Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
File:                     uaY9guJ4W32wBSjcVacGncUQpC8.mft (raw, json)
Hash identifier:          11Iz/vvdtSI4cfFJkw37H3NjKht2nki9/ZS+Jr2oabA=
Subject key identifier:   62:36:82:D0:13:3B:4E:C8:8F:53:5A:AF:6C:18:69:94:12:5A:75:42
Authority key identifier: B9:A6:3D:82:E2:78:5B:7D:B0:05:28:DC:55:A7:06:9D:C5:10:A4:2F
Certificate issuer:       /CN=b9a63d82e2785b7db00528dc55a7069dc510a42f
Certificate serial:       01965500CB36B22FE905EE55C78AC4C435D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
Manifest number:          03AF
Signing time:             Sun 20 Apr 2025 21:00:37 +0000
Manifest this update:     Sun 20 Apr 2025 21:00:37 +0000
Manifest next update:     Mon 21 Apr 2025 21:00:37 +0000
Files and hashes:         1: uaY9guJ4W32wBSjcVacGncUQpC8.crl (hash: WLmrZa+WxZB2H14XWA7Vmfvh5ChBYYj5f2zOBi/tBGE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:00:cb:36:b2:2f:e9:05:ee:55:c7:8a:c4:c4:35:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9a63d82e2785b7db00528dc55a7069dc510a42f
        Validity
            Not Before: Apr 20 21:00:37 2025 GMT
            Not After : Apr 21 21:00:37 2025 GMT
        Subject: CN=623682d0133b4ec88f535aaf6c186994125a7542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2d:67:28:20:aa:6b:5a:8e:33:54:47:d9:81:
                    e3:d1:ea:d7:e5:3f:fb:d1:03:84:f8:29:ed:c8:96:
                    10:e8:10:af:ed:86:d8:b3:eb:9b:e5:b1:fc:ff:1b:
                    6e:c9:91:49:20:3c:54:ab:0c:00:a1:e1:b7:79:fa:
                    22:c1:bc:87:1c:8a:1d:68:bb:75:54:98:f6:c1:c5:
                    38:24:f2:54:47:db:b5:02:e5:6c:9f:26:ce:d0:e9:
                    d1:58:32:ad:f0:20:db:7a:79:ba:9f:ff:4f:6f:57:
                    f8:19:62:aa:95:8a:3e:f1:f1:c5:4d:e3:81:fa:6a:
                    9f:72:55:64:58:ce:a7:81:4b:75:13:88:65:8a:f0:
                    97:82:4c:2b:6c:21:ae:e3:ab:76:be:79:d0:18:1c:
                    db:40:77:b7:be:ce:c8:88:52:5c:32:57:d9:f0:b4:
                    f0:ed:ad:c3:51:45:69:4f:3e:f5:17:7c:94:af:b8:
                    3f:1a:54:95:03:55:97:80:29:1f:1e:03:a4:37:91:
                    2a:4e:40:90:10:38:66:f8:1c:69:fb:cf:b7:94:fc:
                    e9:d9:9e:bf:9e:45:c7:ca:97:92:d1:82:cd:d5:c2:
                    87:35:b0:28:f6:d9:96:64:56:69:b8:d2:1e:b0:82:
                    08:8d:a7:e8:e0:7a:7a:2b:0d:fb:27:6e:eb:53:b7:
                    40:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:36:82:D0:13:3B:4E:C8:8F:53:5A:AF:6C:18:69:94:12:5A:75:42
