Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft
File:                     uIazyxP9IWfYnRIYXpNQbdRcmvk.mft (raw, json)
Hash identifier:          6KfwoSG52F37e7UPI8jnoBOWPwG7XDQCe9fmenRuKqw=
Subject key identifier:   F5:9E:56:52:8F:32:D1:D0:56:91:17:EB:40:0C:75:4B:9D:1D:E1:F2
Authority key identifier: B8:86:B3:CB:13:FD:21:67:D8:9D:12:18:5E:93:50:6D:D4:5C:9A:F9
Certificate issuer:       /CN=b886b3cb13fd2167d89d12185e93506dd45c9af9
Certificate serial:       019652A4C32E902E357AC97B5B3BD7B7E2C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uIazyxP9IWfYnRIYXpNQbdRcmvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft
Manifest number:          0A1D
Signing time:             Sun 20 Apr 2025 10:00:51 +0000
Manifest this update:     Sun 20 Apr 2025 10:00:51 +0000
Manifest next update:     Mon 21 Apr 2025 10:00:51 +0000
Files and hashes:         1: uIazyxP9IWfYnRIYXpNQbdRcmvk.crl (hash: iXHxqa9lDccnv1Be4i8oLhVx/EYZSZWbC0Kz5de2H5o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uIazyxP9IWfYnRIYXpNQbdRcmvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:a4:c3:2e:90:2e:35:7a:c9:7b:5b:3b:d7:b7:e2:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b886b3cb13fd2167d89d12185e93506dd45c9af9
        Validity
            Not Before: Apr 20 10:00:51 2025 GMT
            Not After : Apr 21 10:00:51 2025 GMT
        Subject: CN=f59e56528f32d1d0569117eb400c754b9d1de1f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:61:6d:d8:43:5c:37:0a:cb:ae:e9:32:82:fe:
                    17:71:2c:0d:5d:34:3e:7c:90:ae:31:d9:34:2e:28:
                    a5:aa:7f:c5:ac:50:59:28:b4:85:a9:a4:dc:2d:0d:
                    26:51:ad:b7:de:01:f1:0e:2e:bb:eb:07:26:a0:e4:
                    57:32:72:48:ae:07:ed:7f:01:c8:86:29:d6:4b:da:
                    cf:18:a9:c7:24:6f:de:84:16:6b:f9:30:16:83:ba:
                    5c:70:12:fa:8f:2b:04:d2:e6:32:88:8c:af:0a:84:
                    be:b3:07:29:ec:59:db:0a:05:52:a9:69:4d:86:3c:
                    ac:3b:50:3e:a9:2a:5b:d3:1f:04:d0:e6:1e:59:e2:
                    92:d8:89:11:be:89:81:7e:bb:32:d5:74:80:ad:96:
                    6d:ba:36:b1:96:dc:04:a5:53:c1:90:cf:a8:05:57:
                    95:fc:cd:74:1f:fa:90:40:07:09:67:d7:4d:0a:89:
                    43:bb:94:b4:72:ff:b6:54:25:cb:eb:67:3f:1d:2d:
                    6d:08:6e:40:2c:85:16:e1:f6:2e:f0:2f:10:2c:f7:
                    7e:3c:b2:45:d8:c4:24:20:b5:0d:52:b5:9e:8f:bc:
                    bd:7e:fd:02:81:34:b9:d5:39:d9:ea:0a:fb:19:73:
                    82:48:36:30:09:b9:0e:11:80:87:16:2a:ea:6c:c4:
                    24:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:9E:56:52:8F:32:D1:D0:56:91:17:EB:40:0C:75:4B:9D:1D:E1:F2
            X509v3 Authority Key Identifier:
