Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
File:                     dUI-b2St_Fh6CPgawqySYOsu1hU.mft (raw, json)
Hash identifier:          NWcv4xEZSoPWv692XCUNgr/UpMhCsL+jFYUrW33EYnE=
Subject key identifier:   8C:0E:9A:46:64:FC:F5:57:D8:5C:65:10:4A:E5:51:64:DF:1D:46:38
Authority key identifier: 75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15
Certificate issuer:       /CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
Certificate serial:       0197488D1055CDB2760349FBA7D744E67711
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
Manifest number:          0BED
Signing time:             Sat 07 Jun 2025 04:01:33 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:33 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:33 +0000
Files and hashes:         1: dUI-b2St_Fh6CPgawqySYOsu1hU.crl (hash: f4vHmwatQnWD4He5pELtCHCA1G3h3ikDDfMrUgZyWM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:10:55:cd:b2:76:03:49:fb:a7:d7:44:e6:77:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
        Validity
            Not Before: Jun  7 04:01:33 2025 GMT
            Not After : Jun  8 04:01:33 2025 GMT
        Subject: CN=8c0e9a4664fcf557d85c65104ae55164df1d4638
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c6:0d:8a:14:b6:5b:9b:6c:ad:58:2e:b5:00:
                    ee:83:59:91:f8:ae:73:3a:73:07:a3:d1:6f:ea:f6:
                    b8:df:34:aa:ab:3a:9a:f0:a5:9c:5d:e2:21:c5:e6:
                    3c:16:a8:1e:8a:99:31:dc:d5:af:b9:29:7d:9b:f1:
                    e6:f0:f1:86:42:ee:3c:7c:16:c9:e2:ba:50:4c:d8:
                    e9:17:21:af:ed:00:dd:66:42:2b:b9:c7:c4:22:dd:
                    cc:e8:64:eb:54:20:dd:a6:b3:8b:b7:a3:d4:01:57:
                    e3:10:8c:d5:45:90:e0:02:33:b7:87:79:ab:61:89:
                    75:3f:bb:4d:61:64:5c:5a:d9:50:2a:84:1a:d1:0f:
                    f9:23:2a:96:2a:75:e4:11:c8:ac:ca:ef:57:9a:94:
                    85:b9:fe:b1:9b:58:46:45:7f:7d:16:0b:ec:8c:ef:
                    d6:c1:4c:1f:5a:a4:60:da:3c:12:fd:ea:26:e6:97:
                    d2:78:2e:bf:1b:8a:6a:15:0e:e6:2a:54:64:40:fe:
                    ba:4c:bf:d2:f2:a8:d4:eb:a7:86:98:23:d4:16:02:
                    2b:a6:0d:f8:11:24:f7:45:7e:a9:69:07:03:12:be:
                    fe:fe:1c:4f:57:17:0c:2a:64:22:aa:fc:82:b3:a9:
                    57:af:31:ae:10:18:5f:1e:52:10:22:14:60:d9:99:
                    7f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:0E:9A:46:64:FC:F5:57:D8:5C:65:10:4A:E5:51:64:DF:1D:46:38
            X509v3 Authority Key Identifier:
                keyid:75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:1e:6c:86:38:7d:5f:9c:08:bf:9c:37:2f:4c:1e:92:24:4c:
         d4:86:2a:21:2f:57:1c:b2:f2:f9:6a:3d:a0:c5:1b:e2:54:40:
         f2:84:de:6b:79:4d:78:7a:d9:98:1c:e5:e3:42:b1:ee:76:c1:
         b5:cc:9f:08:ce:d8:73:35:7e:1e:e9:4a:43:6b:a9:a3:19:22:
         b0:20:8a:b5:9e:f1:11:f3:e5:be:95:0b:16:8d:95:36:d1:76:
         f8:76:7e:05:c5:d3:92:85:2c:f1:52:fb:37:be:1b:e3:27:02:
         09:75:d4:92:33:a3:95:f5:75:8e:98:e8:ed:23:28:77:4c:f9:
         59:f1:f9:cb:c7:50:b4:cb:c7:0a:97:98:ab:2b:ba:a6:da:b6:
         e1:46:19:8e:e8:78:7f:c6:e8:d2:dc:fe:21:83:d8:8b:dc:9b:
         e5:66:ee:e0:e2:ad:91:e7:d1:b1:cc:03:a4:88:7f:8a:58:bf:
         1b:6d:d5:09:99:20:84:9f:a2:b3:0d:91:0b:85:5c:4e:11:44:
         4c:8a:20:40:d2:09:cd:45:9a:6e:7f:cd:d4:3d:93:03:e5:a4:
         18:56:b8:37:0c:27:18:dd:55:45:09:2c:f5:6b:4f:0e:6d:40:
         a8:fa:11:18:50:26:0b:df:cc:1a:13:1e:0c:1f:7f:85:84:c4:
         07:28:b7:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjRBVzbJ2A0n7p9dE5ncRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NDIzZTZmNjRhZGZjNTg3YTA4ZjgxYWMyYWM5MjYwZWIy
ZWQ2MTUwHhcNMjUwNjA3MDQwMTMzWhcNMjUwNjA4MDQwMTMzWjAzMTEwLwYDVQQD
Eyg4YzBlOWE0NjY0ZmNmNTU3ZDg1YzY1MTA0YWU1NTE2NGRmMWQ0NjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcYNihS2W5tsrVgutQDug1mR+K5z
OnMHo9Fv6va43zSqqzqa8KWcXeIhxeY8Fqgeipkx3NWvuSl9m/Hm8PGGQu48fBbJ
4rpQTNjpFyGv7QDdZkIrucfEIt3M6GTrVCDdprOLt6PUAVfjEIzVRZDgAjO3h3mr
YYl1P7tNYWRcWtlQKoQa0Q/5IyqWKnXkEcisyu9XmpSFuf6xm1hGRX99FgvsjO/W
wUwfWqRg2jwS/eom5pfSeC6/G4pqFQ7mKlRkQP66TL/S8qjU66eGmCPUFgIrpg34
EST3RX6paQcDEr7+/hxPVxcMKmQiqvyCs6lXrzGuEBhfHlIQIhRg2Zl/IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwOmkZk/PVX2FxlEErlUWTfHUY4MB8GA1UdIwQY
MBaAFHVCPm9krfxYegj4GsKskmDrLtYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYt
MjliNGY5MmFjOGZkLzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYtMjliNGY5MmFjOGZk
LzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqB5shjh9
X5wIv5w3L0wekiRM1IYqIS9XHLLy+Wo9oMUb4lRA8oTea3lNeHrZmBzl40Kx7nbB
tcyfCM7YczV+HulKQ2upoxkisCCKtZ7xEfPlvpULFo2VNtF2+HZ+BcXTkoUs8VL7
N74b4ycCCXXUkjOjlfV1jpjo7SMod0z5WfH5y8dQtMvHCpeYqyu6ptq24UYZjuh4
f8bo0tz+IYPYi9yb5Wbu4OKtkefRscwDpIh/ili/G23VCZkghJ+isw2RC4VcThFE
TIogQNIJzUWabn/N1D2TA+WkGFa4NwwnGN1VRQks9WtPDm1AqPoRGFAmC9/MGhMe
DB9/hYTEByi3kg==
-----END CERTIFICATE-----