Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
File:                     UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft (raw, json)
Hash identifier:          bvmqvig9Pm0GD1yJqpDFjVuztgSeZ0BU+vW7/Gb3LvI=
Subject key identifier:   91:B0:11:66:61:AC:65:99:01:88:D5:62:DE:CC:8A:4A:12:A0:3C:21
Authority key identifier: 52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D
Certificate issuer:       /CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
Certificate serial:       0194C463969F5904DCA413B723944B14C295
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
Manifest number:          138C
Signing time:             Sun 02 Feb 2025 02:00:48 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:48 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:48 +0000
Files and hashes:         1: UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl (hash: Ry1jI+Zi0pUdeUkOo9vTUyn84rmFqeQGjvywQUcM8Ag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:96:9f:59:04:dc:a4:13:b7:23:94:4b:14:c2:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
        Validity
            Not Before: Feb  2 02:00:48 2025 GMT
            Not After : Feb  3 02:00:48 2025 GMT
        Subject: CN=91b0116661ac65990188d562decc8a4a12a03c21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:61:09:09:93:f1:bd:1c:8c:bf:b1:ea:48:cd:
                    3f:40:ea:9b:c2:98:20:2f:e6:37:23:04:1e:83:a2:
                    6d:44:52:e0:3a:0b:d6:4b:bd:b3:fb:7a:7e:17:4d:
                    6c:b3:b7:2e:a7:56:e9:33:cb:3d:a2:a0:86:7b:cb:
                    a6:a4:f6:a9:aa:e5:e3:f3:72:c1:85:0e:c4:0d:23:
                    07:22:60:9e:c1:cb:fc:93:72:73:d3:96:e1:cb:13:
                    99:1d:23:5a:d0:3d:23:1a:0d:4f:0d:53:52:70:57:
                    b3:6a:48:52:e0:69:bc:57:79:80:64:0e:06:70:91:
                    2f:89:17:0f:23:45:ea:8d:39:c7:6b:cd:be:2f:fe:
                    11:e0:74:7b:db:c8:a9:5c:58:95:91:89:ab:d5:43:
                    16:cf:b7:27:b6:ce:17:57:d2:17:17:6d:a2:2e:78:
                    8b:c1:17:a0:2f:a8:99:bb:3f:2b:58:52:45:17:8a:
                    f0:9f:61:07:9f:c5:b6:96:07:b7:69:81:2a:55:53:
                    6b:ff:82:c9:26:f7:fc:ff:e6:b4:a2:38:51:b1:b9:
                    c2:1b:e4:54:f6:84:c7:be:73:df:dc:3b:0f:a2:1e:
                    18:32:c9:93:3a:60:71:1c:c1:49:c9:c2:4b:cd:97:
                    e8:a5:e9:76:b4:fd:ca:88:88:f8:b4:30:69:cd:2d:
                    3e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:B0:11:66:61:AC:65:99:01:88:D5:62:DE:CC:8A:4A:12:A0:3C:21
            X509v3 Authority Key Identifier:
                keyid:52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:19:7b:db:b0:07:93:4b:7d:c9:47:b7:34:af:fd:3b:64:dd:
         d8:64:3b:b6:00:b5:ae:f7:64:f5:72:cf:6a:c7:6e:19:81:05:
         b8:51:13:0d:8f:b0:63:9e:d5:ac:aa:2a:b7:7e:8e:76:f1:05:
         da:25:df:bc:7b:7e:89:85:0d:67:73:34:10:cc:e0:a8:e4:fd:
         9e:e3:23:92:f8:24:7c:09:43:2f:29:72:d3:c8:7c:ef:72:74:
         96:a4:95:c1:0d:ab:1d:6a:b9:90:46:8c:8b:d1:71:7b:ef:e3:
         cd:da:f0:26:58:3c:96:e5:6d:86:ca:c1:7b:01:b8:78:15:e0:
         0c:5b:84:72:57:b2:28:e3:ab:ec:88:e6:77:1e:b5:7c:de:34:
         dd:4f:39:74:e5:f7:15:db:96:f9:1e:2a:8f:98:c2:8b:9a:56:
         29:3e:79:01:a2:45:b2:d7:76:86:1a:63:9b:5f:cb:66:27:16:
         49:8d:fb:b4:ac:ad:53:cb:14:fe:c7:47:16:5a:c4:35:b2:54:
         07:d9:24:c7:4c:df:06:e6:8d:27:15:d7:16:16:d9:1f:be:29:
         15:97:72:a0:7a:9c:ef:c9:d2:af:a8:76:30:48:3e:a3:6a:ae:
         81:bb:4a:96:29:12:00:ce:e0:c4:d8:ea:cb:f9:5b:d6:64:01:
         e4:25:d8:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY5afWQTcpBO3I5RLFMKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjJkM2YyN2NjMDViZTU5MjRiYjdiZDg5MGY3ZTZkZWZm
YjQ5N2QwHhcNMjUwMjAyMDIwMDQ4WhcNMjUwMjAzMDIwMDQ4WjAzMTEwLwYDVQQD
Eyg5MWIwMTE2NjYxYWM2NTk5MDE4OGQ1NjJkZWNjOGE0YTEyYTAzYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWEJCZPxvRyMv7HqSM0/QOqbwpgg
L+Y3IwQeg6JtRFLgOgvWS72z+3p+F01ss7cup1bpM8s9oqCGe8umpPapquXj83LB
hQ7EDSMHImCewcv8k3Jz05bhyxOZHSNa0D0jGg1PDVNScFezakhS4Gm8V3mAZA4G
cJEviRcPI0XqjTnHa82+L/4R4HR728ipXFiVkYmr1UMWz7cnts4XV9IXF22iLniL
wRegL6iZuz8rWFJFF4rwn2EHn8W2lge3aYEqVVNr/4LJJvf8/+a0ojhRsbnCG+RU
9oTHvnPf3DsPoh4YMsmTOmBxHMFJycJLzZfopel2tP3KiIj4tDBpzS0+oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGwEWZhrGWZAYjVYt7MikoSoDwhMB8GA1UdIwQY
MBaAFFJi0/J8wFvlkku3vYkPfm3v+0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2Et
N2FlNTk4N2JlZTYyLzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2EtN2FlNTk4N2JlZTYy
LzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAehl727AH
k0t9yUe3NK/9O2Td2GQ7tgC1rvdk9XLPasduGYEFuFETDY+wY57VrKoqt36OdvEF
2iXfvHt+iYUNZ3M0EMzgqOT9nuMjkvgkfAlDLyly08h873J0lqSVwQ2rHWq5kEaM
i9Fxe+/jzdrwJlg8luVthsrBewG4eBXgDFuEcleyKOOr7Ijmdx61fN403U85dOX3
FduW+R4qj5jCi5pWKT55AaJFstd2hhpjm1/LZicWSY37tKytU8sU/sdHFlrENbJU
B9kkx0zfBuaNJxXXFhbZH74pFZdyoHqc78nSr6h2MEg+o2qugbtKlikSAM7gxNjq
y/lb1mQB5CXYIQ==
-----END CERTIFICATE-----