                keyid:B8:86:B3:CB:13:FD:21:67:D8:9D:12:18:5E:93:50:6D:D4:5C:9A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uIazyxP9IWfYnRIYXpNQbdRcmvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:ec:e1:2c:a7:a2:44:59:dd:0c:af:91:28:bf:dd:b4:55:b3:
         eb:fb:d2:cd:45:6e:cb:38:fe:45:e2:62:85:f8:84:94:77:d6:
         37:49:ac:3e:98:dd:f9:dd:06:ab:4d:26:9f:b4:59:b0:c3:86:
         18:8b:ac:5e:6b:1e:af:d1:13:20:71:1e:7b:d9:ff:d2:bd:1f:
         14:fc:3a:cb:3a:8e:ee:4b:4f:a8:0e:eb:4a:a7:22:47:72:e1:
         51:60:6a:99:b1:c1:94:42:8d:ee:27:e0:a2:b7:61:fe:12:fd:
         90:30:07:c0:a7:89:1d:c3:9d:86:52:98:13:7e:38:a7:4f:23:
         f1:0f:2c:58:96:dd:d3:0f:88:89:5d:dd:85:0a:c3:f3:6d:26:
         11:33:be:0c:e8:b1:8f:df:24:1a:17:98:70:87:7d:cd:d3:4a:
         b0:7f:aa:bf:dd:49:df:0b:e4:2b:57:49:e7:2f:bd:20:d4:60:
         08:26:9f:a2:82:14:1d:c4:f4:b1:8f:82:de:40:05:ad:fb:bb:
         a3:77:9a:6a:ac:e0:5a:d1:84:df:f1:1a:42:3d:6a:01:4f:dc:
         40:be:ee:8d:5d:b0:4b:62:7e:68:9f:51:58:a5:84:93:86:a2:
         56:5f:e2:1e:a1:a1:e1:de:50:14:95:54:65:84:88:80:44:09:
         61:f0:c7:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSpMMukC41esl7WzvXt+LBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ODZiM2NiMTNmZDIxNjdkODlkMTIxODVlOTM1MDZkZDQ1
YzlhZjkwHhcNMjUwNDIwMTAwMDUxWhcNMjUwNDIxMTAwMDUxWjAzMTEwLwYDVQQD
EyhmNTllNTY1MjhmMzJkMWQwNTY5MTE3ZWI0MDBjNzU0YjlkMWRlMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmFt2ENcNwrLrukygv4XcSwNXTQ+
fJCuMdk0Liilqn/FrFBZKLSFqaTcLQ0mUa233gHxDi676wcmoORXMnJIrgftfwHI
hinWS9rPGKnHJG/ehBZr+TAWg7pccBL6jysE0uYyiIyvCoS+swcp7FnbCgVSqWlN
hjysO1A+qSpb0x8E0OYeWeKS2IkRvomBfrsy1XSArZZtujaxltwEpVPBkM+oBVeV
/M10H/qQQAcJZ9dNColDu5S0cv+2VCXL62c/HS1tCG5ALIUW4fYu8C8QLPd+PLJF
2MQkILUNUrWej7y9fv0CgTS51TnZ6gr7GXOCSDYwCbkOEYCHFirqbMQk1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWeVlKPMtHQVpEX60AMdUudHeHyMB8GA1UdIwQY
MBaAFLiGs8sT/SFn2J0SGF6TUG3UXJr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlhenl4UDlJV2ZZblJJWVhwTlFiZFJjbXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80MmFjM2MtYzU4My00YjgyLWJjYjct
MDQ3Mzk0MDJlMjdiLzEvdUlhenl4UDlJV2ZZblJJWVhwTlFiZFJjbXZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80MmFjM2MtYzU4My00YjgyLWJjYjctMDQ3Mzk0MDJlMjdi
LzEvdUlhenl4UDlJV2ZZblJJWVhwTlFiZFJjbXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcuzhLKei
RFndDK+RKL/dtFWz6/vSzUVuyzj+ReJihfiElHfWN0msPpjd+d0Gq00mn7RZsMOG
GIusXmser9ETIHEee9n/0r0fFPw6yzqO7ktPqA7rSqciR3LhUWBqmbHBlEKN7ifg
ordh/hL9kDAHwKeJHcOdhlKYE344p08j8Q8sWJbd0w+IiV3dhQrD820mETO+DOix
j98kGheYcId9zdNKsH+qv91J3wvkK1dJ5y+9INRgCCafooIUHcT0sY+C3kAFrfu7
o3eaaqzgWtGE3/EaQj1qAU/cQL7ujV2wS2J+aJ9RWKWEk4aiVl/iHqGh4d5QFJVU
ZYSIgEQJYfDHPA==
-----END CERTIFICATE-----