9
sdytcGBCY/c91TInQ4Mq55dfinpEOfH2Qw1B7Bscb/qkTZFQ/vSURlj6PBCRtuXy
RG6o2UQhimfXSy/jEdUinXPaZGINfvfYHmDvHd/sXNYIhHf83coNV1GtomF7UdV+
4rdDjaSQBkrHRrVBe0w5caezmKEaZuJX9BIwsvc2rHbUQFAGcgmdambrOBnAfihz
jqoT3X4TR6AGpykAXfenSTF7AIFsVgSo+HJHV8o5P5UgJmaR2Wnho4pb6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1xGH3L5I2BfHGdek4tzUtQ5X6IMB8GA1UdIwQY
MBaAFJFDxfSMd6ecmF9eU2Lggq1U4jBjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VQRjlJeDNwNXlZWDE1VFl1Q0NyVlRpTUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lYmM4MDQtZTNjNi00MGU2LWJmYmUt
YmRmMzY0YmE3N2NkLzEva1VQRjlJeDNwNXlZWDE1VFl1Q0NyVlRpTUdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lYmM4MDQtZTNjNi00MGU2LWJmYmUtYmRmMzY0YmE3N2Nk
LzEva1VQRjlJeDNwNXlZWDE1VFl1Q0NyVlRpTUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGZ4/VsMI
XPXUkZd8XO5cxcqgXOygf8OXTEHD6szXE74ydGY7Psg0m/Scg1Uh/fYq8uUiOhXA
hfuJK2qHm5+tFolhuPNeNQrqFoZdagorZpmYNhrbtdDq5T/voxIsu2NcuuPK1JZb
wSRsQLIdN4+e6GFklRTB4BVb+o/BzAH7cPOA9Qg0l42VFKAatXTloq6gJHwY2FJn
iZxdvZHdGsv73sENLUOA4v7dXXieaXpZcF4A9BGXvANk+p12dp8TMQ8g+oc/8AbF
Zz21x11uUk9F3s+IabfvFJOrmiT2g/yRuE3mRSB8IL321DjhaSFPFnsAS/+c+ypG
bzIY84KPnBh/EQ==
-----END CERTIFICATE-----