Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
File:                     ucN059N57ajbliAKTu_lvBwok58.mft (raw, json)
Hash identifier:          6iaV2y88m7gp10moO91gUj75F4o3xljFvM4vjHMwflM=
Subject key identifier:   6A:5D:E8:A8:79:BE:28:3E:44:08:88:1D:9E:92:46:BC:46:5D:14:D1
Authority key identifier: B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F
Certificate issuer:       /CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
Certificate serial:       0197469DB48148F8A71872F5BF34CA206E5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
Manifest number:          0C32
Signing time:             Fri 06 Jun 2025 19:00:29 +0000
Manifest this update:     Fri 06 Jun 2025 19:00:29 +0000
Manifest next update:     Sat 07 Jun 2025 19:00:29 +0000
Files and hashes:         1: ucN059N57ajbliAKTu_lvBwok58.crl (hash: 43y/II2FC61oDFQmNLsoIi47RCcI7oVQjfFOAJPmbDw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 19:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9d:b4:81:48:f8:a7:18:72:f5:bf:34:ca:20:6e:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
        Validity
            Not Before: Jun  6 19:00:29 2025 GMT
            Not After : Jun  7 19:00:29 2025 GMT
        Subject: CN=6a5de8a879be283e4408881d9e9246bc465d14d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0c:0b:de:f5:fb:96:c2:c9:52:ee:c4:10:38:
                    8b:c4:2b:f1:63:e2:f3:66:81:09:50:f0:8d:64:1f:
                    33:1a:77:18:69:11:7a:88:a9:e6:6d:6f:3a:e3:2c:
                    a1:f9:79:0c:60:0b:12:57:66:d5:1b:d9:4a:86:83:
                    73:4d:8d:92:2c:1a:56:5e:3a:c7:a6:1b:b6:ee:ae:
                    cd:5f:b2:fe:c4:02:43:b2:67:1f:78:d7:79:db:ba:
                    19:95:f9:94:7b:e5:c8:47:20:0a:3e:3c:7f:07:f6:
                    b4:75:51:4c:52:26:59:c4:5e:9d:97:20:87:8c:2f:
                    d5:44:f9:58:af:61:81:0c:1b:3e:6e:63:ab:e0:9b:
                    8d:b5:26:f0:bc:05:d2:20:f3:71:72:71:83:0f:ea:
                    1a:8a:ae:08:29:74:52:b7:b7:d8:5e:e9:5b:be:21:
                    86:23:9a:69:3f:d7:50:10:12:dd:8a:df:04:e7:3f:
                    fc:b0:ad:8e:21:1c:f1:fe:da:d2:30:26:3c:b2:e9:
                    b9:d6:94:94:23:2d:ef:e0:60:5e:90:ac:ae:48:b9:
                    30:05:2b:8c:ab:e0:46:b6:05:5d:73:86:54:06:31:
                    45:29:3c:7f:1e:44:83:a7:64:cd:d1:98:31:4f:00:
                    5b:75:e7:68:43:b4:b2:68:f6:09:c6:88:a5:5c:38:
                    06:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:5D:E8:A8:79:BE:28:3E:44:08:88:1D:9E:92:46:BC:46:5D:14:D1
            X509v3 Authority Key Identifier:
                keyid:B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:34:25:2e:e2:32:86:0e:05:be:60:8f:06:64:c7:f5:42:66:
         a6:7d:24:63:86:b6:7d:ce:f8:c6:85:9d:c1:c2:af:2d:37:ae:
         07:6a:4c:7b:90:0c:2e:3e:ec:62:1c:85:1a:51:b7:8e:bf:8a:
         85:00:66:59:ba:09:90:94:52:72:5d:31:1b:fd:e5:5a:cd:e6:
         e4:c7:75:0b:0e:c4:63:ac:56:e7:15:f3:57:57:22:71:c2:22:
         2b:f9:24:14:87:3e:1e:5a:e3:a3:f2:1b:7c:9f:93:64:e8:de:
         de:2b:45:6c:38:8a:08:68:b8:b6:9d:c9:04:01:8e:d1:b2:3c:
         2e:00:5e:fd:6c:1f:31:5e:92:64:4d:a0:34:ef:60:a3:b7:7b:
         6b:62:9e:c1:96:e6:e6:b3:9f:cd:0c:f1:ac:06:8e:90:26:7f:
         5b:d2:4e:a1:1f:32:4f:9a:05:a6:c5:9f:0c:a5:89:52:5b:44:
         2c:dd:34:28:ed:2a:ee:e7:3e:86:5d:d4:5f:7f:d3:05:59:de:
         93:1a:6c:a9:ee:c8:6f:1f:5e:98:e8:45:87:16:34:54:7e:ef:
         6c:48:bb:5a:9e:2e:18:63:35:b8:d8:e7:22:09:ca:ed:9b:44:
         65:be:fc:46:2b:a1:03:76:d1:60:8e:1c:96:0a:34:34:59:4c:
         4d:7c:96:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnbSBSPinGHL1vzTKIG5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM3NGU3ZDM3OWVkYThkYjk2MjAwYTRlZWZlNWJjMWMy
ODkzOWYwHhcNMjUwNjA2MTkwMDI5WhcNMjUwNjA3MTkwMDI5WjAzMTEwLwYDVQQD
Eyg2YTVkZThhODc5YmUyODNlNDQwODg4MWQ5ZTkyNDZiYzQ2NWQxNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQwL3vX7lsLJUu7EEDiLxCvxY+Lz
ZoEJUPCNZB8zGncYaRF6iKnmbW864yyh+XkMYAsSV2bVG9lKhoNzTY2SLBpWXjrH
phu27q7NX7L+xAJDsmcfeNd527oZlfmUe+XIRyAKPjx/B/a0dVFMUiZZxF6dlyCH
jC/VRPlYr2GBDBs+bmOr4JuNtSbwvAXSIPNxcnGDD+oaiq4IKXRSt7fYXulbviGG
I5ppP9dQEBLdit8E5z/8sK2OIRzx/trSMCY8sum51pSUIy3v4GBekKyuSLkwBSuM
q+BGtgVdc4ZUBjFFKTx/HkSDp2TN0ZgxTwBbdedoQ7SyaPYJxoilXDgG+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGpd6Kh5vig+RAiIHZ6SRrxGXRTRMB8GA1UdIwQY
MBaAFLnDdOfTee2o25YgCk7v5bwcKJOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgt
YjMyYWRmNjFhYjQ3LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgtYjMyYWRmNjFhYjQ3
LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVDQlLuIy
hg4FvmCPBmTH9UJmpn0kY4a2fc74xoWdwcKvLTeuB2pMe5AMLj7sYhyFGlG3jr+K
hQBmWboJkJRScl0xG/3lWs3m5Md1Cw7EY6xW5xXzV1ciccIiK/kkFIc+Hlrjo/Ib
fJ+TZOje3itFbDiKCGi4tp3JBAGO0bI8LgBe/WwfMV6SZE2gNO9go7d7a2KewZbm
5rOfzQzxrAaOkCZ/W9JOoR8yT5oFpsWfDKWJUltELN00KO0q7uc+hl3UX3/TBVne
kxpsqe7Ibx9emOhFhxY0VH7vbEi7Wp4uGGM1uNjnIgnK7ZtEZb78RiuhA3bRYI4c
lgo0NFlMTXyWLw==
-----END CERTIFICATE-----