Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          A6w0ogx7dROK7Is3uD3YNe7d+npbtWAhWnRG3/IU76Q=
Subject key identifier:   CE:9B:ED:24:60:F3:CE:F7:19:E3:4F:42:F1:0C:D0:2A:13:63:22:0F
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       0196421EE9683D968FADAC2C5A136A433DFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          14F4
Signing time:             Thu 17 Apr 2025 05:00:44 +0000
Manifest this update:     Thu 17 Apr 2025 05:00:44 +0000
Manifest next update:     Fri 18 Apr 2025 05:00:44 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: xKrxYi59HS1ohcMkGzTF7xrO9XlMp24RcAcKsrPQHB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:42:1e:e9:68:3d:96:8f:ad:ac:2c:5a:13:6a:43:3d:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Apr 17 05:00:44 2025 GMT
            Not After : Apr 18 05:00:44 2025 GMT
        Subject: CN=ce9bed2460f3cef719e34f42f10cd02a1363220f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e6:61:7f:9d:aa:1f:df:18:d8:fb:e1:be:fc:
                    c9:e7:50:09:b3:db:81:ae:97:47:98:5b:1d:30:e4:
                    87:5d:68:db:11:d9:ef:7e:b7:5b:4c:84:4b:34:b2:
                    ad:45:78:eb:bd:00:d4:26:f0:09:c1:c4:fb:40:0d:
                    36:5e:a0:54:98:d5:1b:2e:e3:bd:cd:7f:29:4b:c1:
                    53:08:ab:92:84:b4:71:d0:df:65:2f:91:55:ae:b3:
                    dd:e5:f9:0d:ba:e2:7e:b8:b8:75:6c:5a:51:68:17:
                    1d:d7:5c:d0:5c:c2:e5:86:08:43:33:2c:a5:56:6d:
                    a4:70:84:f6:20:dd:75:93:85:b2:7a:cb:2f:f7:47:
                    34:fd:08:12:9b:da:34:ba:19:bb:de:7b:80:83:fe:
                    78:88:29:1b:0a:58:2e:93:68:c2:ca:72:2a:d4:c3:
                    04:5c:9d:44:64:40:cb:06:69:0b:6b:ce:bc:9f:32:
                    8f:bb:1e:d2:85:be:17:65:92:71:ac:fd:72:f0:5e:
                    e1:85:c0:41:33:7c:67:58:d3:81:95:6d:2c:36:37:
                    75:64:96:0f:0e:b8:48:2a:77:be:cc:c5:7c:a1:5a:
                    05:9c:bb:e6:38:76:2c:10:93:dd:68:23:dd:ae:6b:
                    5d:91:40:90:e2:0c:7e:97:eb:71:b2:a2:5f:df:86:
                    16:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:9B:ED:24:60:F3:CE:F7:19:E3:4F:42:F1:0C:D0:2A:13:63:22:0F
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:0b:e1:c1:98:51:89:d1:f0:07:11:39:f6:4b:13:07:5b:94:
         6c:1b:8b:d1:fe:9d:0e:46:29:db:3b:88:a0:33:5c:26:54:64:
         c9:55:25:e6:45:54:d8:de:81:46:de:02:f1:57:c2:f4:4e:9e:
         1e:19:19:5a:90:76:e6:a9:86:13:3f:aa:6c:55:a2:e7:70:93:
         50:00:fa:23:cd:14:4d:15:fe:00:47:e9:a4:2d:00:d9:c8:4f:
         3d:ad:2d:dd:0f:89:ae:79:79:b9:77:45:a9:47:5e:f8:15:dc:
         f2:55:b5:20:01:04:ae:44:5e:5f:5e:ad:d6:1f:38:6f:ec:52:
         6e:b5:cc:6f:f2:2e:ef:d9:dd:b3:10:87:bd:b4:16:78:63:bc:
         be:28:f6:19:33:c6:0c:30:b6:c9:c7:b4:ae:1c:f3:90:a6:87:
         1c:6d:da:cb:21:fe:fc:01:d7:5b:49:f3:28:3d:14:f5:98:63:
         56:86:d3:bc:a5:6a:40:3f:be:48:18:4a:2c:b5:6e:e7:cf:d5:
         58:c6:7e:27:a8:13:91:96:aa:d6:e2:ae:7e:fe:08:f8:86:3b:
         04:e1:59:85:b9:d7:2e:d6:72:8e:09:70:c1:c9:5b:d4:c6:22:
         2d:36:0c:f6:d6:70:24:db:5c:7a:23:d1:22:09:a9:fc:fe:1f:
         b4:38:f4:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZCHuloPZaPrawsWhNqQz39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUwNDE3MDUwMDQ0WhcNMjUwNDE4MDUwMDQ0WjAzMTEwLwYDVQQD
EyhjZTliZWQyNDYwZjNjZWY3MTllMzRmNDJmMTBjZDAyYTEzNjMyMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseZhf52qH98Y2PvhvvzJ51AJs9uB
rpdHmFsdMOSHXWjbEdnvfrdbTIRLNLKtRXjrvQDUJvAJwcT7QA02XqBUmNUbLuO9
zX8pS8FTCKuShLRx0N9lL5FVrrPd5fkNuuJ+uLh1bFpRaBcd11zQXMLlhghDMyyl
Vm2kcIT2IN11k4Wyessv90c0/QgSm9o0uhm73nuAg/54iCkbClguk2jCynIq1MME
XJ1EZEDLBmkLa868nzKPux7Shb4XZZJxrP1y8F7hhcBBM3xnWNOBlW0sNjd1ZJYP
DrhIKne+zMV8oVoFnLvmOHYsEJPdaCPdrmtdkUCQ4gx+l+txsqJf34YW6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6b7SRg8873GeNPQvEM0CoTYyIPMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZgvhwZhR
idHwBxE59ksTB1uUbBuL0f6dDkYp2zuIoDNcJlRkyVUl5kVU2N6BRt4C8VfC9E6e
HhkZWpB25qmGEz+qbFWi53CTUAD6I80UTRX+AEfppC0A2chPPa0t3Q+Jrnl5uXdF
qUde+BXc8lW1IAEErkReX16t1h84b+xSbrXMb/Iu79ndsxCHvbQWeGO8vij2GTPG
DDC2yce0rhzzkKaHHG3ayyH+/AHXW0nzKD0U9ZhjVobTvKVqQD++SBhKLLVu58/V
WMZ+J6gTkZaq1uKufv4I+IY7BOFZhbnXLtZyjglwwclb1MYiLTYM9tZwJNtceiPR
Igmp/P4ftDj0qw==
-----END CERTIFICATE-----