Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/a441c6-aaa8-4250-a7ec-a4a28bfa488e/1/AGXxbaYGeD8wH3CKXmtP1f_UMug.mft
File:                     AGXxbaYGeD8wH3CKXmtP1f_UMug.mft (raw, json)
Hash identifier:          hz+xiO7OLPYSsrPFd0sfP+mhOXPo39Tcbb1Kmufn07I=
Subject key identifier:   FC:75:CD:22:FF:EC:D1:FB:50:05:93:EF:D6:9A:04:75:CF:DA:DF:23
Authority key identifier: 00:65:F1:6D:A6:06:78:3F:30:1F:70:8A:5E:6B:4F:D5:FF:D4:32:E8
Certificate issuer:       /CN=0065f16da606783f301f708a5e6b4fd5ffd432e8
Certificate serial:       019647B38953E58FD6C85BBA64B41A52EAEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AGXxbaYGeD8wH3CKXmtP1f_UMug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/a441c6-aaa8-4250-a7ec-a4a28bfa488e/1/AGXxbaYGeD8wH3CKXmtP1f_UMug.mft
Manifest number:          0993
Signing time:             Fri 18 Apr 2025 07:01:10 +0000
Manifest this update:     Fri 18 Apr 2025 07:01:10 +0000
Manifest next update:     Sat 19 Apr 2025 07:01:10 +0000
Files and hashes:         1: AGXxbaYGeD8wH3CKXmtP1f_UMug.crl (hash: IsurGLk/1AxFl5+CIVJZ4NokVyeFR7PAuleMU3jhGpo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/a441c6-aaa8-4250-a7ec-a4a28bfa488e/1/AGXxbaYGeD8wH3CKXmtP1f_UMug.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/a441c6-aaa8-4250-a7ec-a4a28bfa488e/1/AGXxbaYGeD8wH3CKXmtP1f_UMug.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AGXxbaYGeD8wH3CKXmtP1f_UMug.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:47:b3:89:53:e5:8f:d6:c8:5b:ba:64:b4:1a:52:ea:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0065f16da606783f301f708a5e6b4fd5ffd432e8
        Validity
            Not Before: Apr 18 07:01:10 2025 GMT
            Not After : Apr 19 07:01:10 2025 GMT
        Subject: CN=fc75cd22ffecd1fb500593efd69a0475cfdadf23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:a0:74:cf:3d:f5:0a:3f:f2:84:03:33:5d:4b:
                    7d:cb:0a:be:f1:79:b6:e9:1d:01:76:db:eb:c7:7e:
                    dc:60:04:e8:78:bb:e4:cf:c3:46:47:1e:a6:d5:55:
                    8f:ae:c1:a7:25:5c:04:18:08:f1:65:43:f2:e0:8e:
                    de:8c:6e:fb:54:65:45:17:39:2d:96:4e:0a:ac:2c:
                    67:a2:f8:4a:53:ab:53:5d:7f:5c:ea:b8:c9:e4:1c:
                    94:08:51:6b:f2:a7:f4:9a:bf:5a:11:9c:9e:8b:4f:
                    09:02:c4:e2:cf:59:80:db:80:54:c3:65:26:b3:35:
                    2a:4f:c5:43:3b:30:33:b4:8e:01:9b:5d:46:45:82:
                    bf:5c:9d:23:f1:a9:dd:1f:27:c0:bd:f3:71:dd:50:
                    86:4b:e3:31:d6:f7:15:9e:08:ff:30:62:e2:ab:61:
                    6c:47:8b:05:11:9f:76:83:78:1e:0c:3a:8f:03:e2:
                    1e:06:77:60:c2:64:d1:73:f4:77:3e:d2:8a:6c:36:
                    cd:1f:08:c2:26:22:71:2e:67:86:97:95:0d:99:08:
                    11:8d:92:57:e5:f1:78:1c:1b:9d:5d:d7:e2:92:ad:
                    c7:76:bf:19:78:ba:a3:92:a0:61:c5:23:b7:9b:05:
                    b5:22:80:06:d5:7c:8c:d4:68:af:1d:bb:24:d8:66:
                    18:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:75:CD:22:FF:EC:D1:FB:50:05:93:EF:D6:9A:04:75:CF:DA:DF:23
