Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
File:                     UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft (raw, json)
Hash identifier:          s+7skgK6cAuDvEExz6AzR32o4JLNT0a0mwS5GjaZork=
Subject key identifier:   25:7E:B7:0B:96:4A:B8:49:35:14:A3:0C:BD:D0:BA:97:0C:8E:29:D6
Authority key identifier: 52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D
Certificate issuer:       /CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
Certificate serial:       0197477A0B589F0798666AB16FC3CBA060D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
Manifest number:          14D9
Signing time:             Fri 06 Jun 2025 23:01:10 +0000
Manifest this update:     Fri 06 Jun 2025 23:01:10 +0000
Manifest next update:     Sat 07 Jun 2025 23:01:10 +0000
Files and hashes:         1: UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl (hash: 2jx2w+NfS1tDWlofALsRBe2D59FO/fkd4G1Gpd43doo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 23:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:7a:0b:58:9f:07:98:66:6a:b1:6f:c3:cb:a0:60:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
        Validity
            Not Before: Jun  6 23:01:10 2025 GMT
            Not After : Jun  7 23:01:10 2025 GMT
        Subject: CN=257eb70b964ab8493514a30cbdd0ba970c8e29d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:38:84:2a:30:d5:76:7e:1f:e3:cd:9f:05:5f:
                    35:c0:0f:12:85:ed:87:72:6b:37:04:3a:44:e4:b4:
                    19:cc:d8:15:8d:c7:33:55:b0:79:f2:0e:bc:7c:7f:
                    a2:c0:5f:d8:74:18:48:50:06:92:89:87:db:33:b5:
                    af:31:18:45:33:77:71:8f:89:7d:bb:59:13:12:74:
                    d6:cc:92:e4:c8:a9:29:ed:f1:8c:07:f8:99:15:35:
                    4d:0c:0e:66:33:57:c1:b2:04:db:7e:4c:e6:eb:91:
                    7e:52:e9:4a:f8:ec:6b:bc:11:3d:e9:2c:b8:bf:e0:
                    32:13:66:12:b3:5f:ab:0d:53:87:9a:53:06:ae:fe:
                    6d:04:cd:89:9b:ec:64:13:35:b6:95:1b:3e:7d:79:
                    c8:d6:dc:9f:aa:cd:38:a9:80:21:57:f7:e7:84:a9:
                    7f:a0:97:51:44:f2:4d:76:91:98:cb:22:1b:88:77:
                    1b:36:43:95:82:ca:b1:7a:36:f4:bb:e8:6f:0a:c1:
                    67:c9:0d:f4:97:e1:0a:89:60:3b:c1:00:9b:3a:7d:
                    f8:d3:92:e7:ed:c4:a7:5b:db:f1:a1:47:24:a7:81:
                    09:95:27:15:dd:58:c8:3a:39:31:5e:58:85:3e:4b:
                    9d:3f:86:ae:7b:37:4a:89:f4:d6:25:0e:38:40:aa:
                    7f:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:7E:B7:0B:96:4A:B8:49:35:14:A3:0C:BD:D0:BA:97:0C:8E:29:D6
            X509v3 Authority Key Identifier:
                keyid:52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:1f:61:f0:a7:57:44:54:7b:98:c2:c6:a3:28:76:6f:ec:8e:
         5b:c7:62:d7:67:c5:41:fd:c5:42:a0:2d:39:37:6c:12:ec:b1:
         3a:b0:1c:aa:ce:90:d5:a0:cf:59:98:7b:fc:5f:7d:04:ba:a8:
         47:44:e6:50:35:d4:ff:48:b7:33:e9:14:c2:cd:8a:0f:83:ac:
         06:71:be:35:a0:a1:0b:fe:6e:a0:e3:71:fc:eb:a0:86:c4:9d:
         6e:ed:44:dd:77:be:db:c9:27:96:26:a6:75:77:31:5b:0b:cb:
         44:9d:50:1b:4a:18:bb:98:84:fc:45:d7:7d:3f:71:49:44:eb:
         79:07:65:94:94:f0:31:52:ae:a3:f9:a5:b2:fc:e3:28:ea:91:
         a6:72:3a:02:4f:4a:bd:76:84:2a:ec:88:ab:c3:d5:78:7c:ef:
         f2:dc:0e:8c:01:ef:b5:ba:9b:7a:ef:38:a9:ea:ab:d7:f4:f1:
         66:b5:94:a7:eb:62:9c:ee:22:9f:13:2c:42:9c:bd:8b:f1:73:
         67:c4:8d:36:1b:35:99:de:9c:a8:6c:51:f8:17:ff:f3:e9:a6:
         12:08:01:96:6f:10:3d:e9:3f:58:4d:66:96:32:e3:2f:04:97:
         07:71:c1:26:3c:80:b8:d2:67:d9:01:5a:f0:bb:8a:9f:c7:4b:
         ed:15:1b:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHegtYnweYZmqxb8PLoGDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjJkM2YyN2NjMDViZTU5MjRiYjdiZDg5MGY3ZTZkZWZm
YjQ5N2QwHhcNMjUwNjA2MjMwMTEwWhcNMjUwNjA3MjMwMTEwWjAzMTEwLwYDVQQD
EygyNTdlYjcwYjk2NGFiODQ5MzUxNGEzMGNiZGQwYmE5NzBjOGUyOWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTiEKjDVdn4f482fBV81wA8She2H
cms3BDpE5LQZzNgVjcczVbB58g68fH+iwF/YdBhIUAaSiYfbM7WvMRhFM3dxj4l9
u1kTEnTWzJLkyKkp7fGMB/iZFTVNDA5mM1fBsgTbfkzm65F+UulK+OxrvBE96Sy4
v+AyE2YSs1+rDVOHmlMGrv5tBM2Jm+xkEzW2lRs+fXnI1tyfqs04qYAhV/fnhKl/
oJdRRPJNdpGYyyIbiHcbNkOVgsqxejb0u+hvCsFnyQ30l+EKiWA7wQCbOn3405Ln
7cSnW9vxoUckp4EJlScV3VjIOjkxXliFPkudP4auezdKifTWJQ44QKp/swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCV+twuWSrhJNRSjDL3QupcMjinWMB8GA1UdIwQY
MBaAFFJi0/J8wFvlkku3vYkPfm3v+0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2Et
N2FlNTk4N2JlZTYyLzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2EtN2FlNTk4N2JlZTYy
LzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABB9h8KdX
RFR7mMLGoyh2b+yOW8di12fFQf3FQqAtOTdsEuyxOrAcqs6Q1aDPWZh7/F99BLqo
R0TmUDXU/0i3M+kUws2KD4OsBnG+NaChC/5uoONx/OughsSdbu1E3Xe+28knliam
dXcxWwvLRJ1QG0oYu5iE/EXXfT9xSUTreQdllJTwMVKuo/mlsvzjKOqRpnI6Ak9K
vXaEKuyIq8PVeHzv8twOjAHvtbqbeu84qeqr1/TxZrWUp+tinO4inxMsQpy9i/Fz
Z8SNNhs1md6cqGxR+Bf/8+mmEggBlm8QPek/WE1mljLjLwSXB3HBJjyAuNJn2QFa
8LuKn8dL7RUb+A==
-----END CERTIFICATE-----