Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
File:                     U9L19sohYsiL85oPnekm9CPlMQQ.mft (raw, json)
Hash identifier:          vrkBzn24JE8Hcy1rQRdpb+ZJhXVHuH0QyQ+Voov0tps=
Subject key identifier:   9C:A1:CA:E9:54:AD:29:9D:52:DA:1B:EE:A7:D7:ED:09:C1:E2:8F:C4
Authority key identifier: 53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04
Certificate issuer:       /CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
Certificate serial:       0197488C63645E9BCB0AB985EC49D2A58ACC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
Manifest number:          0EE3
Signing time:             Sat 07 Jun 2025 04:00:49 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:49 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:49 +0000
Files and hashes:         1: U9L19sohYsiL85oPnekm9CPlMQQ.crl (hash: MifT66p43GVDzhUjfua8hJJ7se64aGv0MA78FZCc7nA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:63:64:5e:9b:cb:0a:b9:85:ec:49:d2:a5:8a:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
        Validity
            Not Before: Jun  7 04:00:49 2025 GMT
            Not After : Jun  8 04:00:49 2025 GMT
        Subject: CN=9ca1cae954ad299d52da1beea7d7ed09c1e28fc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:11:98:40:73:56:a6:f6:bc:b3:2c:94:6f:18:
                    82:88:db:ef:c7:c7:5c:e3:08:bc:72:48:b7:51:d2:
                    d6:c4:cb:67:6f:ae:53:ea:be:37:6f:2c:5c:74:d2:
                    3f:75:36:f6:d9:25:22:78:ad:d5:07:cc:61:26:03:
                    41:e4:83:e2:a9:4a:4d:99:12:d4:00:a2:c1:68:80:
                    27:7e:bc:02:78:a0:e6:c7:47:ae:7c:34:64:1c:00:
                    54:0f:d4:8d:47:9b:65:29:4f:c3:79:23:ef:63:b4:
                    34:3e:a6:30:4a:3a:6c:a9:23:c6:e8:de:95:54:97:
                    04:8d:76:8c:4f:f6:4e:8e:24:d5:23:ce:5e:63:27:
                    a4:c3:ad:38:67:44:89:a0:01:59:06:81:a3:ef:3e:
                    0b:19:3c:a8:81:81:ce:86:2c:e0:03:c8:40:3e:ac:
                    66:cf:68:14:ed:59:1d:d5:5f:a7:49:a4:4c:9e:91:
                    a2:94:f7:18:88:fe:4c:59:41:0b:8a:45:62:47:a3:
                    a3:6b:49:4e:7f:56:b9:4a:1c:10:de:13:bf:da:1e:
                    09:06:b9:44:cd:0e:51:db:7a:35:0f:3a:29:8c:11:
                    bd:81:b7:a5:b0:4a:0f:73:51:69:04:92:3a:f6:d0:
                    bb:80:c4:cf:bb:b6:24:2d:05:c3:60:8b:76:e3:96:
                    71:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:A1:CA:E9:54:AD:29:9D:52:DA:1B:EE:A7:D7:ED:09:C1:E2:8F:C4
            X509v3 Authority Key Identifier:
                keyid:53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:70:d1:f7:ca:3f:01:5c:a3:e0:58:0b:3c:02:ad:dc:80:e6:
         26:50:96:a2:c5:e5:fe:5b:a3:66:47:1c:2b:97:1c:ea:c3:b3:
         81:49:04:4d:98:12:c1:73:22:f6:f7:2f:22:ab:d0:95:dc:42:
         2e:ca:2c:a8:05:45:b5:fb:43:84:f4:a7:dd:41:85:c6:99:9f:
         3b:c6:5f:62:7a:16:ee:3b:f0:06:e2:2b:2f:e6:8c:20:89:5d:
         ac:80:32:f3:4a:fe:13:65:5b:ce:0b:c1:58:97:20:22:c0:24:
         5f:66:29:a7:6d:ca:46:28:2a:09:fe:05:33:9b:e0:f6:12:fc:
         79:66:8b:a7:7b:66:3f:14:c0:15:1d:3f:da:74:12:29:01:64:
         41:6f:c1:ac:e9:ee:43:76:f0:89:bc:72:2d:7f:39:70:84:a5:
         5a:42:ba:5e:4e:cf:bc:8b:88:53:6d:3c:58:de:b2:0d:c0:f9:
         96:d6:29:35:d4:67:b5:fa:03:87:5a:16:cc:91:a6:31:e5:8c:
         93:d7:40:6e:f2:d2:85:1b:f4:98:ca:4a:00:de:9c:4e:fe:9a:
         74:70:94:94:7a:87:ec:95:7d:a8:a2:eb:dd:f4:cb:60:98:f5:
         af:e3:ef:88:dc:a0:fc:2a:60:d5:e0:97:fb:fd:ef:4b:d1:f7:
         67:68:65:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjGNkXpvLCrmF7EnSpYrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDJmNWY2Y2EyMTYyYzg4YmYzOWEwZjlkZTkyNmY0MjNl
NTMxMDQwHhcNMjUwNjA3MDQwMDQ5WhcNMjUwNjA4MDQwMDQ5WjAzMTEwLwYDVQQD
Eyg5Y2ExY2FlOTU0YWQyOTlkNTJkYTFiZWVhN2Q3ZWQwOWMxZTI4ZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBGYQHNWpva8syyUbxiCiNvvx8dc
4wi8cki3UdLWxMtnb65T6r43byxcdNI/dTb22SUieK3VB8xhJgNB5IPiqUpNmRLU
AKLBaIAnfrwCeKDmx0eufDRkHABUD9SNR5tlKU/DeSPvY7Q0PqYwSjpsqSPG6N6V
VJcEjXaMT/ZOjiTVI85eYyekw604Z0SJoAFZBoGj7z4LGTyogYHOhizgA8hAPqxm
z2gU7Vkd1V+nSaRMnpGilPcYiP5MWUELikViR6Oja0lOf1a5ShwQ3hO/2h4JBrlE
zQ5R23o1DzopjBG9gbelsEoPc1FpBJI69tC7gMTPu7YkLQXDYIt245Zx/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyhyulUrSmdUtob7qfX7QnB4o/EMB8GA1UdIwQY
MBaAFFPS9fbKIWLIi/OaD53pJvQj5TEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYt
YTZmY2FkMTlhZWYyLzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYtYTZmY2FkMTlhZWYy
LzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoHDR98o/
AVyj4FgLPAKt3IDmJlCWosXl/lujZkccK5cc6sOzgUkETZgSwXMi9vcvIqvQldxC
LsosqAVFtftDhPSn3UGFxpmfO8ZfYnoW7jvwBuIrL+aMIIldrIAy80r+E2VbzgvB
WJcgIsAkX2Ypp23KRigqCf4FM5vg9hL8eWaLp3tmPxTAFR0/2nQSKQFkQW/BrOnu
Q3bwibxyLX85cISlWkK6Xk7PvIuIU208WN6yDcD5ltYpNdRntfoDh1oWzJGmMeWM
k9dAbvLShRv0mMpKAN6cTv6adHCUlHqH7JV9qKLr3fTLYJj1r+PviNyg/Cpg1eCX
+/3vS9H3Z2hlrw==
-----END CERTIFICATE-----