            X509v3 Authority Key Identifier:
                keyid:00:65:F1:6D:A6:06:78:3F:30:1F:70:8A:5E:6B:4F:D5:FF:D4:32:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGXxbaYGeD8wH3CKXmtP1f_UMug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/a441c6-aaa8-4250-a7ec-a4a28bfa488e/1/AGXxbaYGeD8wH3CKXmtP1f_UMug.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/a441c6-aaa8-4250-a7ec-a4a28bfa488e/1/AGXxbaYGeD8wH3CKXmtP1f_UMug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:0c:24:37:d6:cd:96:32:bf:12:eb:50:bd:38:a1:f9:bb:bb:
         85:08:26:fd:9b:af:86:2d:8a:b3:72:97:6f:a5:77:12:c5:bb:
         27:45:53:4e:62:fe:4e:c3:6c:d0:3d:b3:b5:f9:03:bf:ed:f3:
         6e:4e:dc:07:49:ed:aa:3e:c3:78:30:48:cc:5b:08:c0:a5:8b:
         79:2f:2c:7f:ee:1d:4a:29:78:7c:02:a3:72:7d:e7:1c:f1:88:
         9a:f3:a8:27:e7:34:1a:22:dd:4d:02:8f:d6:49:87:db:2d:7f:
         27:e9:c2:69:c3:79:19:72:3f:72:a9:63:cd:26:e4:56:f2:db:
         0f:4e:3b:5c:74:ea:b8:cc:40:d0:dc:7b:7d:41:91:8a:05:3d:
         a0:2a:de:e1:71:1d:bd:22:d1:02:6d:37:6f:7e:34:a3:3a:40:
         d8:cd:5c:c1:b1:f0:c6:4f:26:46:ad:6e:02:15:e6:1d:91:eb:
         5f:a2:aa:58:a1:f0:49:49:06:f2:35:48:12:7c:99:62:0a:b0:
         a1:ab:51:19:8f:89:06:c9:6d:ec:bc:9b:b3:10:83:1e:75:28:
         ca:fd:0a:f9:b7:d8:7b:2a:b4:40:67:29:d7:79:3d:e4:36:2d:
         f4:7f:2c:69:64:28:d7:d5:49:74:fc:92:6f:ea:c9:98:a5:d0:
         a3:81:c7:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZHs4lT5Y/WyFu6ZLQaUurqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNjVmMTZkYTYwNjc4M2YzMDFmNzA4YTVlNmI0ZmQ1ZmZk
NDMyZTgwHhcNMjUwNDE4MDcwMTEwWhcNMjUwNDE5MDcwMTEwWjAzMTEwLwYDVQQD
EyhmYzc1Y2QyMmZmZWNkMWZiNTAwNTkzZWZkNjlhMDQ3NWNmZGFkZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6aB0zz31Cj/yhAMzXUt9ywq+8Xm2
6R0Bdtvrx37cYAToeLvkz8NGRx6m1VWPrsGnJVwEGAjxZUPy4I7ejG77VGVFFzkt
lk4KrCxnovhKU6tTXX9c6rjJ5ByUCFFr8qf0mr9aEZyei08JAsTiz1mA24BUw2Um
szUqT8VDOzAztI4Bm11GRYK/XJ0j8andHyfAvfNx3VCGS+Mx1vcVngj/MGLiq2Fs
R4sFEZ92g3geDDqPA+IeBndgwmTRc/R3PtKKbDbNHwjCJiJxLmeGl5UNmQgRjZJX
5fF4HBudXdfikq3Hdr8ZeLqjkqBhxSO3mwW1IoAG1XyM1GivHbsk2GYYowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPx1zSL/7NH7UAWT79aaBHXP2t8jMB8GA1UdIwQY
MBaAFABl8W2mBng/MB9wil5rT9X/1DLoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdYeGJhWUdlRDh3SDNDS1htdFAxZl9VTXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9hNDQxYzYtYWFhOC00MjUwLWE3ZWMt
YTRhMjhiZmE0ODhlLzEvQUdYeGJhWUdlRDh3SDNDS1htdFAxZl9VTXVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9hNDQxYzYtYWFhOC00MjUwLWE3ZWMtYTRhMjhiZmE0ODhl
LzEvQUdYeGJhWUdlRDh3SDNDS1htdFAxZl9VTXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArQwkN9bN
ljK/EutQvTih+bu7hQgm/Zuvhi2Ks3KXb6V3EsW7J0VTTmL+TsNs0D2ztfkDv+3z
bk7cB0ntqj7DeDBIzFsIwKWLeS8sf+4dSil4fAKjcn3nHPGImvOoJ+c0GiLdTQKP
1kmH2y1/J+nCacN5GXI/cqljzSbkVvLbD047XHTquMxA0Nx7fUGRigU9oCre4XEd
vSLRAm03b340ozpA2M1cwbHwxk8mRq1uAhXmHZHrX6KqWKHwSUkG8jVIEnyZYgqw
oatRGY+JBslt7LybsxCDHnUoyv0K+bfYeyq0QGcp13k95DYt9H8saWQo19VJdPyS
b+rJmKXQo4HH1g==
-----END CERTIFICATE-----