Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
File:                     uFK2pNRayK4a7VTG9ayO1v88Hdc.mft (raw, json)
Hash identifier:          iwLXXC55j6H7SGSH2s0G72+ZeidjUSdQUEp2dZUxXTA=
Subject key identifier:   9C:01:4E:2A:DF:03:D4:EE:F0:37:DB:59:40:C6:F4:AB:C8:3E:A6:4B
Authority key identifier: B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7
Certificate issuer:       /CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
Certificate serial:       019510C6BA74AD5D58A350CA29F742EC6686
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
Manifest number:          09EA
Signing time:             Sun 16 Feb 2025 22:00:14 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:14 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:14 +0000
Files and hashes:         1: uFK2pNRayK4a7VTG9ayO1v88Hdc.crl (hash: FcEXHLynkNUxmQYxKTaaPiHmmB+aWS/VIsU5dNqv63M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:ba:74:ad:5d:58:a3:50:ca:29:f7:42:ec:66:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
        Validity
            Not Before: Feb 16 22:00:14 2025 GMT
            Not After : Feb 17 22:00:14 2025 GMT
        Subject: CN=9c014e2adf03d4eef037db5940c6f4abc83ea64b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:af:9c:af:f7:73:14:88:98:9d:bb:37:c5:84:
                    06:20:94:bf:47:c3:8c:d0:b1:4e:20:c2:51:1f:a3:
                    ab:ff:28:29:d0:ea:c0:ce:ac:c4:0c:03:ae:bb:31:
                    71:33:17:62:34:fa:a8:bc:d9:ff:a6:a4:44:8a:3a:
                    f3:30:67:29:95:ec:eb:25:4f:1b:f7:3b:ec:48:4b:
                    ec:65:0d:97:e6:c7:bc:f4:cc:ec:08:db:fd:bc:0b:
                    af:e0:d5:68:1d:b6:65:3e:45:f0:ac:2d:36:db:33:
                    ba:23:79:0e:72:a1:c3:f1:eb:ef:21:0b:5b:81:fb:
                    7d:13:8d:fd:ff:3f:dd:fc:7c:50:99:f6:f8:69:0b:
                    4f:a6:32:0f:ee:3d:38:66:7d:44:e0:ae:58:89:bc:
                    f9:fd:76:50:04:e9:42:aa:9e:d7:63:60:62:72:fb:
                    c4:94:9c:0c:bc:2e:e9:22:83:9f:08:f1:09:00:0e:
                    2d:6e:d0:a7:d0:98:d7:9e:55:6e:95:e7:a3:5b:5d:
                    61:83:73:9d:fd:a7:7a:5b:71:cf:0e:b5:ea:00:9b:
                    5b:fe:1f:b0:8c:60:d8:c6:69:a2:d5:06:5b:70:e7:
                    95:4c:38:52:58:57:3c:f7:6f:d6:45:4d:c1:d0:02:
                    7d:55:1f:3c:c4:21:05:c3:1d:0b:0f:b7:64:23:2b:
                    93:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:01:4E:2A:DF:03:D4:EE:F0:37:DB:59:40:C6:F4:AB:C8:3E:A6:4B
            X509v3 Authority Key Identifier:
                keyid:B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:91:eb:36:54:f9:96:2b:30:c7:40:c6:a8:a5:76:5f:22:d5:
         c7:70:91:04:08:9f:4b:39:ba:c6:b9:32:20:04:62:27:e6:4f:
         a4:4f:05:09:6f:f5:09:5b:31:67:a5:6f:e9:3d:77:64:f6:86:
         07:a5:31:62:69:72:64:51:17:d6:c4:21:f6:a9:0e:0d:74:10:
         f1:33:30:04:38:01:02:d2:bf:87:30:36:c2:87:7a:bf:1d:23:
         d6:98:fb:c0:80:83:3b:c0:c2:45:8a:f8:d3:d8:57:b4:35:df:
         11:c0:fd:42:8c:81:75:91:8c:fe:36:6f:c4:73:a7:4d:38:c6:
         76:cb:3f:f4:cf:4f:4b:0e:2d:4e:db:aa:b3:10:49:22:06:36:
         1a:24:d3:35:9f:8c:ee:7d:75:fa:92:41:c6:36:19:ed:6b:bc:
         6b:1b:34:8e:d3:40:21:cb:1c:00:b4:5f:b1:14:0a:09:af:0a:
         69:9d:ea:f1:bf:e2:f6:ee:81:69:8d:4a:9a:48:1a:10:b5:de:
         50:96:68:b2:3a:3d:58:ee:99:fe:78:30:76:d9:bc:59:33:ea:
         46:4a:a5:3d:35:9e:16:e3:bb:8f:92:62:51:9f:3d:5f:96:79:
         81:4c:fd:5e:9a:88:d5:04:ca:e5:9d:ac:f0:15:2b:5e:ec:1c:
         70:78:2d:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxrp0rV1Yo1DKKfdC7GaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTJiNmE0ZDQ1YWM4YWUxYWVkNTRjNmY1YWM4ZWQ2ZmYz
YzFkZDcwHhcNMjUwMjE2MjIwMDE0WhcNMjUwMjE3MjIwMDE0WjAzMTEwLwYDVQQD
Eyg5YzAxNGUyYWRmMDNkNGVlZjAzN2RiNTk0MGM2ZjRhYmM4M2VhNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0a+cr/dzFIiYnbs3xYQGIJS/R8OM
0LFOIMJRH6Or/ygp0OrAzqzEDAOuuzFxMxdiNPqovNn/pqREijrzMGcplezrJU8b
9zvsSEvsZQ2X5se89MzsCNv9vAuv4NVoHbZlPkXwrC022zO6I3kOcqHD8evvIQtb
gft9E439/z/d/HxQmfb4aQtPpjIP7j04Zn1E4K5Yibz5/XZQBOlCqp7XY2BicvvE
lJwMvC7pIoOfCPEJAA4tbtCn0JjXnlVuleejW11hg3Od/ad6W3HPDrXqAJtb/h+w
jGDYxmmi1QZbcOeVTDhSWFc892/WRU3B0AJ9VR88xCEFwx0LD7dkIyuTlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwBTirfA9Tu8DfbWUDG9KvIPqZLMB8GA1UdIwQY
MBaAFLhStqTUWsiuGu1UxvWsjtb/PB3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYt
M2M0NmNkNTgwNzg5LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYtM2M0NmNkNTgwNzg5
LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK5HrNlT5
liswx0DGqKV2XyLVx3CRBAifSzm6xrkyIARiJ+ZPpE8FCW/1CVsxZ6Vv6T13ZPaG
B6UxYmlyZFEX1sQh9qkODXQQ8TMwBDgBAtK/hzA2wod6vx0j1pj7wICDO8DCRYr4
09hXtDXfEcD9QoyBdZGM/jZvxHOnTTjGdss/9M9PSw4tTtuqsxBJIgY2GiTTNZ+M
7n11+pJBxjYZ7Wu8axs0jtNAIcscALRfsRQKCa8KaZ3q8b/i9u6BaY1KmkgaELXe
UJZosjo9WO6Z/ngwdtm8WTPqRkqlPTWeFuO7j5JiUZ89X5Z5gUz9XpqI1QTK5Z2s
8BUrXuwccHgt7g==
-----END CERTIFICATE-----