Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
File:                     U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft (raw, json)
Hash identifier:          r5gBdMXJdWvMANrBUH7k0+I4FkMKkjkdwJB9iMcjb00=
Subject key identifier:   B7:46:05:77:2F:A1:6A:69:D8:80:EB:54:B4:31:6C:9B:1D:ED:13:20
Authority key identifier: 53:BF:98:D5:35:22:AA:95:70:81:FD:EC:28:B1:72:08:43:94:F1:12
Certificate issuer:       /CN=53bf98d53522aa957081fdec28b172084394f112
Certificate serial:       01965537997C4E05969B673E278B03DB0CB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
Manifest number:          0D12
Signing time:             Sun 20 Apr 2025 22:00:29 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:29 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:29 +0000
Files and hashes:         1: U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl (hash: 7HgVwJvyJaPxYCMh9UWkODKaP1U1ZRWO79vM4B3g1DY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:99:7c:4e:05:96:9b:67:3e:27:8b:03:db:0c:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53bf98d53522aa957081fdec28b172084394f112
        Validity
            Not Before: Apr 20 22:00:29 2025 GMT
            Not After : Apr 21 22:00:29 2025 GMT
        Subject: CN=b74605772fa16a69d880eb54b4316c9b1ded1320
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c8:66:c0:48:d2:e5:6b:c3:c1:6c:8e:b8:ea:
                    10:e7:51:95:1f:f7:81:cd:35:35:84:cd:a3:ae:78:
                    25:3e:5a:c3:08:b5:fd:4c:55:60:8f:b0:82:39:7b:
                    83:8b:4e:00:2e:20:a9:64:c8:29:16:7c:45:2f:1e:
                    35:e3:16:e3:4d:cd:7b:ec:1d:f0:a3:78:d5:a8:51:
                    79:22:a2:7e:b3:e9:4a:0b:ef:42:44:2e:12:30:3f:
                    f6:24:da:09:b2:30:57:94:fe:47:69:e8:82:dd:8b:
                    50:74:6d:2d:3c:92:da:c9:03:36:04:b7:c8:a5:85:
                    b9:e3:ec:b2:7b:5d:d0:99:24:6e:83:9f:24:34:6e:
                    f9:78:e6:65:71:03:98:7e:a8:2c:3e:b8:6e:75:90:
                    5e:2c:d4:f4:ba:d4:00:fd:fd:ee:67:95:5f:31:7e:
                    d8:4f:8f:9e:f1:67:56:4a:94:a9:6d:23:1f:5b:0b:
                    fd:f4:6f:a3:5b:0a:21:1a:7f:16:e2:51:d3:01:a7:
                    5b:be:32:77:e8:d6:29:78:06:2b:c9:50:0f:8e:af:
                    84:2d:1c:f4:2a:2d:6a:87:d4:94:23:77:66:04:7b:
                    a3:17:0d:3d:6e:3b:f9:46:89:5f:f2:e5:b7:09:70:
                    02:f9:c3:2a:1a:a8:2d:20:41:de:4f:fd:39:23:06:
                    a1:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:46:05:77:2F:A1:6A:69:D8:80:EB:54:B4:31:6C:9B:1D:ED:13:20
            X509v3 Authority Key Identifier:
                keyid:53:BF:98:D5:35:22:AA:95:70:81:FD:EC:28:B1:72:08:43:94:F1:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:59:29:c4:f0:21:61:e6:54:79:40:b9:ce:35:1a:b7:eb:6c:
         e5:8f:05:a2:b7:1a:ad:17:42:16:00:b8:91:99:ab:18:24:9c:
         94:45:bf:6e:2f:08:1c:c8:58:eb:35:bf:dd:b4:c5:a1:8c:ea:
         a6:ca:d8:19:04:82:69:9a:83:db:23:51:02:c4:05:56:a9:f3:
         ee:5e:dd:2a:24:51:db:59:16:eb:89:57:50:11:c2:a8:c9:d7:
         78:a6:d9:10:c2:e2:58:6e:75:ab:c1:14:57:f3:3b:89:62:99:
         35:fd:e4:d3:4a:fb:63:02:80:08:be:72:00:b1:12:30:92:c9:
         bb:37:b1:f7:c1:01:4f:79:d6:3a:d6:b7:70:9b:ce:d8:b5:9d:
         9f:9a:3a:c6:a9:09:2e:d5:aa:61:bc:c4:fd:da:d2:4a:e8:a4:
         91:d7:2e:60:f4:cb:c6:17:37:47:ec:43:78:c8:89:b9:a8:60:
         e5:35:a1:1d:b2:34:00:c5:1b:4d:03:a8:95:2e:f3:c7:41:f2:
         9a:6b:d3:80:80:a3:bf:02:17:80:a2:0c:d9:0d:ea:3e:12:a6:
         b5:e8:28:bb:6a:05:87:cf:cd:64:bf:81:bb:80:4b:c8:67:5f:
         da:bd:94:0a:47:ce:11:7c:db:a1:b3:b8:66:4c:65:c7:f5:f1:
         0f:a4:53:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN5l8TgWWm2c+J4sD2wy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmY5OGQ1MzUyMmFhOTU3MDgxZmRlYzI4YjE3MjA4NDM5
NGYxMTIwHhcNMjUwNDIwMjIwMDI5WhcNMjUwNDIxMjIwMDI5WjAzMTEwLwYDVQQD
EyhiNzQ2MDU3NzJmYTE2YTY5ZDg4MGViNTRiNDMxNmM5YjFkZWQxMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyshmwEjS5WvDwWyOuOoQ51GVH/eB
zTU1hM2jrnglPlrDCLX9TFVgj7CCOXuDi04ALiCpZMgpFnxFLx414xbjTc177B3w
o3jVqFF5IqJ+s+lKC+9CRC4SMD/2JNoJsjBXlP5HaeiC3YtQdG0tPJLayQM2BLfI
pYW54+yye13QmSRug58kNG75eOZlcQOYfqgsPrhudZBeLNT0utQA/f3uZ5VfMX7Y
T4+e8WdWSpSpbSMfWwv99G+jWwohGn8W4lHTAadbvjJ36NYpeAYryVAPjq+ELRz0
Ki1qh9SUI3dmBHujFw09bjv5Rolf8uW3CXAC+cMqGqgtIEHeT/05IwahBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLdGBXcvoWpp2IDrVLQxbJsd7RMgMB8GA1UdIwQY
MBaAFFO/mNU1IqqVcIH97CixcghDlPESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wNjNiMWItN2JkZS00OGNjLWIxYWMt
ZmFkNzA3ZDljNGY2LzEvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wNjNiMWItN2JkZS00OGNjLWIxYWMtZmFkNzA3ZDljNGY2
LzEvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACVkpxPAh
YeZUeUC5zjUat+ts5Y8ForcarRdCFgC4kZmrGCSclEW/bi8IHMhY6zW/3bTFoYzq
psrYGQSCaZqD2yNRAsQFVqnz7l7dKiRR21kW64lXUBHCqMnXeKbZEMLiWG51q8EU
V/M7iWKZNf3k00r7YwKACL5yALESMJLJuzex98EBT3nWOta3cJvO2LWdn5o6xqkJ
LtWqYbzE/drSSuikkdcuYPTLxhc3R+xDeMiJuahg5TWhHbI0AMUbTQOolS7zx0Hy
mmvTgICjvwIXgKIM2Q3qPhKmtegou2oFh8/NZL+Bu4BLyGdf2r2UCkfOEXzbobO4
Zkxlx/XxD6RTSA==
-----END CERTIFICATE-----