Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          WxlPdz+yzJUnFo7zpEEwiPyLDa8DHdWba3Rk44Enp3I=
Subject key identifier:   3E:CF:50:BF:87:47:EA:B2:D1:6F:06:CC:56:2A:B4:D4:4D:95:78:C9
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       019748C2F595BFC18660BBD0717CAD066ACA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          157C
Signing time:             Sat 07 Jun 2025 05:00:25 +0000
Manifest this update:     Sat 07 Jun 2025 05:00:25 +0000
Manifest next update:     Sun 08 Jun 2025 05:00:25 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: /wXQblnXuLo5HjbWkrtuDoi+P/QynfLmsIXKul5QPyQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 05:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:c2:f5:95:bf:c1:86:60:bb:d0:71:7c:ad:06:6a:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Jun  7 05:00:25 2025 GMT
            Not After : Jun  8 05:00:25 2025 GMT
        Subject: CN=3ecf50bf8747eab2d16f06cc562ab4d44d9578c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:aa:5b:de:23:12:af:f4:99:b9:6e:de:cb:e8:
                    db:da:8a:41:ed:56:0f:07:d8:c8:48:fb:0c:29:f4:
                    6b:c2:71:a4:d1:7f:aa:e5:3d:f7:af:17:04:a5:24:
                    49:20:79:b2:0f:eb:fe:cb:38:47:7a:65:29:72:11:
                    3b:56:41:1e:50:55:e5:23:45:b9:c1:28:0c:14:67:
                    67:91:69:10:56:98:5a:84:78:70:2d:0e:65:9b:9c:
                    aa:20:7a:1a:f0:b7:95:de:e4:27:14:24:c2:a8:da:
                    6b:7f:05:55:ba:a1:e9:7e:9c:fd:ee:88:13:a0:a6:
                    e1:d8:e7:42:2a:aa:a8:49:9d:85:c3:9b:9a:9e:0e:
                    7e:c5:1b:0d:ca:06:a2:dc:ca:46:e9:b6:e5:03:50:
                    9c:02:65:67:6c:ca:52:76:49:34:fe:47:0b:75:14:
                    7c:10:a3:87:66:cf:6b:b5:e7:f5:20:38:61:be:5e:
                    10:4b:ab:06:37:9c:44:8f:c3:b6:3e:a9:e3:8d:f0:
                    30:a0:4c:5c:9e:0c:51:07:53:39:8b:25:16:2c:04:
                    e7:53:2a:f5:ab:a9:59:0b:f6:67:fd:13:08:29:29:
                    8a:e8:22:e7:76:f6:5a:ff:73:ed:dc:e7:a0:21:f9:
                    69:e1:e4:8d:45:00:e2:76:7f:91:74:44:86:9d:20:
                    e1:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:CF:50:BF:87:47:EA:B2:D1:6F:06:CC:56:2A:B4:D4:4D:95:78:C9
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:09:6c:e7:1c:1c:bb:0b:0d:34:2a:90:d8:1d:e1:bb:ce:31:
         55:db:07:82:22:0d:97:ed:4a:94:7a:e8:3d:c7:c9:98:33:12:
         4d:26:12:74:f6:02:ad:87:b5:4a:4f:5c:ba:bf:9d:16:98:35:
         f4:ac:3d:45:40:5d:b6:64:03:ae:39:06:a2:4e:f5:8e:53:ed:
         84:34:c5:d0:a5:3b:31:b6:f3:af:27:3f:9d:8a:52:64:be:0f:
         3e:81:5f:4e:74:40:d1:76:82:65:51:34:39:4d:15:30:98:dc:
         8f:46:e7:39:0f:ad:37:0b:f0:c6:fc:c9:df:f4:3e:ed:a3:86:
         f4:6e:f1:9f:fa:bc:b6:11:c0:c0:7d:f8:d4:13:10:ce:ff:99:
         15:7c:95:af:cc:bb:7c:dd:e8:8c:fc:13:de:95:3d:a0:ca:f5:
         3d:33:95:d7:8a:a6:76:e0:ac:42:8e:4f:cd:a7:70:d6:7d:15:
         97:48:e7:03:cd:e9:c4:6a:b6:e8:77:15:ff:78:4c:e2:d3:b4:
         de:8f:89:be:4e:bc:2b:91:f1:62:39:d6:c3:d0:dd:79:47:e9:
         c9:59:cc:ed:05:48:a4:ca:93:3e:d4:23:e1:46:00:14:6a:ba:
         4e:45:af:77:cb:d2:3a:8b:bd:31:d5:2e:ea:81:87:ed:95:b6:
         8c:28:38:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIwvWVv8GGYLvQcXytBmrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUwNjA3MDUwMDI1WhcNMjUwNjA4MDUwMDI1WjAzMTEwLwYDVQQD
EygzZWNmNTBiZjg3NDdlYWIyZDE2ZjA2Y2M1NjJhYjRkNDRkOTU3OGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Kpb3iMSr/SZuW7ey+jb2opB7VYP
B9jISPsMKfRrwnGk0X+q5T33rxcEpSRJIHmyD+v+yzhHemUpchE7VkEeUFXlI0W5
wSgMFGdnkWkQVphahHhwLQ5lm5yqIHoa8LeV3uQnFCTCqNprfwVVuqHpfpz97ogT
oKbh2OdCKqqoSZ2Fw5uang5+xRsNygai3MpG6bblA1CcAmVnbMpSdkk0/kcLdRR8
EKOHZs9rtef1IDhhvl4QS6sGN5xEj8O2PqnjjfAwoExcngxRB1M5iyUWLATnUyr1
q6lZC/Zn/RMIKSmK6CLndvZa/3Pt3OegIflp4eSNRQDidn+RdESGnSDh1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7PUL+HR+qy0W8GzFYqtNRNlXjJMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwls5xwc
uwsNNCqQ2B3hu84xVdsHgiINl+1KlHroPcfJmDMSTSYSdPYCrYe1Sk9cur+dFpg1
9Kw9RUBdtmQDrjkGok71jlPthDTF0KU7Mbbzryc/nYpSZL4PPoFfTnRA0XaCZVE0
OU0VMJjcj0bnOQ+tNwvwxvzJ3/Q+7aOG9G7xn/q8thHAwH341BMQzv+ZFXyVr8y7
fN3ojPwT3pU9oMr1PTOV14qmduCsQo5Pzadw1n0Vl0jnA83pxGq26HcV/3hM4tO0
3o+Jvk68K5HxYjnWw9DdeUfpyVnM7QVIpMqTPtQj4UYAFGq6TkWvd8vSOou9MdUu
6oGH7ZW2jCg49A==
-----END CERTIFICATE-----