Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.mft
File:                     ulnZ9a887kQgFLc1lhxzuWkmDhk.mft (raw, json)
Hash identifier:          +0SC9+9pWgn8xccmVNTSxQjm+dLUQ4o32IBSduvmy80=
Subject key identifier:   81:76:F9:A6:41:01:7F:99:C9:BB:5A:A9:76:1E:24:71:32:82:05:5E
Authority key identifier: BA:59:D9:F5:AF:3C:EE:44:20:14:B7:35:96:1C:73:B9:69:26:0E:19
Certificate issuer:       /CN=ba59d9f5af3cee442014b735961c73b969260e19
Certificate serial:       019611A0DA2BA067304E8C779AF186582B2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulnZ9a887kQgFLc1lhxzuWkmDhk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.mft
Manifest number:          14D6
Signing time:             Mon 07 Apr 2025 19:01:16 +0000
Manifest this update:     Mon 07 Apr 2025 19:01:16 +0000
Manifest next update:     Tue 08 Apr 2025 19:01:16 +0000
Files and hashes:         1: ulnZ9a887kQgFLc1lhxzuWkmDhk.crl (hash: MiJgiTFFB6DLc9M/l2n0+Dn3RH24JV9JxxhrEe2+fSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulnZ9a887kQgFLc1lhxzuWkmDhk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:a0:da:2b:a0:67:30:4e:8c:77:9a:f1:86:58:2b:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba59d9f5af3cee442014b735961c73b969260e19
        Validity
            Not Before: Apr  7 19:01:16 2025 GMT
            Not After : Apr  8 19:01:16 2025 GMT
        Subject: CN=8176f9a641017f99c9bb5aa9761e24713282055e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:b5:43:8e:0b:59:ef:f3:c1:52:99:37:0e:27:
                    25:d6:da:27:4b:12:96:88:6e:57:71:39:3e:d0:8e:
                    cf:3c:bc:5e:f5:de:93:19:d8:e6:a6:6b:a7:b9:b0:
                    50:df:5f:9f:af:ee:af:ab:fd:98:ae:c2:a7:42:e5:
                    b9:15:ce:c7:42:53:3b:39:8e:d3:09:6b:a3:e2:07:
                    3f:aa:bf:bc:c3:c8:12:69:5c:c3:4a:05:f3:de:de:
                    67:20:3c:76:62:98:de:1c:7c:55:92:ca:87:c3:d3:
                    e5:16:1d:ee:7e:cb:57:76:d3:ee:e3:6a:bf:57:3d:
                    8c:2f:c9:a8:ee:9f:81:cc:bc:87:e7:a6:0a:33:9b:
                    01:98:af:05:6c:3f:04:28:ac:30:45:c6:ca:54:63:
                    94:e7:d8:0e:c9:2d:88:a4:e8:61:45:57:4e:61:b3:
                    f2:f4:77:11:fb:9b:64:88:37:fa:28:a8:dd:1d:e1:
                    50:5b:cf:20:1a:39:fc:61:3a:f2:5d:fc:f8:2d:b9:
                    99:2b:50:3b:bc:2c:0b:81:43:03:2d:f2:6a:06:ba:
                    6b:4b:9a:4d:23:2a:71:33:28:12:92:a8:b5:cc:a4:
                    ae:2e:3a:32:74:72:6c:ae:61:ab:94:e7:ff:5c:1a:
                    53:d8:c9:fb:c3:ea:05:0a:fc:e6:6d:5b:f7:d1:8f:
                    c5:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:76:F9:A6:41:01:7F:99:C9:BB:5A:A9:76:1E:24:71:32:82:05:5E
            X509v3 Authority Key Identifier:
