Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
File:                     uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft (raw, json)
Hash identifier:          /y3xrq64vj1qWQOZZffvbWx8l41MyfMeu4OsDbkXiW0=
Subject key identifier:   25:F2:45:71:70:F2:E0:B9:9C:9A:A1:5A:18:6D:43:5F:02:01:7A:01
Authority key identifier: B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA
Certificate issuer:       /CN=b88177a9a3469db3acf10a98f6c03931e35515fa
Certificate serial:       01965981F6CCA9059C50CEC00F8B5CC1FAB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
Manifest number:          0499
Signing time:             Mon 21 Apr 2025 18:00:11 +0000
Manifest this update:     Mon 21 Apr 2025 18:00:11 +0000
Manifest next update:     Tue 22 Apr 2025 18:00:11 +0000
Files and hashes:         1: uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl (hash: NeLrlgycjwQHyYzGKtAQ/4IQ94p3mMsYOaMAq6oc/ZY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 18:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:81:f6:cc:a9:05:9c:50:ce:c0:0f:8b:5c:c1:fa:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88177a9a3469db3acf10a98f6c03931e35515fa
        Validity
            Not Before: Apr 21 18:00:11 2025 GMT
            Not After : Apr 22 18:00:11 2025 GMT
        Subject: CN=25f2457170f2e0b99c9aa15a186d435f02017a01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:30:3a:6e:ce:06:b5:bc:4c:7d:39:8f:f0:ff:
                    e0:ec:d5:43:5d:63:3b:16:03:83:17:e7:82:6a:70:
                    99:ba:21:bd:4b:cb:74:50:76:8a:93:22:1f:04:e1:
                    e7:ba:f6:a6:6c:71:ca:45:e8:05:1f:ba:cb:77:f7:
                    07:02:b2:f4:d0:5a:28:05:f0:87:f0:82:b0:68:2d:
                    13:1f:32:6f:8a:be:16:5b:f1:03:80:f4:61:a0:94:
                    dc:34:ed:ca:3a:d2:58:1d:e6:ce:a9:1d:b1:b7:7c:
                    88:39:40:4f:4f:6c:a6:9e:41:28:4a:b0:af:ed:4f:
                    5a:05:94:98:8f:f8:8c:ce:0e:10:08:43:5a:f6:be:
                    87:48:b1:e6:f0:b2:49:a8:74:b3:a6:d8:87:65:14:
                    f8:63:5e:65:71:9d:83:a9:7b:9b:13:0f:6c:9e:ef:
                    aa:96:c4:bf:31:17:6c:12:11:c4:dd:16:22:91:cd:
                    3e:8f:c3:b8:82:37:7b:b3:64:d3:80:61:e1:44:fd:
                    d3:fb:6f:f9:69:e0:47:c5:73:a7:7e:ba:30:93:a9:
                    d1:f1:6f:76:62:47:b5:f9:90:c4:b6:cd:41:af:3a:
                    b5:bc:48:8a:2c:f3:47:d4:2f:e6:08:9c:bf:4f:27:
                    ca:d5:39:6e:fd:23:64:62:69:27:39:fa:05:ff:d1:
                    4b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:F2:45:71:70:F2:E0:B9:9C:9A:A1:5A:18:6D:43:5F:02:01:7A:01
            X509v3 Authority Key Identifier:
                keyid:B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:12:d4:b0:bb:08:b5:c1:05:43:b1:3f:04:43:14:e8:34:ea:
         15:db:7e:ae:b1:68:a8:6e:87:9a:80:04:a4:06:51:45:2c:5f:
         1a:42:6b:bb:df:94:03:a9:b5:00:90:a8:84:b0:00:6e:d5:b2:
         ec:d5:99:3a:52:0b:e9:ef:1e:3c:2b:2d:87:57:e3:8e:b8:3b:
         91:e9:a3:eb:79:c7:d5:1c:4e:71:f6:13:3b:8d:4d:a1:c8:e6:
         e3:8e:b5:1d:ea:34:a7:7e:06:45:0b:23:8e:08:2e:54:6f:8e:
         16:12:32:d5:6c:11:3a:4a:0b:9e:97:22:27:e8:95:c0:8d:0e:
         88:eb:ce:97:29:e5:a1:74:95:6d:fa:f1:1a:ff:23:84:31:51:
         bc:47:93:59:c1:3a:ea:c9:9f:79:64:56:73:6e:2b:9c:ed:f5:
         e1:eb:80:ba:93:ef:5b:cc:62:13:c5:1b:af:22:f8:a5:38:f9:
         a7:32:0d:2a:73:f0:fc:fa:ce:be:54:c3:67:06:2f:c9:43:62:
         bd:1a:98:f0:1a:fb:9e:ff:77:2f:43:47:e2:5f:a4:23:09:6b:
         7f:69:f0:59:48:ae:e5:05:1a:16:7d:cb:41:cf:69:02:6c:b8:
         90:6d:ab:12:06:62:00:a1:fa:f8:6d:f7:5e:f4:14:41:50:cb:
         74:d0:ba:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZgfbMqQWcUM7AD4tcwfqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ODE3N2E5YTM0NjlkYjNhY2YxMGE5OGY2YzAzOTMxZTM1
NTE1ZmEwHhcNMjUwNDIxMTgwMDExWhcNMjUwNDIyMTgwMDExWjAzMTEwLwYDVQQD
EygyNWYyNDU3MTcwZjJlMGI5OWM5YWExNWExODZkNDM1ZjAyMDE3YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszA6bs4GtbxMfTmP8P/g7NVDXWM7
FgODF+eCanCZuiG9S8t0UHaKkyIfBOHnuvambHHKRegFH7rLd/cHArL00FooBfCH
8IKwaC0THzJvir4WW/EDgPRhoJTcNO3KOtJYHebOqR2xt3yIOUBPT2ymnkEoSrCv
7U9aBZSYj/iMzg4QCENa9r6HSLHm8LJJqHSzptiHZRT4Y15lcZ2DqXubEw9snu+q
lsS/MRdsEhHE3RYikc0+j8O4gjd7s2TTgGHhRP3T+2/5aeBHxXOnfrowk6nR8W92
Yke1+ZDEts1Brzq1vEiKLPNH1C/mCJy/TyfK1Tlu/SNkYmknOfoF/9FLGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXyRXFw8uC5nJqhWhhtQ18CAXoBMB8GA1UdIwQY
MBaAFLiBd6mjRp2zrPEKmPbAOTHjVRX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTct
ZWIwODg1YjkwMDNlLzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTctZWIwODg1YjkwMDNl
LzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApBLUsLsI
tcEFQ7E/BEMU6DTqFdt+rrFoqG6HmoAEpAZRRSxfGkJru9+UA6m1AJCohLAAbtWy
7NWZOlIL6e8ePCsth1fjjrg7kemj63nH1RxOcfYTO41Nocjm4461Heo0p34GRQsj
jgguVG+OFhIy1WwROkoLnpciJ+iVwI0OiOvOlynloXSVbfrxGv8jhDFRvEeTWcE6
6smfeWRWc24rnO314euAupPvW8xiE8UbryL4pTj5pzINKnPw/PrOvlTDZwYvyUNi
vRqY8Br7nv93L0NH4l+kIwlrf2nwWUiu5QUaFn3LQc9pAmy4kG2rEgZiAKH6+G33
XvQUQVDLdNC64A==
-----END CERTIFICATE-----