Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
File:                     uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json)
Hash identifier:          F3goKLDta2oZUMlEReSEXVO8ebX4Zxz3IzpGcLj7Wl0=
Subject key identifier:   51:34:58:30:48:F2:94:B9:14:9E:12:DB:AA:2A:00:BF:B2:4E:88:E0
Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E
Certificate issuer:       /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
Certificate serial:       01964CA20E696E0CEFC6DD477C8B540089F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
Manifest number:          047B
Signing time:             Sat 19 Apr 2025 06:00:10 +0000
Manifest this update:     Sat 19 Apr 2025 06:00:10 +0000
Manifest next update:     Sun 20 Apr 2025 06:00:10 +0000
Files and hashes:         1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: ciPAipnL4lfMpXi51A21KH4hYQGZoufPZC9Tf5lKJRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:a2:0e:69:6e:0c:ef:c6:dd:47:7c:8b:54:00:89:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
        Validity
            Not Before: Apr 19 06:00:10 2025 GMT
            Not After : Apr 20 06:00:10 2025 GMT
        Subject: CN=5134583048f294b9149e12dbaa2a00bfb24e88e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c9:f5:9a:5c:72:38:39:1f:be:90:4e:d3:63:
                    7d:a9:61:0f:9e:52:49:18:bc:83:ef:68:b9:f7:26:
                    5a:24:86:3c:54:d6:fe:69:a3:a6:9a:26:fc:97:c2:
                    2f:58:c8:12:e4:9c:89:16:b3:c6:90:ad:b7:a3:95:
                    6a:f6:d2:c1:ee:37:f4:c4:ea:58:c2:2c:b5:37:c4:
                    e8:d7:6a:6e:49:fd:a0:56:f0:13:5d:59:3c:78:5b:
                    ea:eb:6e:02:de:0f:30:bf:3e:a1:91:71:5c:0f:b3:
                    ee:d1:88:99:2f:d2:29:74:19:00:d5:6d:9d:20:7d:
                    17:c8:bf:3b:28:ba:7f:f7:0c:4a:88:a7:f8:81:2d:
                    f9:5d:85:0e:71:d8:da:9e:bf:64:b8:bc:00:11:1a:
                    93:8e:00:ec:0c:7d:44:de:3e:25:75:6f:7e:43:fd:
                    b4:ea:ed:37:41:2a:6c:59:51:3c:d2:7f:a7:c1:2b:
                    07:1b:44:6c:d0:dd:fc:c8:d1:d4:4a:de:1a:5f:d8:
                    e9:c0:1e:0d:9c:98:08:4c:fa:f9:13:98:d3:77:5a:
                    2c:e4:c7:b8:1a:63:87:54:ec:cb:5d:5d:9f:88:22:
                    90:f3:f8:94:1f:0a:f6:b7:5f:51:0b:31:73:d8:08:
                    15:7a:58:0c:18:4d:63:40:81:26:5f:32:4d:3d:0c:
                    db:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:34:58:30:48:F2:94:B9:14:9E:12:DB:AA:2A:00:BF:B2:4E:88:E0
            X509v3 Authority Key Identifier:
                keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:1a:bf:91:db:f6:5e:ec:7a:bf:9b:8c:31:fe:92:fd:32:10:
         25:e6:00:73:36:9e:53:94:44:98:52:fd:23:cd:47:fb:09:f4:
         44:90:02:96:5c:7a:d0:17:1e:67:05:05:f7:4a:91:c9:fd:2c:
         73:2d:bf:8f:ee:a1:84:43:0f:bf:30:ae:6f:fc:20:ce:83:f2:
         11:d7:bd:73:87:f0:de:db:60:8e:1c:34:19:bb:b4:88:95:70:
         a0:bf:a1:a9:06:e6:0f:34:28:64:f0:23:9a:21:9c:ae:15:66:
         71:c5:ed:5b:51:38:a7:23:a3:44:ac:a7:01:98:31:d2:2e:cf:
         24:6f:27:70:cb:56:c4:1a:14:28:e7:f3:84:08:03:ba:e4:a4:
         17:e9:5e:53:79:49:8f:1a:e5:28:c1:3b:05:bb:e6:a6:7d:79:
         28:16:91:6f:3d:38:01:89:ed:8c:29:6a:66:f0:a2:c3:ba:3f:
         0c:44:06:b1:ae:9e:81:5c:72:21:9e:3e:32:f8:2a:40:11:e9:
         83:fc:0b:43:1a:66:a7:f3:4a:b3:1e:66:9d:0d:24:94:be:b5:
         91:65:8b:6d:a9:1a:47:bc:89:75:d3:6d:f8:3b:9f:fe:82:b6:
         5d:60:a4:b6:59:f3:17:97:38:ff:6c:a6:cb:a7:8a:24:03:7a:
         c8:4b:c5:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMog5pbgzvxt1HfItUAIn2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2
ODExOGUwHhcNMjUwNDE5MDYwMDEwWhcNMjUwNDIwMDYwMDEwWjAzMTEwLwYDVQQD
Eyg1MTM0NTgzMDQ4ZjI5NGI5MTQ5ZTEyZGJhYTJhMDBiZmIyNGU4OGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8n1mlxyODkfvpBO02N9qWEPnlJJ
GLyD72i59yZaJIY8VNb+aaOmmib8l8IvWMgS5JyJFrPGkK23o5Vq9tLB7jf0xOpY
wiy1N8To12puSf2gVvATXVk8eFvq624C3g8wvz6hkXFcD7Pu0YiZL9IpdBkA1W2d
IH0XyL87KLp/9wxKiKf4gS35XYUOcdjanr9kuLwAERqTjgDsDH1E3j4ldW9+Q/20
6u03QSpsWVE80n+nwSsHG0Rs0N38yNHUSt4aX9jpwB4NnJgITPr5E5jTd1os5Me4
GmOHVOzLXV2fiCKQ8/iUHwr2t19RCzFz2AgVelgMGE1jQIEmXzJNPQzbLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFE0WDBI8pS5FJ4S26oqAL+yTojgMB8GA1UdIwQY
MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt
YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj
LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApRq/kdv2
Xux6v5uMMf6S/TIQJeYAczaeU5REmFL9I81H+wn0RJACllx60BceZwUF90qRyf0s
cy2/j+6hhEMPvzCub/wgzoPyEde9c4fw3ttgjhw0Gbu0iJVwoL+hqQbmDzQoZPAj
miGcrhVmccXtW1E4pyOjRKynAZgx0i7PJG8ncMtWxBoUKOfzhAgDuuSkF+leU3lJ
jxrlKME7Bbvmpn15KBaRbz04AYntjClqZvCiw7o/DEQGsa6egVxyIZ4+MvgqQBHp
g/wLQxpmp/NKsx5mnQ0klL61kWWLbakaR7yJddNt+Duf/oK2XWCktlnzF5c4/2ym
y6eKJAN6yEvFCg==
-----END CERTIFICATE-----