Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
File:                     uFK2pNRayK4a7VTG9ayO1v88Hdc.mft (raw, json)
Hash identifier:          xDehxRap5IlrcM9e8ckPbmwhYqxRFmnw5XUZhgcV2xg=
Subject key identifier:   DF:74:A1:D3:2C:20:19:93:F3:A2:9C:5F:22:9E:2E:B1:79:7D:A5:D1
Authority key identifier: B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7
Certificate issuer:       /CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
Certificate serial:       0197469ECD3C34A0D49A3848DE5095000D9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
Manifest number:          0B0F
Signing time:             Fri 06 Jun 2025 19:01:41 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:41 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:41 +0000
Files and hashes:         1: uFK2pNRayK4a7VTG9ayO1v88Hdc.crl (hash: fI5MOan+aKxFD3NPIOS4Daco/yk5mVG0LqjGVo+nQcQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:cd:3c:34:a0:d4:9a:38:48:de:50:95:00:0d:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
        Validity
            Not Before: Jun  6 19:01:41 2025 GMT
            Not After : Jun  7 19:01:41 2025 GMT
        Subject: CN=df74a1d32c201993f3a29c5f229e2eb1797da5d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:4d:85:83:3c:04:2e:b2:5d:f5:f2:7e:79:d6:
                    22:8e:f2:80:2e:43:2a:e7:81:be:12:37:30:c4:56:
                    10:a6:73:59:0a:a3:e9:24:ca:93:68:26:91:d1:69:
                    29:bb:6a:4b:66:48:d6:53:88:85:4a:31:68:b8:9c:
                    3f:98:d4:19:71:f7:f2:72:5c:51:e7:a7:f3:6d:01:
                    25:f1:ea:4f:dc:b9:1d:74:8f:ae:61:19:e3:7a:bc:
                    da:e6:b6:18:19:3f:d5:f5:36:11:45:65:43:db:15:
                    68:57:40:db:1f:49:08:90:48:df:8c:3c:4f:41:9f:
                    77:0d:3f:1d:16:47:dd:5e:9d:21:59:61:87:9b:70:
                    dc:66:54:64:fe:31:e8:ad:f1:c6:e5:9f:75:29:52:
                    df:46:09:c9:2e:51:b9:23:41:66:66:e6:03:e2:68:
                    bb:3d:ce:eb:cd:e7:fc:1a:58:5c:85:8d:9b:89:b8:
                    df:b9:a6:23:c4:15:91:f8:ef:79:91:76:73:c2:78:
                    c6:6e:cb:e5:55:3a:7b:94:70:e6:3b:18:fc:8d:16:
                    38:33:25:5c:71:b7:2c:63:2f:8c:00:ed:a8:27:a5:
                    9c:38:73:c8:57:15:7a:99:65:83:9d:96:d1:a0:b4:
                    11:4a:c7:b4:7a:25:a4:45:7d:2c:bb:05:b3:4f:b4:
                    92:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:74:A1:D3:2C:20:19:93:F3:A2:9C:5F:22:9E:2E:B1:79:7D:A5:D1
            X509v3 Authority Key Identifier:
                keyid:B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:67:4c:1d:fe:b9:66:46:67:68:f5:73:59:53:db:e0:c6:0c:
         49:5a:67:5c:01:81:4d:47:a3:5a:85:40:13:64:61:ee:b9:84:
         98:24:97:07:b6:08:3d:3a:02:f2:a7:d1:50:c9:c8:d1:66:9c:
         7c:46:01:fe:66:62:25:46:99:21:ce:32:42:ef:09:80:73:52:
         3a:c1:55:ca:87:19:59:a1:43:1b:df:f5:fb:03:5c:ae:f2:52:
         e1:05:a4:9e:35:09:ef:22:d3:2b:43:27:af:55:8a:a6:f3:82:
         fc:4f:66:ff:0a:74:34:b5:ef:98:d2:80:d7:2a:af:f5:41:c6:
         d3:f5:c0:86:d4:c6:a5:63:e3:bb:70:dd:ba:4e:a0:2f:a2:10:
         7f:92:01:be:89:9c:79:ec:57:2d:9f:b1:38:9b:46:ad:2e:7b:
         27:5c:29:44:5a:84:7a:49:17:80:8e:13:ee:34:d4:eb:19:dc:
         76:40:7a:37:51:55:0d:4c:6f:39:fa:bd:58:e6:f1:7d:66:4a:
         5f:52:5e:83:04:c4:9d:04:b2:0b:79:28:cc:ba:9d:ec:d8:fb:
         7b:18:e8:31:b7:fd:82:73:36:48:a6:9c:74:3d:e7:56:2d:91:
         0b:a9:ad:73:ca:f4:4c:59:16:34:b5:4a:81:9d:b1:24:35:d3:
         20:c9:43:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGns08NKDUmjhI3lCVAA2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTJiNmE0ZDQ1YWM4YWUxYWVkNTRjNmY1YWM4ZWQ2ZmYz
YzFkZDcwHhcNMjUwNjA2MTkwMTQxWhcNMjUwNjA3MTkwMTQxWjAzMTEwLwYDVQQD
EyhkZjc0YTFkMzJjMjAxOTkzZjNhMjljNWYyMjllMmViMTc5N2RhNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU2FgzwELrJd9fJ+edYijvKALkMq
54G+EjcwxFYQpnNZCqPpJMqTaCaR0Wkpu2pLZkjWU4iFSjFouJw/mNQZcffyclxR
56fzbQEl8epP3LkddI+uYRnjerza5rYYGT/V9TYRRWVD2xVoV0DbH0kIkEjfjDxP
QZ93DT8dFkfdXp0hWWGHm3DcZlRk/jHorfHG5Z91KVLfRgnJLlG5I0FmZuYD4mi7
Pc7rzef8GlhchY2bibjfuaYjxBWR+O95kXZzwnjGbsvlVTp7lHDmOxj8jRY4MyVc
cbcsYy+MAO2oJ6WcOHPIVxV6mWWDnZbRoLQRSse0eiWkRX0suwWzT7SSBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN90odMsIBmT86KcXyKeLrF5faXRMB8GA1UdIwQY
MBaAFLhStqTUWsiuGu1UxvWsjtb/PB3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYt
M2M0NmNkNTgwNzg5LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYtM2M0NmNkNTgwNzg5
LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKWdMHf65
ZkZnaPVzWVPb4MYMSVpnXAGBTUejWoVAE2Rh7rmEmCSXB7YIPToC8qfRUMnI0Wac
fEYB/mZiJUaZIc4yQu8JgHNSOsFVyocZWaFDG9/1+wNcrvJS4QWknjUJ7yLTK0Mn
r1WKpvOC/E9m/wp0NLXvmNKA1yqv9UHG0/XAhtTGpWPju3Dduk6gL6IQf5IBvomc
eexXLZ+xOJtGrS57J1wpRFqEekkXgI4T7jTU6xncdkB6N1FVDUxvOfq9WObxfWZK
X1JegwTEnQSyC3kozLqd7Nj7exjoMbf9gnM2SKacdD3nVi2RC6mtc8r0TFkWNLVK
gZ2xJDXTIMlDIw==
-----END CERTIFICATE-----