Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
File:                     UNlf0yarPwj3bczGVrs-Hia03Fc.mft (raw, json)
Hash identifier:          RcPYG7y9qXbLKfx+bpW4xzCvCOvziQgIGTI5qFwe2M0=
Subject key identifier:   A5:C0:C7:BE:95:42:C8:1F:5B:CC:A4:92:66:52:FB:33:7D:1C:4E:4D
Authority key identifier: 50:D9:5F:D3:26:AB:3F:08:F7:6D:CC:C6:56:BB:3E:1E:26:B4:DC:57
Certificate issuer:       /CN=50d95fd326ab3f08f76dccc656bb3e1e26b4dc57
Certificate serial:       01974CD742D51EBC3FA95AEA6CDD72B24429
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
Manifest number:          0125
Signing time:             Sun 08 Jun 2025 00:01:05 +0000
Manifest this update:     Sun 08 Jun 2025 00:01:05 +0000
Manifest next update:     Mon 09 Jun 2025 00:01:05 +0000
Files and hashes:         1: UNlf0yarPwj3bczGVrs-Hia03Fc.crl (hash: Vi5gqn3hEjbZ3TI/X7Tn5jdkWjZuPO6A9ZPqCG7h+xI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d7:42:d5:1e:bc:3f:a9:5a:ea:6c:dd:72:b2:44:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50d95fd326ab3f08f76dccc656bb3e1e26b4dc57
        Validity
            Not Before: Jun  8 00:01:05 2025 GMT
            Not After : Jun  9 00:01:05 2025 GMT
        Subject: CN=a5c0c7be9542c81f5bcca4926652fb337d1c4e4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:f8:42:22:73:7a:a5:5f:ad:a6:e9:9a:39:ec:
                    0f:f9:47:48:bf:57:74:89:4a:3f:7d:0d:ad:8b:03:
                    f6:d6:95:99:e1:2f:b6:e3:4f:09:02:e9:72:a3:b9:
                    bf:49:c8:f6:02:95:5c:f1:66:d6:7a:ab:f1:dd:58:
                    71:37:2d:63:57:98:c3:32:05:f8:d6:e2:5d:b2:3d:
                    7e:74:64:0a:26:c5:63:d6:e9:09:65:9c:83:81:42:
                    ae:34:e7:f1:4e:06:c9:2c:1f:15:58:ef:ff:f7:8f:
                    4c:cc:63:72:ff:ec:d4:1b:bb:dd:a0:04:34:b6:ce:
                    3f:b0:5d:52:50:ec:22:97:82:34:b1:a2:c1:21:e3:
                    30:fb:fa:69:25:60:cb:e2:9d:32:83:da:85:ca:75:
                    1d:ba:a4:20:d5:02:86:d5:8a:c1:56:dd:56:9d:4f:
                    ad:e3:78:ec:ce:72:11:e9:a4:7b:58:db:fc:53:1c:
                    f6:49:36:67:fe:5f:23:20:11:90:15:7f:01:6c:e3:
                    c2:d8:13:96:90:8e:46:e4:09:51:76:32:6f:ab:d6:
                    92:43:13:dc:43:98:2f:5f:2a:c4:13:06:27:76:75:
                    9b:f0:08:55:0c:f9:7f:0e:1b:1d:c4:ba:57:81:18:
                    83:d5:f1:b3:54:ca:ff:df:69:4f:1a:1d:68:b5:79:
                    2d:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:C0:C7:BE:95:42:C8:1F:5B:CC:A4:92:66:52:FB:33:7D:1C:4E:4D
