Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
File:                     upyRALMvz2LV39ghy9BWq3PS5FU.mft (raw, json)
Hash identifier:          iEMbNL0t67HwKgsDquwt4wZlssieX8uzGZ4u1jToFo4=
Subject key identifier:   5B:00:5E:2C:84:E8:B9:0C:A3:47:D3:29:F9:C0:C3:31:CD:AF:59:89
Authority key identifier: BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55
Certificate issuer:       /CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
Certificate serial:       01964D7EB8534B7587F544B4185F657CFD1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
Manifest number:          0A6A
Signing time:             Sat 19 Apr 2025 10:01:12 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:12 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:12 +0000
Files and hashes:         1: upyRALMvz2LV39ghy9BWq3PS5FU.crl (hash: qEbfQgg7UYYgEHn9qKl68rOTSq7vvuGIZbIOlUbC7YA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:b8:53:4b:75:87:f5:44:b4:18:5f:65:7c:fd:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9c9100b32fcf62d5dfd821cbd056ab73d2e455
        Validity
            Not Before: Apr 19 10:01:12 2025 GMT
            Not After : Apr 20 10:01:12 2025 GMT
        Subject: CN=5b005e2c84e8b90ca347d329f9c0c331cdaf5989
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:2b:70:ba:0e:fc:c1:ee:55:69:8e:c3:c8:a1:
                    3f:3c:5a:38:81:57:b0:d0:6b:15:c2:ed:05:68:63:
                    77:e4:22:d5:e7:be:74:c9:9a:80:24:58:85:b3:94:
                    a3:24:a0:4b:cc:22:8a:56:d5:5e:97:20:ef:6d:ac:
                    fe:b4:71:74:ae:b7:81:ef:ed:f5:99:0e:67:ff:57:
                    ef:47:34:eb:94:30:16:51:b3:99:d5:44:a4:32:d3:
                    79:5e:5c:f9:a3:a0:2b:fe:37:11:b1:72:80:8c:4a:
                    85:81:cc:8c:05:46:8a:c2:f7:41:c6:f3:c0:33:53:
                    32:15:a0:cd:7b:be:59:7c:6b:06:f1:a8:06:c0:86:
                    8f:eb:33:64:db:f6:57:af:24:d8:48:4e:4e:d9:37:
                    e4:64:9e:1b:b8:d5:48:92:4d:bb:e2:b5:67:f4:3e:
                    ce:47:5e:cf:9a:19:66:df:9a:93:3b:a4:97:c8:44:
                    5f:42:ec:78:75:3c:b3:7f:7c:e1:99:84:26:f4:16:
                    c8:ae:16:ae:c6:3e:00:8c:b0:bf:99:be:03:73:4a:
                    eb:9f:4a:ac:b1:d7:f6:15:27:ee:a3:ea:e3:39:09:
                    19:ed:59:9d:d2:f2:8a:fe:27:8b:8b:5a:9c:45:b8:
                    a0:ab:46:d2:0f:d9:3b:5c:19:13:e5:5a:35:be:0d:
                    02:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:00:5E:2C:84:E8:B9:0C:A3:47:D3:29:F9:C0:C3:31:CD:AF:59:89
            X509v3 Authority Key Identifier:
