Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
File:                     ucN059N57ajbliAKTu_lvBwok58.mft (raw, json)
Hash identifier:          R7XFTqLaHNaQLEWBYQQyPR3qpVq5cJZjFPNaOkDYkwA=
Subject key identifier:   19:8E:B8:E3:57:C2:E7:EE:9E:16:E8:7A:6F:B6:05:1C:A0:29:E7:76
Authority key identifier: B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F
Certificate issuer:       /CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
Certificate serial:       0194C3884FCC32268605400581B0CADB0418
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
Manifest number:          0AE5
Signing time:             Sat 01 Feb 2025 22:01:17 +0000
Manifest this update:     Sat 01 Feb 2025 22:01:17 +0000
Manifest next update:     Sun 02 Feb 2025 22:01:17 +0000
Files and hashes:         1: ucN059N57ajbliAKTu_lvBwok58.crl (hash: Bcqe4AKvaPgylciZ5oVuOfkhXkfCNHwR32ZwGmgRnhw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:88:4f:cc:32:26:86:05:40:05:81:b0:ca:db:04:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
        Validity
            Not Before: Feb  1 22:01:17 2025 GMT
            Not After : Feb  2 22:01:17 2025 GMT
        Subject: CN=198eb8e357c2e7ee9e16e87a6fb6051ca029e776
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:00:b8:3e:12:9a:96:5a:2c:0d:83:60:00:6f:
                    43:cb:71:6e:64:2a:83:09:31:71:99:5c:43:7a:ae:
                    38:ba:0a:40:54:34:68:7a:f2:32:96:3f:8d:2f:1e:
                    a7:92:e6:33:e2:96:76:df:2c:a8:cf:a5:16:3c:f8:
                    77:06:e8:49:4f:78:dc:9e:29:35:ae:83:77:6e:2a:
                    40:da:32:a8:ce:79:18:67:7a:a3:ad:6f:00:bd:e6:
                    a9:32:3d:90:b6:77:11:11:aa:6d:7e:b8:cc:e7:18:
                    07:5d:63:96:a4:8d:8f:f8:e2:95:90:8e:cd:76:8f:
                    45:f6:a6:ae:52:25:18:81:a2:6a:04:a8:99:11:e8:
                    99:13:9a:1e:9b:48:0a:b4:89:b1:97:1e:95:56:20:
                    c0:5e:01:42:01:b2:8e:12:7e:a1:d4:3c:f3:8f:d9:
                    08:19:6a:9a:b1:9a:7d:ff:8b:27:40:5d:bc:a5:5a:
                    a5:95:82:c9:ef:04:ea:23:0c:e3:82:96:40:d2:2b:
                    07:29:53:ac:a8:41:c3:ec:ff:e3:b1:33:d7:27:4c:
                    f1:cc:41:5a:d0:12:00:60:9d:26:35:92:5a:59:a4:
                    5c:57:81:67:5f:c6:bd:57:13:29:cc:41:8c:45:38:
                    ca:33:fd:88:31:31:eb:f8:f7:5e:04:fa:5c:29:8e:
                    67:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:8E:B8:E3:57:C2:E7:EE:9E:16:E8:7A:6F:B6:05:1C:A0:29:E7:76
            X509v3 Authority Key Identifier:
                keyid:B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:29:bf:0f:bb:84:2d:a0:0d:a1:17:60:a8:05:35:33:02:ee:
         ff:e0:71:c2:01:a1:37:9c:59:99:30:03:6d:9c:47:64:c9:e9:
         26:3c:83:10:62:cb:ab:87:31:52:20:ef:86:f4:6e:6e:95:b6:
         03:be:51:aa:5a:85:f2:e9:01:c0:4c:25:33:c2:fa:1a:45:6e:
         bc:fa:da:ba:c7:4e:35:e7:ed:88:78:83:2e:22:c9:f7:6c:b3:
         24:6f:c4:83:74:19:2d:a7:06:b2:fd:b2:58:d8:e5:bb:08:3a:
         11:08:ad:e4:0f:64:88:0c:72:a0:1c:c1:53:7d:52:df:4e:a9:
         96:03:94:e4:a5:c3:b8:ac:a0:49:d2:47:90:72:e5:10:69:4b:
         ca:18:c6:ce:e3:d5:fd:11:27:85:68:85:ea:6f:5e:d5:dd:86:
         eb:d7:29:2b:1a:93:a1:34:84:c4:fa:4b:1b:a3:a9:ac:23:ea:
         e1:cc:06:20:db:88:44:9a:66:fb:d9:db:5c:7f:66:ba:ed:f0:
         06:9f:47:91:b2:bc:b2:f2:0d:94:74:3c:4a:4c:0c:89:0d:b4:
         21:26:76:f4:6c:06:28:ab:8e:a5:6c:60:bf:2d:de:ee:62:66:
         2d:6b:37:f4:15:9c:93:d5:12:80:97:6b:5d:60:82:7a:ff:9e:
         04:41:18:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiE/MMiaGBUAFgbDK2wQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM3NGU3ZDM3OWVkYThkYjk2MjAwYTRlZWZlNWJjMWMy
ODkzOWYwHhcNMjUwMjAxMjIwMTE3WhcNMjUwMjAyMjIwMTE3WjAzMTEwLwYDVQQD
EygxOThlYjhlMzU3YzJlN2VlOWUxNmU4N2E2ZmI2MDUxY2EwMjllNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wC4PhKallosDYNgAG9Dy3FuZCqD
CTFxmVxDeq44ugpAVDRoevIylj+NLx6nkuYz4pZ23yyoz6UWPPh3BuhJT3jcnik1
roN3bipA2jKoznkYZ3qjrW8AveapMj2QtncREaptfrjM5xgHXWOWpI2P+OKVkI7N
do9F9qauUiUYgaJqBKiZEeiZE5oem0gKtImxlx6VViDAXgFCAbKOEn6h1Dzzj9kI
GWqasZp9/4snQF28pVqllYLJ7wTqIwzjgpZA0isHKVOsqEHD7P/jsTPXJ0zxzEFa
0BIAYJ0mNZJaWaRcV4FnX8a9VxMpzEGMRTjKM/2IMTHr+PdeBPpcKY5nbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmOuONXwufunhboem+2BRygKed2MB8GA1UdIwQY
MBaAFLnDdOfTee2o25YgCk7v5bwcKJOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgt
YjMyYWRmNjFhYjQ3LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgtYjMyYWRmNjFhYjQ3
LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZCm/D7uE
LaANoRdgqAU1MwLu/+BxwgGhN5xZmTADbZxHZMnpJjyDEGLLq4cxUiDvhvRubpW2
A75RqlqF8ukBwEwlM8L6GkVuvPrausdONeftiHiDLiLJ92yzJG/Eg3QZLacGsv2y
WNjluwg6EQit5A9kiAxyoBzBU31S306plgOU5KXDuKygSdJHkHLlEGlLyhjGzuPV
/REnhWiF6m9e1d2G69cpKxqToTSExPpLG6OprCPq4cwGINuIRJpm+9nbXH9muu3w
Bp9HkbK8svINlHQ8SkwMiQ20ISZ29GwGKKuOpWxgvy3e7mJmLWs39BWck9USgJdr
XWCCev+eBEEYoA==
-----END CERTIFICATE-----