            X509v3 Authority Key Identifier:
                keyid:B9:A6:3D:82:E2:78:5B:7D:B0:05:28:DC:55:A7:06:9D:C5:10:A4:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:01:66:1b:1c:45:73:6e:55:85:9d:cd:4e:20:21:72:7a:4a:
         78:ed:41:00:cc:26:9c:7f:73:30:b1:fa:9f:da:52:f6:9c:49:
         5d:28:d3:12:a5:a4:61:91:75:87:ab:c8:88:fe:9e:02:a3:bf:
         54:79:dd:b6:49:05:96:c0:07:71:37:7a:fa:c9:63:58:c0:0e:
         fb:79:56:4d:46:4f:3d:e3:ca:f1:ac:d1:a3:e8:66:f1:c5:50:
         e8:d7:7b:2c:6d:c6:85:8a:30:3f:7b:10:4e:1c:82:91:94:c9:
         e4:d4:0c:3c:b0:b6:a8:df:df:87:83:84:64:49:d0:e7:b5:0f:
         fa:0b:0f:1f:8f:ac:24:1e:de:f7:74:5d:e3:88:4b:c8:be:c2:
         9a:10:df:2e:4b:b9:c2:f8:8a:e3:12:cc:17:b6:72:0b:7e:a4:
         81:00:cb:1a:9f:72:aa:76:3e:67:1f:73:ce:c5:cf:13:ba:c2:
         13:a4:48:13:6c:95:97:9e:ea:ff:e8:37:bb:98:28:f1:9b:dd:
         b2:2a:71:27:d6:2a:d7:77:08:96:08:52:82:2b:56:bd:a6:f0:
         f1:7e:d5:87:b8:c2:8a:c0:f8:7d:35:5e:91:66:c5:56:02:85:
         84:8b:7b:42:6b:ef:c6:29:79:0b:c9:a4:1c:41:3e:95:f8:ac:
         95:28:8a:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVAMs2si/pBe5Vx4rExDXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YTYzZDgyZTI3ODViN2RiMDA1MjhkYzU1YTcwNjlkYzUx
MGE0MmYwHhcNMjUwNDIwMjEwMDM3WhcNMjUwNDIxMjEwMDM3WjAzMTEwLwYDVQQD
Eyg2MjM2ODJkMDEzM2I0ZWM4OGY1MzVhYWY2YzE4Njk5NDEyNWE3NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS1nKCCqa1qOM1RH2YHj0erX5T/7
0QOE+CntyJYQ6BCv7YbYs+ub5bH8/xtuyZFJIDxUqwwAoeG3efoiwbyHHIodaLt1
VJj2wcU4JPJUR9u1AuVsnybO0OnRWDKt8CDbenm6n/9Pb1f4GWKqlYo+8fHFTeOB
+mqfclVkWM6ngUt1E4hlivCXgkwrbCGu46t2vnnQGBzbQHe3vs7IiFJcMlfZ8LTw
7a3DUUVpTz71F3yUr7g/GlSVA1WXgCkfHgOkN5EqTkCQEDhm+Bxp+8+3lPzp2Z6/
nkXHypeS0YLN1cKHNbAo9tmWZFZpuNIesIIIjafo4Hp6Kw37J27rU7dAEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGI2gtATO07Ij1Nar2wYaZQSWnVCMB8GA1UdIwQY
MBaAFLmmPYLieFt9sAUo3FWnBp3FEKQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC84YTA2ZjQtOTg2ZS00NjY5LWJkZjkt
OGVlMmY5ZGNiMWVkLzEvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC84YTA2ZjQtOTg2ZS00NjY5LWJkZjktOGVlMmY5ZGNiMWVk
LzEvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwFmGxxF
c25VhZ3NTiAhcnpKeO1BAMwmnH9zMLH6n9pS9pxJXSjTEqWkYZF1h6vIiP6eAqO/
VHndtkkFlsAHcTd6+sljWMAO+3lWTUZPPePK8azRo+hm8cVQ6Nd7LG3GhYowP3sQ
ThyCkZTJ5NQMPLC2qN/fh4OEZEnQ57UP+gsPH4+sJB7e93Rd44hLyL7CmhDfLku5
wviK4xLMF7ZyC36kgQDLGp9yqnY+Zx9zzsXPE7rCE6RIE2yVl57q/+g3u5go8Zvd
sipxJ9Yq13cIlghSgitWvabw8X7Vh7jCisD4fTVekWbFVgKFhIt7Qmvvxil5C8mk
HEE+lfislSiKcw==
-----END CERTIFICATE-----