Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
File:                     upyRALMvz2LV39ghy9BWq3PS5FU.mft (raw, json)
Hash identifier:          sD3s0iEoVrIMZU4SoqbreOTi5mzuqJ5YUWaiUtWYG/w=
Subject key identifier:   45:7B:02:BE:6F:E2:5E:D4:32:85:DE:D4:28:1C:AC:80:9F:8B:AF:D3
Authority key identifier: BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55
Certificate issuer:       /CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
Certificate serial:       019510C7580C74C2C62014790F1576433992
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
Manifest number:          09C6
Signing time:             Sun 16 Feb 2025 22:00:54 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:54 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:54 +0000
Files and hashes:         1: upyRALMvz2LV39ghy9BWq3PS5FU.crl (hash: Q9ugHmcRBmyq2Gs34L80Js6XSPY7lyvPBnBSKtB7+So=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:58:0c:74:c2:c6:20:14:79:0f:15:76:43:39:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
        Validity
            Not Before: Feb 16 22:00:54 2025 GMT
            Not After : Feb 17 22:00:54 2025 GMT
        Subject: CN=457b02be6fe25ed43285ded4281cac809f8bafd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:03:a2:2a:72:c1:16:36:95:42:fd:bb:2a:c6:
                    f9:bb:32:ad:f1:4f:5d:7c:e8:b5:c8:8d:75:69:a0:
                    20:d4:69:6f:8f:e8:51:e5:ee:13:0c:72:d7:be:cb:
                    5e:b0:f8:cf:39:5c:00:2a:4e:71:6b:a7:12:62:17:
                    21:86:9a:7d:dc:df:bd:05:c5:b8:d5:0c:4d:fd:fa:
                    30:cd:7c:a2:e5:6e:17:83:78:cb:e8:83:5a:2c:e6:
                    fe:6b:3a:ed:64:d2:bd:6d:88:fe:da:c4:cb:b3:22:
                    82:10:d8:33:f0:4c:ee:b4:fa:fc:75:78:d1:52:f6:
                    57:47:a9:5c:5c:3e:23:6d:77:f8:f9:1f:6f:7c:8d:
                    52:bd:04:4c:0d:40:a9:0f:68:cc:71:39:f6:33:38:
                    bd:be:98:d2:40:45:03:42:f4:c6:1e:94:43:0b:fa:
                    89:62:32:f0:5c:97:5a:eb:88:03:3d:0f:97:71:d0:
                    44:56:8e:0f:ce:02:74:3a:dc:3e:45:9e:ef:02:01:
                    96:40:a1:8d:35:55:82:c2:98:c0:4a:3c:c0:4e:db:
                    a0:94:87:ba:1c:1c:96:ac:e3:c1:44:3a:3c:18:51:
                    dd:ca:37:43:b0:23:32:7b:46:09:a7:d8:01:31:8b:
                    2b:0f:69:e5:41:77:09:5a:bb:50:36:c6:c5:2a:68:
                    1f:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:7B:02:BE:6F:E2:5E:D4:32:85:DE:D4:28:1C:AC:80:9F:8B:AF:D3
            X509v3 Authority Key Identifier:
                keyid:BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:1a:e8:95:f3:a1:e2:21:7d:0c:d9:96:42:72:14:4a:f6:78:
         dc:13:21:4a:05:0e:6e:e1:44:be:23:c9:3c:46:b7:20:19:dd:
         ce:07:12:51:2a:c1:85:02:b5:6b:ea:82:33:50:aa:05:e0:3a:
         00:df:89:b7:56:80:bb:6b:c7:8e:3f:a5:e0:1f:b6:d4:d6:fb:
         e1:92:17:af:b7:a6:aa:ff:df:b7:f4:24:d1:4d:27:eb:73:56:
         ce:73:90:ea:3f:87:fd:66:f1:0d:c0:34:25:e1:d5:0a:b1:28:
         50:27:ea:87:87:31:c9:92:1e:90:62:f4:80:3a:56:6b:31:86:
         6d:5c:5a:76:20:ef:f4:97:87:81:74:c1:68:8a:47:ff:26:f6:
         9b:42:81:77:79:cc:90:44:82:4b:4f:73:c2:27:15:be:10:81:
         a3:83:fe:7c:78:f3:e0:07:f8:e7:c3:71:14:91:c7:fc:e3:1f:
         c6:a7:e1:65:09:3c:d4:7e:cf:bf:7f:72:eb:22:9b:6f:45:b2:
         fe:00:b7:9a:d5:a0:ab:27:c7:26:6c:d3:64:a8:54:aa:03:6f:
         b2:c5:92:78:24:eb:80:f2:7f:e5:c2:55:94:f6:0a:53:0c:1e:
         00:c5:36:bc:c7:87:49:09:bc:3b:50:1a:71:58:5c:bb:24:2e:
         5b:3a:7d:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx1gMdMLGIBR5DxV2QzmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWM5MTAwYjMyZmNmNjJkNWRmZDgyMWNiZDA1NmFiNzNk
MmU0NTUwHhcNMjUwMjE2MjIwMDU0WhcNMjUwMjE3MjIwMDU0WjAzMTEwLwYDVQQD
Eyg0NTdiMDJiZTZmZTI1ZWQ0MzI4NWRlZDQyODFjYWM4MDlmOGJhZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQOiKnLBFjaVQv27Ksb5uzKt8U9d
fOi1yI11aaAg1Glvj+hR5e4TDHLXvstesPjPOVwAKk5xa6cSYhchhpp93N+9BcW4
1QxN/fowzXyi5W4Xg3jL6INaLOb+azrtZNK9bYj+2sTLsyKCENgz8EzutPr8dXjR
UvZXR6lcXD4jbXf4+R9vfI1SvQRMDUCpD2jMcTn2Mzi9vpjSQEUDQvTGHpRDC/qJ
YjLwXJda64gDPQ+XcdBEVo4PzgJ0Otw+RZ7vAgGWQKGNNVWCwpjASjzATtuglIe6
HByWrOPBRDo8GFHdyjdDsCMye0YJp9gBMYsrD2nlQXcJWrtQNsbFKmgf4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEV7Ar5v4l7UMoXe1CgcrICfi6/TMB8GA1UdIwQY
MBaAFLqckQCzL89i1d/YIcvQVqtz0uRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQt
OTJkMGQwMTEzOWY5LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQtOTJkMGQwMTEzOWY5
LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuRrolfOh
4iF9DNmWQnIUSvZ43BMhSgUObuFEviPJPEa3IBndzgcSUSrBhQK1a+qCM1CqBeA6
AN+Jt1aAu2vHjj+l4B+21Nb74ZIXr7emqv/ft/Qk0U0n63NWznOQ6j+H/WbxDcA0
JeHVCrEoUCfqh4cxyZIekGL0gDpWazGGbVxadiDv9JeHgXTBaIpH/yb2m0KBd3nM
kESCS09zwicVvhCBo4P+fHjz4Af458NxFJHH/OMfxqfhZQk81H7Pv39y6yKbb0Wy
/gC3mtWgqyfHJmzTZKhUqgNvssWSeCTrgPJ/5cJVlPYKUwweAMU2vMeHSQm8O1Aa
cVhcuyQuWzp92Q==
-----END CERTIFICATE-----