Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
File:                     UoUm3npC8eCAkWhA7r85A4uJPRY.mft (raw, json)
Hash identifier:          KiDvAxVShCT2ad6FMmtHJHoNQPhkYpbA0wpyFN3foA0=
Subject key identifier:   19:73:C1:13:DE:44:94:CF:FC:EE:71:FB:70:DC:E0:14:AD:05:1C:39
Authority key identifier: 52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16
Certificate issuer:       /CN=528526de7a42f1e080916840eebf39038b893d16
Certificate serial:       0197488C61CA3B2E20356CA3D288E02F9D78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
Manifest number:          0901
Signing time:             Sat 07 Jun 2025 04:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:48 +0000
Files and hashes:         1: UoUm3npC8eCAkWhA7r85A4uJPRY.crl (hash: 0cPRxq3Ru/Li2djHjm4WwIYic74AT6LrNsgqMJ5eGf4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:61:ca:3b:2e:20:35:6c:a3:d2:88:e0:2f:9d:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=528526de7a42f1e080916840eebf39038b893d16
        Validity
            Not Before: Jun  7 04:00:48 2025 GMT
            Not After : Jun  8 04:00:48 2025 GMT
        Subject: CN=1973c113de4494cffcee71fb70dce014ad051c39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:89:64:0c:6a:cd:5e:ec:e6:14:20:83:2d:49:
                    17:c3:5e:82:5a:9d:50:c1:e5:4f:d0:48:db:85:b7:
                    93:ea:b2:e7:e7:3a:d6:2d:6b:b1:a2:d1:a9:f0:c9:
                    70:ce:6d:32:ea:04:33:b0:b7:96:50:00:03:17:3f:
                    8d:da:ce:b2:0d:e4:3b:e9:41:be:8a:26:da:7c:4e:
                    67:8b:70:bb:ad:88:26:75:92:af:7b:de:49:2e:de:
                    01:4f:c9:f5:62:37:93:f4:c5:fd:98:70:94:72:22:
                    a2:b1:b9:06:9c:a4:39:da:31:dc:62:35:89:1b:fa:
                    42:68:1e:39:c3:cb:c1:69:16:bc:7c:fa:51:33:be:
                    98:80:8f:9c:bb:55:e2:15:29:38:d2:34:26:2d:35:
                    ae:8b:2f:16:2e:73:44:44:81:98:3b:d2:1d:fd:1c:
                    57:da:20:aa:42:d3:3a:e4:9c:c2:62:34:5c:a2:50:
                    85:c2:e7:e7:08:a4:1b:59:50:cc:11:54:fe:19:13:
                    2e:6d:f4:ae:1f:45:b0:2a:98:7c:d9:18:2b:6c:df:
                    18:67:dc:ec:ed:e3:f1:93:cc:37:4b:19:97:9d:18:
                    e3:e4:a3:14:30:aa:0b:0b:79:11:2e:7f:92:32:a5:
                    ce:f3:68:c9:e0:fa:35:8a:9f:92:9b:39:96:7f:6a:
                    2c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:73:C1:13:DE:44:94:CF:FC:EE:71:FB:70:DC:E0:14:AD:05:1C:39
            X509v3 Authority Key Identifier:
                keyid:52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:36:97:ea:07:70:e4:2c:8d:9a:bd:e5:d1:d1:06:60:e1:87:
         29:a3:12:b5:51:c0:d9:39:1c:96:81:8d:5b:61:19:e4:27:f7:
         86:ff:8d:66:2a:6e:08:87:a8:80:90:93:b9:40:48:10:a5:4a:
         ae:e1:52:df:90:9f:aa:6d:a5:93:9e:ac:f4:19:12:43:22:83:
         12:30:37:32:7d:f1:a3:db:de:d2:fc:61:08:af:7f:13:07:ac:
         73:9d:76:09:b6:4e:24:b8:22:93:bd:81:8e:d3:cd:91:b2:31:
         e8:a6:8f:9c:79:a8:03:fb:3a:e2:24:18:6d:46:6e:e5:0a:5e:
         c4:0a:08:13:1a:0b:4c:a0:a7:99:5d:4e:4f:a6:49:58:43:84:
         ef:da:14:8f:2a:57:47:ac:1a:ff:6c:b2:3d:26:22:16:53:64:
         f8:8e:f8:67:38:51:7d:0d:3b:bf:c0:f2:e3:ba:84:37:af:1e:
         0c:58:a2:52:97:03:83:7c:cd:71:e9:39:30:be:49:2f:c3:8c:
         d8:70:79:56:60:13:47:20:89:0f:78:75:c5:d9:1c:9b:e2:1c:
         20:73:0c:38:39:f6:e0:8c:cd:8c:fe:c9:aa:53:46:d0:29:7c:
         8c:0d:8b:8c:47:08:ad:46:e9:a1:ae:86:13:08:ba:a2:71:5b:
         47:a2:52:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjGHKOy4gNWyj0ojgL514MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODUyNmRlN2E0MmYxZTA4MDkxNjg0MGVlYmYzOTAzOGI4
OTNkMTYwHhcNMjUwNjA3MDQwMDQ4WhcNMjUwNjA4MDQwMDQ4WjAzMTEwLwYDVQQD
EygxOTczYzExM2RlNDQ5NGNmZmNlZTcxZmI3MGRjZTAxNGFkMDUxYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuolkDGrNXuzmFCCDLUkXw16CWp1Q
weVP0EjbhbeT6rLn5zrWLWuxotGp8Mlwzm0y6gQzsLeWUAADFz+N2s6yDeQ76UG+
iibafE5ni3C7rYgmdZKve95JLt4BT8n1YjeT9MX9mHCUciKisbkGnKQ52jHcYjWJ
G/pCaB45w8vBaRa8fPpRM76YgI+cu1XiFSk40jQmLTWuiy8WLnNERIGYO9Id/RxX
2iCqQtM65JzCYjRcolCFwufnCKQbWVDMEVT+GRMubfSuH0WwKph82RgrbN8YZ9zs
7ePxk8w3SxmXnRjj5KMUMKoLC3kRLn+SMqXO82jJ4Po1ip+SmzmWf2osRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBlzwRPeRJTP/O5x+3Dc4BStBRw5MB8GA1UdIwQY
MBaAFFKFJt56QvHggJFoQO6/OQOLiT0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85NmE5MjgtODE5Yy00NzZjLWJhZTEt
NTBjOWY1YjNjM2U0LzEvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85NmE5MjgtODE5Yy00NzZjLWJhZTEtNTBjOWY1YjNjM2U0
LzEvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbDaX6gdw
5CyNmr3l0dEGYOGHKaMStVHA2TkcloGNW2EZ5Cf3hv+NZipuCIeogJCTuUBIEKVK
ruFS35Cfqm2lk56s9BkSQyKDEjA3Mn3xo9ve0vxhCK9/Ewesc512CbZOJLgik72B
jtPNkbIx6KaPnHmoA/s64iQYbUZu5QpexAoIExoLTKCnmV1OT6ZJWEOE79oUjypX
R6wa/2yyPSYiFlNk+I74ZzhRfQ07v8Dy47qEN68eDFiiUpcDg3zNcek5ML5JL8OM
2HB5VmATRyCJD3h1xdkcm+IcIHMMODn24IzNjP7JqlNG0Cl8jA2LjEcIrUbpoa6G
Ewi6onFbR6JSng==
-----END CERTIFICATE-----