            X509v3 Authority Key Identifier:
                keyid:50:D9:5F:D3:26:AB:3F:08:F7:6D:CC:C6:56:BB:3E:1E:26:B4:DC:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:14:cb:45:f5:f2:49:cf:ac:eb:dc:de:ff:11:e6:b6:9c:49:
         de:03:bc:fc:97:d6:6c:9b:1f:c6:fa:8b:d3:42:c1:b6:4d:a5:
         e2:0c:81:1e:82:11:7f:98:39:47:2c:c1:f1:61:2f:37:44:2b:
         97:0e:06:01:70:a0:6d:83:71:0e:bf:66:64:1a:a5:4f:11:a9:
         86:4d:9d:eb:eb:94:63:2b:1e:5c:6a:38:75:6e:0e:b9:cd:69:
         a3:f1:77:cf:6d:28:fc:55:45:65:80:20:9d:9e:30:d6:fa:cc:
         fd:dd:5b:16:e2:67:a9:f2:26:4d:2c:93:ed:58:2e:9e:91:47:
         7e:32:bb:c5:3c:9c:b9:0a:d7:14:09:32:e6:4a:65:40:5c:0f:
         49:96:14:30:fc:9c:40:3c:44:fc:14:4d:e0:c8:0a:50:a4:76:
         c1:c0:89:b3:85:d4:f3:90:4b:a2:5e:cf:fe:d2:9a:2f:2b:49:
         14:35:ab:83:07:8c:65:45:ec:3c:ad:cc:2e:c8:3b:1e:ba:ee:
         37:4d:84:8d:fc:8f:ae:cc:12:0a:ac:a6:c8:9c:4a:7f:39:90:
         20:a1:d4:0a:8e:33:04:bc:4e:8d:b5:30:07:6e:0f:a5:e6:1a:
         63:93:4b:eb:87:b3:0d:1f:9b:02:c5:74:b8:44:ad:31:7f:e4:
         4c:3e:4b:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM10LVHrw/qVrqbN1yskQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDk1ZmQzMjZhYjNmMDhmNzZkY2NjNjU2YmIzZTFlMjZi
NGRjNTcwHhcNMjUwNjA4MDAwMTA1WhcNMjUwNjA5MDAwMTA1WjAzMTEwLwYDVQQD
EyhhNWMwYzdiZTk1NDJjODFmNWJjY2E0OTI2NjUyZmIzMzdkMWM0ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/hCInN6pV+tpumaOewP+UdIv1d0
iUo/fQ2tiwP21pWZ4S+2408JAulyo7m/Scj2ApVc8WbWeqvx3VhxNy1jV5jDMgX4
1uJdsj1+dGQKJsVj1ukJZZyDgUKuNOfxTgbJLB8VWO//949MzGNy/+zUG7vdoAQ0
ts4/sF1SUOwil4I0saLBIeMw+/ppJWDL4p0yg9qFynUduqQg1QKG1YrBVt1WnU+t
43jsznIR6aR7WNv8Uxz2STZn/l8jIBGQFX8BbOPC2BOWkI5G5AlRdjJvq9aSQxPc
Q5gvXyrEEwYndnWb8AhVDPl/DhsdxLpXgRiD1fGzVMr/32lPGh1otXktDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXAx76VQsgfW8ykkmZS+zN9HE5NMB8GA1UdIwQY
MBaAFFDZX9Mmqz8I923Mxla7Ph4mtNxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lNmNjYzctZDFlNS00ZjA3LThkYWIt
NTA2YTQ5MzRjYWQ1LzEvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lNmNjYzctZDFlNS00ZjA3LThkYWItNTA2YTQ5MzRjYWQ1
LzEvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApxTLRfXy
Sc+s69ze/xHmtpxJ3gO8/JfWbJsfxvqL00LBtk2l4gyBHoIRf5g5RyzB8WEvN0Qr
lw4GAXCgbYNxDr9mZBqlTxGphk2d6+uUYyseXGo4dW4Ouc1po/F3z20o/FVFZYAg
nZ4w1vrM/d1bFuJnqfImTSyT7VgunpFHfjK7xTycuQrXFAky5kplQFwPSZYUMPyc
QDxE/BRN4MgKUKR2wcCJs4XU85BLol7P/tKaLytJFDWrgweMZUXsPK3MLsg7Hrru
N02EjfyPrswSCqymyJxKfzmQIKHUCo4zBLxOjbUwB24PpeYaY5NL64ezDR+bAsV0
uEStMX/kTD5Lnw==
-----END CERTIFICATE-----