                keyid:BA:59:D9:F5:AF:3C:EE:44:20:14:B7:35:96:1C:73:B9:69:26:0E:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulnZ9a887kQgFLc1lhxzuWkmDhk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:05:c9:f6:97:f9:4b:d4:60:1c:52:82:d2:73:19:63:6e:b3:
         17:88:4d:bd:c1:98:f7:62:7c:fa:22:f0:4d:46:90:f7:f6:8a:
         f3:2c:41:5f:64:1e:0b:15:68:22:90:fd:54:99:fb:88:36:ce:
         74:59:23:3c:7a:80:72:97:3a:69:47:99:07:1d:e3:75:ea:22:
         df:6c:44:37:ab:14:1d:49:e9:ea:db:84:a4:4d:9e:ec:cc:34:
         83:38:a7:72:54:c0:06:0f:dc:2e:e5:da:37:87:c7:19:7a:32:
         a8:51:a9:28:8b:73:81:08:94:e3:07:f2:72:51:83:1e:c2:77:
         20:11:f6:d0:5d:2c:b3:8e:1a:c9:97:ea:0a:30:96:e5:c1:23:
         35:24:61:58:3f:d4:c6:59:40:78:02:b8:5f:ce:49:23:ae:e1:
         46:30:ec:c4:10:b2:1b:e8:35:e0:ec:e3:2c:f7:ad:3d:36:17:
         40:ee:ff:86:8e:f9:9d:e2:85:3d:57:1c:7b:27:4b:73:1b:ba:
         ec:b0:b1:05:2a:5c:42:e4:45:05:8c:c8:55:06:fc:38:15:eb:
         68:4e:74:d0:5f:01:d0:68:71:18:89:5f:c1:00:df:f1:af:7c:
         5b:5e:0c:8b:a8:8b:bd:2b:07:98:49:e4:5a:83:fb:b3:a4:ba:
         a7:c7:7c:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRoNoroGcwTox3mvGGWCsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNTlkOWY1YWYzY2VlNDQyMDE0YjczNTk2MWM3M2I5Njky
NjBlMTkwHhcNMjUwNDA3MTkwMTE2WhcNMjUwNDA4MTkwMTE2WjAzMTEwLwYDVQQD
Eyg4MTc2ZjlhNjQxMDE3Zjk5YzliYjVhYTk3NjFlMjQ3MTMyODIwNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLVDjgtZ7/PBUpk3Dicl1tonSxKW
iG5XcTk+0I7PPLxe9d6TGdjmpmunubBQ31+fr+6vq/2YrsKnQuW5Fc7HQlM7OY7T
CWuj4gc/qr+8w8gSaVzDSgXz3t5nIDx2YpjeHHxVksqHw9PlFh3ufstXdtPu42q/
Vz2ML8mo7p+BzLyH56YKM5sBmK8FbD8EKKwwRcbKVGOU59gOyS2IpOhhRVdOYbPy
9HcR+5tkiDf6KKjdHeFQW88gGjn8YTryXfz4LbmZK1A7vCwLgUMDLfJqBrprS5pN
IypxMygSkqi1zKSuLjoydHJsrmGrlOf/XBpT2Mn7w+oFCvzmbVv30Y/FiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIF2+aZBAX+ZybtaqXYeJHEyggVeMB8GA1UdIwQY
MBaAFLpZ2fWvPO5EIBS3NZYcc7lpJg4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWxuWjlhODg3a1FnRkxjMWxoeHp1V2ttRGhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wM2QzZmEtOWUyMi00NDFlLWI1YzUt
ZDIwM2UyMDAxOGY1LzEvdWxuWjlhODg3a1FnRkxjMWxoeHp1V2ttRGhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wM2QzZmEtOWUyMi00NDFlLWI1YzUtZDIwM2UyMDAxOGY1
LzEvdWxuWjlhODg3a1FnRkxjMWxoeHp1V2ttRGhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjgXJ9pf5
S9RgHFKC0nMZY26zF4hNvcGY92J8+iLwTUaQ9/aK8yxBX2QeCxVoIpD9VJn7iDbO
dFkjPHqAcpc6aUeZBx3jdeoi32xEN6sUHUnp6tuEpE2e7Mw0gzinclTABg/cLuXa
N4fHGXoyqFGpKItzgQiU4wfyclGDHsJ3IBH20F0ss44ayZfqCjCW5cEjNSRhWD/U
xllAeAK4X85JI67hRjDsxBCyG+g14OzjLPetPTYXQO7/ho75neKFPVcceydLcxu6
7LCxBSpcQuRFBYzIVQb8OBXraE500F8B0GhxGIlfwQDf8a98W14Mi6iLvSsHmEnk
WoP7s6S6p8d8eg==
-----END CERTIFICATE-----