                keyid:BA:9C:91:00:B3:2F:CF:62:D5:DF:D8:21:CB:D0:56:AB:73:D2:E4:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upyRALMvz2LV39ghy9BWq3PS5FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c1ff5-22db-4988-ad94-92d0d01139f9/1/upyRALMvz2LV39ghy9BWq3PS5FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:d3:54:83:84:73:f6:51:18:3d:ce:32:f3:39:30:c6:88:f4:
         91:d7:9c:08:54:5d:73:6f:e2:57:da:d8:df:e7:03:2c:86:c1:
         d0:5e:48:15:3d:48:1d:27:93:8d:d1:9d:a4:4a:3a:53:98:84:
         04:4c:46:82:bf:5c:0c:41:c8:a8:5f:bc:32:cb:72:3f:7c:cc:
         6f:72:d8:49:b7:26:08:ef:4a:f0:25:c2:fa:78:78:c3:07:2e:
         3d:01:7c:fc:0e:b7:6d:0d:1c:bc:e1:e2:2e:ae:69:9e:80:a1:
         53:80:22:02:6b:0a:9f:c1:7b:85:69:b3:a0:92:d6:62:33:d7:
         4a:f3:c8:c3:09:94:0d:6d:8c:41:84:0c:4c:7d:ee:40:78:1e:
         48:51:30:c8:11:1b:f0:f0:70:3a:50:44:b3:a1:6a:02:d2:47:
         14:4d:c1:76:8a:3b:ad:e9:c8:9f:5a:dc:57:c3:7d:65:60:87:
         a5:1b:9a:b7:0b:11:a0:5a:1c:57:92:55:af:38:d8:45:72:1b:
         a6:6f:7f:0f:e3:9d:9a:77:a3:e8:2e:42:41:00:77:9a:52:1f:
         4d:39:f8:b6:50:b1:cb:53:97:8c:79:dc:cd:75:dd:f0:13:58:
         b4:b8:81:e0:29:36:e5:21:b3:e6:37:01:55:7e:82:22:70:ab:
         9d:aa:75:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfrhTS3WH9US0GF9lfP0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWM5MTAwYjMyZmNmNjJkNWRmZDgyMWNiZDA1NmFiNzNk
MmU0NTUwHhcNMjUwNDE5MTAwMTEyWhcNMjUwNDIwMTAwMTEyWjAzMTEwLwYDVQQD
Eyg1YjAwNWUyYzg0ZThiOTBjYTM0N2QzMjlmOWMwYzMzMWNkYWY1OTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCtwug78we5VaY7DyKE/PFo4gVew
0GsVwu0FaGN35CLV5750yZqAJFiFs5SjJKBLzCKKVtVelyDvbaz+tHF0rreB7+31
mQ5n/1fvRzTrlDAWUbOZ1USkMtN5Xlz5o6Ar/jcRsXKAjEqFgcyMBUaKwvdBxvPA
M1MyFaDNe75ZfGsG8agGwIaP6zNk2/ZXryTYSE5O2TfkZJ4buNVIkk274rVn9D7O
R17Pmhlm35qTO6SXyERfQux4dTyzf3zhmYQm9BbIrhauxj4AjLC/mb4Dc0rrn0qs
sdf2FSfuo+rjOQkZ7Vmd0vKK/ieLi1qcRbigq0bSD9k7XBkT5Vo1vg0CIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsAXiyE6LkMo0fTKfnAwzHNr1mJMB8GA1UdIwQY
MBaAFLqckQCzL89i1d/YIcvQVqtz0uRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQt
OTJkMGQwMTEzOWY5LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83YzFmZjUtMjJkYi00OTg4LWFkOTQtOTJkMGQwMTEzOWY5
LzEvdXB5UkFMTXZ6MkxWMzlnaHk5QldxM1BTNUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM9NUg4Rz
9lEYPc4y8zkwxoj0kdecCFRdc2/iV9rY3+cDLIbB0F5IFT1IHSeTjdGdpEo6U5iE
BExGgr9cDEHIqF+8MstyP3zMb3LYSbcmCO9K8CXC+nh4wwcuPQF8/A63bQ0cvOHi
Lq5pnoChU4AiAmsKn8F7hWmzoJLWYjPXSvPIwwmUDW2MQYQMTH3uQHgeSFEwyBEb
8PBwOlBEs6FqAtJHFE3Bdoo7renIn1rcV8N9ZWCHpRuatwsRoFocV5JVrzjYRXIb
pm9/D+Odmnej6C5CQQB3mlIfTTn4tlCxy1OXjHnczXXd8BNYtLiB4Ck25SGz5jcB
VX6CInCrnap1uQ==
-----END CERTIFICATE-----