Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
File:                     uaY9guJ4W32wBSjcVacGncUQpC8.mft (raw, json)
Hash identifier:          Z061prx93KqKO0je4GdDI4cubZUtUog/vvLSxP4jEdc=
Subject key identifier:   C4:B8:99:20:0A:4E:FF:CB:DC:D6:89:31:33:BC:87:7A:A2:76:A5:DA
Authority key identifier: B9:A6:3D:82:E2:78:5B:7D:B0:05:28:DC:55:A7:06:9D:C5:10:A4:2F
Certificate issuer:       /CN=b9a63d82e2785b7db00528dc55a7069dc510a42f
Certificate serial:       0197500ED6FC9133801D17EEE86022DA2763
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
Manifest number:          0431
Signing time:             Sun 08 Jun 2025 15:00:39 +0000
Manifest this update:     Sun 08 Jun 2025 15:00:39 +0000
Manifest next update:     Mon 09 Jun 2025 15:00:39 +0000
Files and hashes:         1: uaY9guJ4W32wBSjcVacGncUQpC8.crl (hash: QZWn7DPt7CjCfG4660UQGSv7SGtqZ2niCiOYaIhlKYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:0e:d6:fc:91:33:80:1d:17:ee:e8:60:22:da:27:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9a63d82e2785b7db00528dc55a7069dc510a42f
        Validity
            Not Before: Jun  8 15:00:39 2025 GMT
            Not After : Jun  9 15:00:39 2025 GMT
        Subject: CN=c4b899200a4effcbdcd6893133bc877aa276a5da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7c:39:e3:66:ce:e3:07:4a:e9:c4:e1:bc:b4:
                    8a:19:89:9d:d8:94:85:b9:6a:d3:58:38:03:00:89:
                    d7:ad:f3:d1:ba:b4:0f:bf:af:6e:3d:bc:0e:9f:28:
                    3d:ed:59:17:57:d5:c3:4a:13:ff:a9:a2:85:41:5e:
                    d2:ba:a5:b1:a2:d6:00:9f:97:a0:8e:69:03:10:a2:
                    8f:1b:35:f2:9d:d4:d0:2e:30:1f:bd:7f:b7:7e:57:
                    39:71:e4:e7:ba:91:a5:9e:e2:6c:f0:ee:3f:f7:51:
                    06:da:e6:32:0a:5b:8c:7c:34:8d:6b:74:a4:60:7d:
                    c5:cc:38:2d:65:e9:85:51:0b:7a:7e:c4:78:11:ca:
                    d1:90:b7:bc:b9:41:b7:a9:1f:2c:83:f1:85:b5:c7:
                    62:76:bd:12:d1:f9:60:b8:b4:a1:91:82:bd:e9:bf:
                    6b:d9:0c:2f:25:15:68:42:4b:da:cf:32:ac:c8:0c:
                    5f:b9:35:95:eb:46:61:0a:66:e1:3a:a8:72:6f:26:
                    b7:60:2e:07:9e:2f:52:6b:9e:34:f7:4d:2f:de:91:
                    02:6b:ab:62:ae:f9:95:ff:be:d3:7b:74:d0:b6:ca:
                    ff:0f:04:f3:b8:0b:81:8f:ab:9c:f6:f7:cf:df:f0:
                    9f:78:1a:9b:68:59:a9:df:83:0e:29:42:df:4a:72:
                    fa:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:B8:99:20:0A:4E:FF:CB:DC:D6:89:31:33:BC:87:7A:A2:76:A5:DA
