Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft
File:                     uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft (raw, json)
Hash identifier:          GbssYebCnfrJrO0pOYVTHL9ZmHMrt4NfOjkrW/Hy/98=
Subject key identifier:   A3:F0:AE:53:3A:62:4C:B6:EA:CA:B5:71:10:61:54:82:8A:B6:5A:34
Authority key identifier: B8:5E:0B:E6:B7:27:9C:DE:CF:78:BD:D6:41:05:F8:44:3D:0C:0C:02
Certificate issuer:       /CN=b85e0be6b7279cdecf78bdd64105f8443d0c0c02
Certificate serial:       0195903D91D1583C9A33EF56C822904BE375
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uF4L5rcnnN7PeL3WQQX4RD0MDAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft
Manifest number:          0EE9
Signing time:             Thu 13 Mar 2025 16:01:48 +0000
Manifest this update:     Thu 13 Mar 2025 16:01:48 +0000
Manifest next update:     Fri 14 Mar 2025 16:01:48 +0000
Files and hashes:         1: uF4L5rcnnN7PeL3WQQX4RD0MDAI.crl (hash: UGSYsRERfdjrhXZ+BEwl/qkHpsEa7sHqNZiUfoypaas=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uF4L5rcnnN7PeL3WQQX4RD0MDAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:3d:91:d1:58:3c:9a:33:ef:56:c8:22:90:4b:e3:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b85e0be6b7279cdecf78bdd64105f8443d0c0c02
        Validity
            Not Before: Mar 13 16:01:48 2025 GMT
            Not After : Mar 14 16:01:48 2025 GMT
        Subject: CN=a3f0ae533a624cb6eacab571106154828ab65a34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:39:8b:f2:ad:00:53:1c:8c:2e:d8:52:9b:ef:
                    52:68:91:9a:19:ca:3f:20:42:30:df:0e:88:b1:00:
                    eb:a1:d1:d8:b1:d8:54:f2:69:4d:66:41:f8:b6:ba:
                    25:0d:15:f7:ff:73:51:cd:fc:3f:c8:e8:be:35:3e:
                    a7:e5:d6:cf:72:e1:79:d7:d5:b0:df:d1:94:29:a5:
                    7f:8f:a4:1b:1d:86:fb:d0:15:0c:49:dc:fa:56:ca:
                    89:eb:f0:83:ae:ae:5f:dc:1f:bd:5a:1b:ad:90:f3:
                    21:72:5c:fc:99:1b:ee:70:19:0d:c8:20:23:1d:29:
                    3c:9d:18:f0:f0:a5:90:3b:85:33:5f:9a:e6:a1:09:
                    5a:8f:45:e7:97:da:05:f7:6a:2f:3b:81:34:d5:49:
                    e0:6c:16:31:6d:ac:f3:10:e3:9c:a5:45:c0:24:46:
                    d9:a0:12:2f:76:a4:d3:e0:bf:d8:4f:e1:8e:1c:ae:
                    32:c7:cc:f4:6d:84:7a:c9:0f:23:3f:03:a8:ba:6b:
                    d5:a6:5c:9d:76:50:3a:9c:ac:bb:32:e4:24:cc:75:
                    59:fc:bd:3a:56:a4:c3:31:ff:11:f8:f6:b5:0e:57:
                    24:b7:ce:27:52:63:64:7b:f3:f6:67:4f:af:33:2e:
                    38:43:f3:f8:ea:5a:47:14:b9:98:ee:98:cd:6b:82:
                    48:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:F0:AE:53:3A:62:4C:B6:EA:CA:B5:71:10:61:54:82:8A:B6:5A:34
            X509v3 Authority Key Identifier:
