Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
File:                     uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json)
Hash identifier:          DLWxcxrZXa5pC4JN7ECEnb+rkMQYxZKJ47vWxC4nYGY=
Subject key identifier:   32:10:B9:B8:4C:1D:69:5A:DA:71:50:2E:F3:56:8A:D9:DA:7D:F2:54
Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E
Certificate issuer:       /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
Certificate serial:       01974B8D592BA2C663CB85BFFD42257C60B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
Manifest number:          04FF
Signing time:             Sat 07 Jun 2025 18:00:43 +0000
Manifest this update:     Sat 07 Jun 2025 18:00:43 +0000
Manifest next update:     Sun 08 Jun 2025 18:00:43 +0000
Files and hashes:         1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: n31k/TLCyI8JvjEjtLaPmmqxHWS3iPDQbIvTcXF2Y6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:8d:59:2b:a2:c6:63:cb:85:bf:fd:42:25:7c:60:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
        Validity
            Not Before: Jun  7 18:00:43 2025 GMT
            Not After : Jun  8 18:00:43 2025 GMT
        Subject: CN=3210b9b84c1d695ada71502ef3568ad9da7df254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d3:81:b5:fa:37:15:8d:23:a3:26:7e:48:27:
                    b0:78:65:26:c0:72:a3:0b:72:f5:1f:0d:a4:23:77:
                    6c:3b:12:11:50:6a:fd:10:ba:72:67:d0:07:1d:45:
                    6e:0b:0c:db:c2:52:7b:e5:63:51:94:68:a7:f2:b4:
                    66:58:94:26:c5:4f:f6:55:d2:4e:26:69:24:27:bb:
                    07:e9:0e:4c:1e:b8:60:fa:11:85:ac:12:2e:5a:d4:
                    81:5d:5a:c0:18:81:2e:b5:05:92:20:be:b6:5a:dc:
                    02:06:2d:92:cc:a4:3d:ab:ed:7e:23:22:64:f0:eb:
                    b2:b6:85:57:e8:27:d8:b4:84:8b:4c:1a:a8:57:c6:
                    13:a8:0f:92:b8:49:d1:e3:92:dd:be:b8:73:3c:c1:
                    9d:2f:a0:57:f6:20:d4:e2:05:d8:cd:72:15:f0:ef:
                    a6:d1:4f:a7:17:78:19:d4:71:11:27:8a:71:fd:78:
                    fe:b5:62:9a:28:d6:9e:67:f2:4a:37:47:c9:0b:19:
                    5e:62:1a:13:87:27:30:d3:f1:de:a1:6c:4d:16:18:
                    ea:66:f1:9b:79:f8:37:d7:13:98:cb:60:a9:eb:0c:
                    41:06:d2:dc:ab:f0:e6:55:eb:8e:64:fa:ae:3f:57:
                    43:fc:95:ef:ae:c6:18:34:ef:f8:69:4e:86:95:c5:
                    00:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:10:B9:B8:4C:1D:69:5A:DA:71:50:2E:F3:56:8A:D9:DA:7D:F2:54
            X509v3 Authority Key Identifier:
                keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:cc:e2:c0:8f:ac:7b:2f:72:e4:43:7b:3c:1a:d1:8c:32:5b:
         6f:09:fc:b5:a0:73:f5:1b:6a:4f:2e:b3:56:14:83:ba:1b:3d:
         f5:fc:43:a2:d7:cc:fa:ff:89:69:a5:40:ad:65:62:5d:eb:1f:
         ea:74:e3:23:8e:ac:de:2c:e9:37:fd:33:a6:5b:23:f9:4b:3d:
         e6:89:b1:d1:87:3f:d7:ae:e6:eb:90:aa:8b:57:ee:de:3a:56:
         f9:76:a8:77:52:28:ee:13:99:1f:6b:13:b7:e6:37:73:75:5f:
         42:da:99:3c:28:60:5c:58:39:19:86:d5:c2:1f:5a:ea:3a:96:
         7d:f8:0e:d0:2a:ab:ab:c8:88:b4:80:52:48:54:65:f0:a2:ac:
         40:8c:25:6d:91:03:c9:2c:83:98:51:c4:85:71:df:b5:11:f7:
         7e:c9:3d:6e:f6:1f:4a:c7:bc:ab:3e:cd:e9:28:61:4e:09:e4:
         43:1e:f5:b3:4e:f4:97:84:92:d1:70:08:1f:07:8d:c9:c9:9d:
         5c:91:ae:71:66:6f:74:07:5d:9f:31:2b:fb:ee:3d:06:20:f7:
         df:2c:6d:46:85:01:af:00:da:fc:2f:2f:ad:44:86:7b:c5:ec:
         10:67:d2:23:56:5d:05:9a:54:03:a5:a1:2f:11:94:16:07:38:
         90:c6:af:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjVkrosZjy4W//UIlfGCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2
ODExOGUwHhcNMjUwNjA3MTgwMDQzWhcNMjUwNjA4MTgwMDQzWjAzMTEwLwYDVQQD
EygzMjEwYjliODRjMWQ2OTVhZGE3MTUwMmVmMzU2OGFkOWRhN2RmMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdOBtfo3FY0joyZ+SCeweGUmwHKj
C3L1Hw2kI3dsOxIRUGr9ELpyZ9AHHUVuCwzbwlJ75WNRlGin8rRmWJQmxU/2VdJO
JmkkJ7sH6Q5MHrhg+hGFrBIuWtSBXVrAGIEutQWSIL62WtwCBi2SzKQ9q+1+IyJk
8OuytoVX6CfYtISLTBqoV8YTqA+SuEnR45LdvrhzPMGdL6BX9iDU4gXYzXIV8O+m
0U+nF3gZ1HERJ4px/Xj+tWKaKNaeZ/JKN0fJCxleYhoThycw0/HeoWxNFhjqZvGb
efg31xOYy2Cp6wxBBtLcq/DmVeuOZPquP1dD/JXvrsYYNO/4aU6GlcUA9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIQubhMHWla2nFQLvNWitnaffJUMB8GA1UdIwQY
MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt
YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj
LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHcziwI+s
ey9y5EN7PBrRjDJbbwn8taBz9RtqTy6zVhSDuhs99fxDotfM+v+JaaVArWViXesf
6nTjI46s3izpN/0zplsj+Us95omx0Yc/167m65Cqi1fu3jpW+Xaod1Io7hOZH2sT
t+Y3c3VfQtqZPChgXFg5GYbVwh9a6jqWffgO0Cqrq8iItIBSSFRl8KKsQIwlbZED
ySyDmFHEhXHftRH3fsk9bvYfSse8qz7N6ShhTgnkQx71s070l4SS0XAIHweNycmd
XJGucWZvdAddnzEr++49BiD33yxtRoUBrwDa/C8vrUSGe8XsEGfSI1ZdBZpUA6Wh
LxGUFgc4kMav8g==
-----END CERTIFICATE-----