Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
File:                     ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json)
Hash identifier:          2ujAaBkvU1LBv+45jGw57aqwe0hD1Md7qA+kzpo14lw=
Subject key identifier:   7A:B6:1F:EC:C4:A7:C8:4D:01:53:BC:6E:B0:81:C1:68:6D:DD:20:49
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Certificate issuer:       /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial:       019649A1F658888163DD44669C60293A4464
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
Manifest number:          150F
Signing time:             Fri 18 Apr 2025 16:01:13 +0000
Manifest this update:     Fri 18 Apr 2025 16:01:13 +0000
Manifest next update:     Sat 19 Apr 2025 16:01:13 +0000
Files and hashes:         1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: t441gEqTPhFuAlC7X4tTdlOO1zstg3FlXxy9PS5CWck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 14:20:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:49:a1:f6:58:88:81:63:dd:44:66:9c:60:29:3a:44:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
        Validity
            Not Before: Apr 18 16:01:13 2025 GMT
            Not After : Apr 19 16:01:13 2025 GMT
        Subject: CN=7ab61fecc4a7c84d0153bc6eb081c1686ddd2049
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2e:6a:ef:53:a4:c2:3c:58:7b:0a:43:ff:d6:
                    b8:21:a2:1e:1d:00:58:4c:ad:be:19:36:07:fe:1a:
                    29:17:ce:4f:00:ae:97:7b:b1:13:26:6f:34:24:a1:
                    ea:bc:7c:df:7c:91:1b:dd:ba:03:f7:5e:69:c7:e6:
                    6b:f1:6a:49:10:c1:d0:b8:f7:af:53:03:3b:3c:d7:
                    1c:4f:99:23:a2:2b:cf:a1:31:fb:b4:36:e0:e3:d8:
                    5a:6e:c9:25:af:8c:d7:cf:21:bf:fd:f1:75:2c:de:
                    77:fa:c5:60:39:0e:7f:eb:78:d5:2d:e6:14:59:fa:
                    e9:ed:87:08:f6:3d:05:ba:a6:d5:c5:2e:fb:89:ee:
                    f6:a7:27:48:db:d1:2c:a4:94:87:5b:ab:9b:a9:6e:
                    7f:a2:7e:8c:6f:b6:c9:6b:24:74:e8:63:33:94:ab:
                    82:36:0e:b7:16:78:4e:be:96:ef:97:60:fa:ea:1b:
                    30:67:50:ad:2e:9e:74:a9:ea:c4:7d:de:b9:f3:7a:
                    bc:6c:1b:81:38:b8:e3:ad:57:bd:da:f1:e0:71:aa:
                    73:15:03:45:5f:38:a4:33:21:1b:8e:80:54:73:8f:
                    73:49:13:73:28:ac:f0:9d:5a:e3:2a:35:e3:4f:0a:
                    a4:6b:d0:21:53:fc:02:e3:c2:7b:a7:a8:72:8a:96:
                    6b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:B6:1F:EC:C4:A7:C8:4D:01:53:BC:6E:B0:81:C1:68:6D:DD:20:49
            X509v3 Authority Key Identifier:
                keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:1f:30:35:e0:fb:48:e1:39:28:b0:d7:49:51:30:ea:d9:62:
         5b:0b:92:79:fb:b6:cc:b3:e7:46:6a:4a:f9:f2:27:3c:de:bf:
         a5:af:5f:e6:eb:1e:f5:02:15:56:15:16:75:63:00:7e:aa:cd:
         ed:20:28:b6:d3:e5:ed:8c:37:b5:1a:0a:8e:bd:1d:a8:56:41:
         b3:36:a9:5e:85:6d:3e:9d:80:9d:05:53:fe:3a:68:04:4c:61:
         16:dc:58:42:6d:e5:2b:66:e8:54:99:cd:95:76:9b:40:c9:76:
         8d:ee:40:9e:36:6e:f8:88:b1:92:e3:ba:d9:89:ce:3b:e9:5a:
         0b:66:ef:93:18:4d:44:3f:05:b1:8c:65:fd:05:71:ab:af:8b:
         c0:f9:e0:49:2e:40:02:3a:46:f3:88:52:79:2c:78:0d:a4:5d:
         3c:a5:32:cc:07:86:b4:98:a4:15:21:5e:22:87:72:1d:c3:44:
         d1:db:3f:8f:91:1d:88:fd:22:aa:98:6e:45:49:a7:6f:46:b9:
         42:8a:26:f0:4d:2a:bc:7b:3c:b3:2a:72:e1:be:fe:bc:53:91:
         9e:f0:09:67:98:27:3d:c0:0c:18:f4:61:e7:12:5b:97:33:68:
         14:40:34:a6:56:fa:4d:ea:1a:91:58:4a:d4:b4:83:87:f3:eb:
         30:ac:de:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZJofZYiIFj3URmnGApOkRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjUwNDE4MTYwMTEzWhcNMjUwNDE5MTYwMTEzWjAzMTEwLwYDVQQD
Eyg3YWI2MWZlY2M0YTdjODRkMDE1M2JjNmViMDgxYzE2ODZkZGQyMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi5q71OkwjxYewpD/9a4IaIeHQBY
TK2+GTYH/hopF85PAK6Xe7ETJm80JKHqvHzffJEb3boD915px+Zr8WpJEMHQuPev
UwM7PNccT5kjoivPoTH7tDbg49habsklr4zXzyG//fF1LN53+sVgOQ5/63jVLeYU
Wfrp7YcI9j0FuqbVxS77ie72pydI29EspJSHW6ubqW5/on6Mb7bJayR06GMzlKuC
Ng63FnhOvpbvl2D66hswZ1CtLp50qerEfd6583q8bBuBOLjjrVe92vHgcapzFQNF
XzikMyEbjoBUc49zSRNzKKzwnVrjKjXjTwqka9AhU/wC48J7p6hyipZrEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHq2H+zEp8hNAVO8brCBwWht3SBJMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvh8wNeD7
SOE5KLDXSVEw6tliWwuSefu2zLPnRmpK+fInPN6/pa9f5use9QIVVhUWdWMAfqrN
7SAottPl7Yw3tRoKjr0dqFZBszapXoVtPp2AnQVT/jpoBExhFtxYQm3lK2boVJnN
lXabQMl2je5AnjZu+IixkuO62YnOO+laC2bvkxhNRD8FsYxl/QVxq6+LwPngSS5A
AjpG84hSeSx4DaRdPKUyzAeGtJikFSFeIodyHcNE0ds/j5EdiP0iqphuRUmnb0a5
Qoom8E0qvHs8sypy4b7+vFORnvAJZ5gnPcAMGPRh5xJblzNoFEA0plb6TeoakVhK
1LSDh/PrMKzezw==
-----END CERTIFICATE-----