            X509v3 Authority Key Identifier:
                keyid:B9:A6:3D:82:E2:78:5B:7D:B0:05:28:DC:55:A7:06:9D:C5:10:A4:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:d4:17:42:b8:4d:4a:60:c5:66:2c:1b:b6:46:1c:0e:00:ec:
         2c:b6:d6:61:8e:c9:c1:80:bf:85:96:61:7c:15:f6:41:38:cf:
         e8:c3:98:48:8c:70:0a:18:c2:11:b3:e0:dd:ca:9a:ac:dd:4a:
         5f:9f:83:c1:3a:cb:47:dc:96:a3:f0:11:14:58:ad:24:b2:8f:
         a3:ad:56:c2:96:af:6f:18:f9:2d:27:0d:91:93:38:1a:32:88:
         0c:f0:72:17:63:b2:36:5b:b9:21:d1:89:23:2e:80:0c:3f:88:
         31:0c:24:11:6f:df:7a:da:ed:01:d7:ed:c4:e1:53:c7:a7:c0:
         32:81:56:cd:2b:13:81:86:54:3c:0e:4b:bc:b9:11:52:8b:da:
         d9:6e:e4:c8:0d:6f:1d:3e:d9:e9:2c:c1:1f:31:c7:67:f4:94:
         87:68:7a:2d:b5:94:70:fd:99:c2:bd:ef:28:2b:f7:6c:7f:7d:
         ef:7f:d5:b8:19:26:22:03:4a:4c:40:af:84:17:8f:b5:29:e8:
         bb:69:dd:93:d4:3f:73:c1:42:0b:e9:4b:18:19:f8:72:f3:e0:
         57:24:ae:a9:34:b2:83:09:ac:ab:5a:2d:56:f9:91:2c:7e:87:
         1b:21:f8:70:9c:a2:85:41:f6:0a:c0:e7:b4:a8:7a:c0:2b:5c:
         c5:46:1e:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQDtb8kTOAHRfu6GAi2idjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YTYzZDgyZTI3ODViN2RiMDA1MjhkYzU1YTcwNjlkYzUx
MGE0MmYwHhcNMjUwNjA4MTUwMDM5WhcNMjUwNjA5MTUwMDM5WjAzMTEwLwYDVQQD
EyhjNGI4OTkyMDBhNGVmZmNiZGNkNjg5MzEzM2JjODc3YWEyNzZhNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3w542bO4wdK6cThvLSKGYmd2JSF
uWrTWDgDAInXrfPRurQPv69uPbwOnyg97VkXV9XDShP/qaKFQV7SuqWxotYAn5eg
jmkDEKKPGzXyndTQLjAfvX+3flc5ceTnupGlnuJs8O4/91EG2uYyCluMfDSNa3Sk
YH3FzDgtZemFUQt6fsR4EcrRkLe8uUG3qR8sg/GFtcdidr0S0flguLShkYK96b9r
2QwvJRVoQkvazzKsyAxfuTWV60ZhCmbhOqhybya3YC4Hni9Sa540900v3pECa6ti
rvmV/77Te3TQtsr/DwTzuAuBj6uc9vfP3/CfeBqbaFmp34MOKULfSnL64wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMS4mSAKTv/L3NaJMTO8h3qidqXaMB8GA1UdIwQY
MBaAFLmmPYLieFt9sAUo3FWnBp3FEKQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC84YTA2ZjQtOTg2ZS00NjY5LWJkZjkt
OGVlMmY5ZGNiMWVkLzEvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC84YTA2ZjQtOTg2ZS00NjY5LWJkZjktOGVlMmY5ZGNiMWVk
LzEvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADtQXQrhN
SmDFZiwbtkYcDgDsLLbWYY7JwYC/hZZhfBX2QTjP6MOYSIxwChjCEbPg3cqarN1K
X5+DwTrLR9yWo/ARFFitJLKPo61Wwpavbxj5LScNkZM4GjKIDPByF2OyNlu5IdGJ
Iy6ADD+IMQwkEW/fetrtAdftxOFTx6fAMoFWzSsTgYZUPA5LvLkRUova2W7kyA1v
HT7Z6SzBHzHHZ/SUh2h6LbWUcP2Zwr3vKCv3bH9973/VuBkmIgNKTECvhBePtSno
u2ndk9Q/c8FCC+lLGBn4cvPgVySuqTSygwmsq1otVvmRLH6HGyH4cJyihUH2CsDn
tKh6wCtcxUYewg==
-----END CERTIFICATE-----