                keyid:B8:5E:0B:E6:B7:27:9C:DE:CF:78:BD:D6:41:05:F8:44:3D:0C:0C:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uF4L5rcnnN7PeL3WQQX4RD0MDAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:f7:e3:1a:db:83:1f:fd:ad:3d:22:de:c1:a7:7e:1a:2e:54:
         2d:26:9a:9e:db:2a:9c:b1:78:34:13:6f:31:a2:20:79:95:5e:
         f3:1f:76:40:7e:c6:6f:6c:d9:18:1f:8f:57:54:1d:9b:f6:5b:
         ed:ed:a8:24:72:32:37:93:31:53:ae:bc:35:2b:46:47:98:fe:
         c8:65:26:70:e8:81:6e:68:e8:e0:d9:e7:2e:9b:0f:7a:0e:98:
         41:b8:be:a8:d7:50:bb:07:cd:a3:3c:3e:4c:ef:9f:e4:40:a2:
         ab:47:8b:53:3f:73:98:da:9a:cd:52:db:93:87:ea:54:cd:3e:
         4b:cd:0a:b0:03:c2:a1:6b:52:64:65:21:8d:0c:e0:ce:c6:2e:
         da:be:59:66:62:25:9a:68:d6:ac:38:f5:1b:ee:2d:3d:14:43:
         68:73:06:7e:72:58:5b:28:d4:34:29:67:19:db:37:ea:e6:1d:
         2b:e5:3f:a4:a1:74:40:1c:96:c1:e2:3e:34:1c:fc:16:95:29:
         ca:34:da:4c:2e:cd:63:39:97:23:f4:e8:a3:66:23:77:50:50:
         c1:24:f7:5d:78:3a:1b:6e:96:b0:80:72:d9:81:ac:cd:5f:73:
         a0:ce:29:56:3e:04:ec:1b:3d:2a:fa:6a:c1:bc:ef:d7:2b:2e:
         6b:4a:94:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQPZHRWDyaM+9WyCKQS+N1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWUwYmU2YjcyNzljZGVjZjc4YmRkNjQxMDVmODQ0M2Qw
YzBjMDIwHhcNMjUwMzEzMTYwMTQ4WhcNMjUwMzE0MTYwMTQ4WjAzMTEwLwYDVQQD
EyhhM2YwYWU1MzNhNjI0Y2I2ZWFjYWI1NzExMDYxNTQ4MjhhYjY1YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujmL8q0AUxyMLthSm+9SaJGaGco/
IEIw3w6IsQDrodHYsdhU8mlNZkH4trolDRX3/3NRzfw/yOi+NT6n5dbPcuF519Ww
39GUKaV/j6QbHYb70BUMSdz6VsqJ6/CDrq5f3B+9WhutkPMhclz8mRvucBkNyCAj
HSk8nRjw8KWQO4UzX5rmoQlaj0Xnl9oF92ovO4E01UngbBYxbazzEOOcpUXAJEbZ
oBIvdqTT4L/YT+GOHK4yx8z0bYR6yQ8jPwOoumvVplyddlA6nKy7MuQkzHVZ/L06
VqTDMf8R+Pa1Dlckt84nUmNke/P2Z0+vMy44Q/P46lpHFLmY7pjNa4JIZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPwrlM6Yky26sq1cRBhVIKKtlo0MB8GA1UdIwQY
MBaAFLheC+a3J5zez3i91kEF+EQ9DAwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUY0TDVyY25uTjdQZUwzV1FRWDRSRDBNREFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC82ZTFmMzgtNjgwNy00ODY2LWE5ZWQt
NDNiZjFjNDNlYzBmLzEvdUY0TDVyY25uTjdQZUwzV1FRWDRSRDBNREFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC82ZTFmMzgtNjgwNy00ODY2LWE5ZWQtNDNiZjFjNDNlYzBm
LzEvdUY0TDVyY25uTjdQZUwzV1FRWDRSRDBNREFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFffjGtuD
H/2tPSLewad+Gi5ULSaantsqnLF4NBNvMaIgeZVe8x92QH7Gb2zZGB+PV1Qdm/Zb
7e2oJHIyN5MxU668NStGR5j+yGUmcOiBbmjo4NnnLpsPeg6YQbi+qNdQuwfNozw+
TO+f5ECiq0eLUz9zmNqazVLbk4fqVM0+S80KsAPCoWtSZGUhjQzgzsYu2r5ZZmIl
mmjWrDj1G+4tPRRDaHMGfnJYWyjUNClnGds36uYdK+U/pKF0QByWweI+NBz8FpUp
yjTaTC7NYzmXI/Too2Yjd1BQwST3XXg6G26WsIBy2YGszV9zoM4pVj4E7Bs9Kvpq
wbzv1ysua0qU8w==
-----END CERTIFICATE-----