Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
File:                     U9L19sohYsiL85oPnekm9CPlMQQ.mft (raw, json)
Hash identifier:          uLu0LqFPv7ndssM/VN8OvATqK4Om3OG39rsuuDzTmRA=
Subject key identifier:   36:E7:F9:7D:55:89:22:7A:6B:F7:FC:E3:E8:29:09:69:02:A3:83:B7
Authority key identifier: 53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04
Certificate issuer:       /CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
Certificate serial:       0196553764D8A7BE68E195748B650006C89D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
Manifest number:          0E65
Signing time:             Sun 20 Apr 2025 22:00:15 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:15 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:15 +0000
Files and hashes:         1: U9L19sohYsiL85oPnekm9CPlMQQ.crl (hash: WVdQ2Ong26Euo6QnrimBqbnFToIYBwTru3bmGRZx1+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:64:d8:a7:be:68:e1:95:74:8b:65:00:06:c8:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
        Validity
            Not Before: Apr 20 22:00:15 2025 GMT
            Not After : Apr 21 22:00:15 2025 GMT
        Subject: CN=36e7f97d5589227a6bf7fce3e829096902a383b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:12:fc:60:0c:7b:ca:1b:8f:3e:86:c6:06:ab:
                    5c:09:01:f0:aa:a0:f7:c1:d2:c4:84:5f:82:05:72:
                    3a:4f:b4:e9:71:4e:6f:51:fe:91:e2:76:93:44:29:
                    1d:68:39:e1:2a:a4:68:17:39:48:b4:69:1f:68:12:
                    bc:99:7c:24:81:00:59:fc:20:cc:d9:05:9d:10:ff:
                    79:c3:30:1d:32:65:11:88:a9:cb:70:3b:c6:8e:c6:
                    b0:40:1e:a1:21:37:b7:a7:1f:71:6e:5d:54:02:05:
                    8f:6e:8b:83:0b:94:34:b8:44:b6:1c:87:ff:88:59:
                    24:e1:04:ff:d0:15:f4:d7:5d:cc:82:bc:73:c6:a0:
                    8d:81:e7:7e:38:90:2a:72:30:46:6d:1a:b8:cf:4d:
                    0e:ea:81:3c:1e:6c:27:96:53:3d:e7:a3:b0:d4:3d:
                    b0:3b:6b:0c:f5:12:f4:11:be:5b:88:83:79:ed:94:
                    6a:16:48:4e:d0:a4:87:e2:42:83:98:0f:c7:12:9a:
                    08:4e:76:57:48:19:6b:f3:17:cd:40:1c:85:15:a3:
                    a7:14:b4:13:14:84:a4:f6:03:5f:2c:b5:a0:d3:a0:
                    d9:f5:73:56:d1:43:16:65:a2:f9:1b:0d:20:45:81:
                    e0:89:87:02:78:1f:3e:ca:6a:a8:80:df:a4:2b:56:
                    c9:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:E7:F9:7D:55:89:22:7A:6B:F7:FC:E3:E8:29:09:69:02:A3:83:B7
            X509v3 Authority Key Identifier:
                keyid:53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:c3:c4:d4:c2:f7:ac:2d:4e:2d:7a:84:81:ed:ba:f8:bf:b6:
         9b:8e:2f:60:ba:d6:c1:3b:00:88:a4:50:8e:c5:6c:b4:3e:2e:
         30:a6:d5:eb:53:e4:13:46:c1:fc:17:63:10:67:5f:d6:24:a0:
         d8:d2:cc:87:30:b5:6b:bc:db:bb:29:40:21:c4:97:4b:fb:c3:
         77:ad:f9:35:59:95:be:2f:9e:c1:9a:a6:d4:82:95:53:5f:00:
         d6:70:96:bc:6d:6a:ee:46:e1:6e:c3:71:ff:2a:8c:c1:4a:a2:
         67:33:87:30:bb:24:4a:0c:92:f2:ee:11:5d:c9:17:86:f8:dc:
         0d:eb:c4:9e:fb:75:85:36:d3:fe:94:60:cd:bb:0a:34:0b:27:
         83:cf:46:18:d0:bd:01:44:a1:0b:d9:bb:4c:93:8b:fd:e8:a8:
         ac:20:4c:ab:df:c8:c4:fd:7a:82:e2:e4:b6:59:d3:a7:c5:44:
         32:f5:3a:2f:c0:9f:ed:6b:0c:79:c8:10:54:c9:6a:81:ab:3f:
         e2:9a:0c:50:df:e6:64:b0:98:ac:a2:57:57:04:aa:a4:0a:72:
         54:51:4f:b2:58:54:5e:7d:fe:90:a6:b8:26:79:67:91:4b:98:
         18:67:16:a3:35:00:43:71:e5:ca:6a:40:21:b7:79:fd:09:87:
         b7:31:61:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN2TYp75o4ZV0i2UABsidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDJmNWY2Y2EyMTYyYzg4YmYzOWEwZjlkZTkyNmY0MjNl
NTMxMDQwHhcNMjUwNDIwMjIwMDE1WhcNMjUwNDIxMjIwMDE1WjAzMTEwLwYDVQQD
EygzNmU3Zjk3ZDU1ODkyMjdhNmJmN2ZjZTNlODI5MDk2OTAyYTM4M2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxL8YAx7yhuPPobGBqtcCQHwqqD3
wdLEhF+CBXI6T7TpcU5vUf6R4naTRCkdaDnhKqRoFzlItGkfaBK8mXwkgQBZ/CDM
2QWdEP95wzAdMmURiKnLcDvGjsawQB6hITe3px9xbl1UAgWPbouDC5Q0uES2HIf/
iFkk4QT/0BX0113MgrxzxqCNged+OJAqcjBGbRq4z00O6oE8HmwnllM956Ow1D2w
O2sM9RL0Eb5biIN57ZRqFkhO0KSH4kKDmA/HEpoITnZXSBlr8xfNQByFFaOnFLQT
FISk9gNfLLWg06DZ9XNW0UMWZaL5Gw0gRYHgiYcCeB8+ymqogN+kK1bJ+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbn+X1ViSJ6a/f84+gpCWkCo4O3MB8GA1UdIwQY
MBaAFFPS9fbKIWLIi/OaD53pJvQj5TEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYt
YTZmY2FkMTlhZWYyLzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYtYTZmY2FkMTlhZWYy
LzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhcPE1ML3
rC1OLXqEge26+L+2m44vYLrWwTsAiKRQjsVstD4uMKbV61PkE0bB/BdjEGdf1iSg
2NLMhzC1a7zbuylAIcSXS/vDd635NVmVvi+ewZqm1IKVU18A1nCWvG1q7kbhbsNx
/yqMwUqiZzOHMLskSgyS8u4RXckXhvjcDevEnvt1hTbT/pRgzbsKNAsng89GGNC9
AUShC9m7TJOL/eiorCBMq9/IxP16guLktlnTp8VEMvU6L8Cf7WsMecgQVMlqgas/
4poMUN/mZLCYrKJXVwSqpApyVFFPslhUXn3+kKa4JnlnkUuYGGcWozUAQ3HlympA
Ibd5/QmHtzFhNw==
-----END CERTIFICATE-----