Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.mft
File:                     UKiPmoNBAa34dwN6UcgdEzqpRuw.mft (raw, json)
Hash identifier:          tUy/vpblN91b2ONjwa7t9Oq0K0KiqBo/Apdw/Ed3vqA=
Subject key identifier:   0D:9D:CE:BE:B1:8B:6C:0A:C3:DB:03:6A:72:42:65:F8:EA:A8:26:3B
Authority key identifier: 50:A8:8F:9A:83:41:01:AD:F8:77:03:7A:51:C8:1D:13:3A:A9:46:EC
Certificate issuer:       /CN=50a88f9a834101adf877037a51c81d133aa946ec
Certificate serial:       0196549289BFA4F510B5A86E96445263B07D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UKiPmoNBAa34dwN6UcgdEzqpRuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.mft
Manifest number:          0C88
Signing time:             Sun 20 Apr 2025 19:00:11 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:11 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:11 +0000
Files and hashes:         1: UKiPmoNBAa34dwN6UcgdEzqpRuw.crl (hash: q00Y4LiaSCzdYvsc1XQSaJAX/NWubkJcJ1Oo1K+ag3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UKiPmoNBAa34dwN6UcgdEzqpRuw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 19:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:92:89:bf:a4:f5:10:b5:a8:6e:96:44:52:63:b0:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50a88f9a834101adf877037a51c81d133aa946ec
        Validity
            Not Before: Apr 20 19:00:11 2025 GMT
            Not After : Apr 21 19:00:11 2025 GMT
        Subject: CN=0d9dcebeb18b6c0ac3db036a724265f8eaa8263b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:99:ca:ab:e7:3c:18:ba:5c:03:67:be:05:81:
                    cc:19:11:cf:5f:2c:f1:7e:a0:bc:e8:c2:1b:69:cb:
                    83:ea:ba:20:33:61:30:27:d0:66:ef:b6:2b:89:53:
                    63:6c:c3:67:f6:7f:1f:4f:23:8a:c8:1d:71:cc:63:
                    4e:a6:a9:83:60:8d:e1:79:68:00:4e:3f:f5:10:31:
                    2d:cd:a2:ff:4e:61:c7:8e:b4:73:03:bf:78:12:23:
                    97:72:14:c2:82:f8:38:f3:4a:46:a4:f5:ee:c5:73:
                    8a:fd:cd:15:fb:07:c5:62:cc:2c:24:31:93:67:9e:
                    18:09:ab:c2:c6:7f:d2:4f:79:c7:79:90:ba:ef:09:
                    3e:c6:02:7f:48:7f:1c:c6:67:eb:b2:10:c4:18:e7:
                    26:43:d6:6d:bc:82:82:43:7e:91:33:19:15:dd:d1:
                    a3:af:72:0d:50:28:ec:4d:e0:29:97:64:67:6a:20:
                    99:fa:d5:cf:41:31:0a:3d:9b:27:ad:67:de:ce:81:
                    af:03:fb:01:b7:39:d4:b6:2c:18:d9:13:bf:66:97:
                    84:f7:84:c9:2d:eb:39:01:80:fa:13:b8:82:99:2c:
                    7a:03:93:32:f1:f8:9d:dd:d0:59:46:72:69:21:97:
                    8b:43:ec:22:aa:e7:ea:ea:13:5e:d8:05:9a:cc:71:
                    9f:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:9D:CE:BE:B1:8B:6C:0A:C3:DB:03:6A:72:42:65:F8:EA:A8:26:3B
            X509v3 Authority Key Identifier:
                keyid:50:A8:8F:9A:83:41:01:AD:F8:77:03:7A:51:C8:1D:13:3A:A9:46:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UKiPmoNBAa34dwN6UcgdEzqpRuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:8b:85:86:9d:8a:bf:92:d5:67:5d:98:73:e6:0c:d9:e9:c8:
         b0:71:74:53:7b:00:b8:25:1f:4c:3a:51:6a:8e:a2:7f:3a:b6:
         79:8b:e5:ff:c1:d3:73:12:d9:16:f6:f4:94:6e:c8:02:18:0a:
         c2:a9:45:04:b6:79:38:f8:b7:91:38:01:ee:7e:0e:85:ec:ec:
         94:ea:4e:7d:e6:7b:2c:bb:13:3f:03:5c:dc:17:97:7c:66:01:
         ea:c7:7f:f0:86:f8:43:41:b1:71:de:11:d1:5d:d0:b6:7d:2d:
         ff:32:d8:59:1c:1d:5f:88:cf:b5:88:53:84:da:29:83:46:bd:
         60:08:aa:82:e9:bc:b6:bc:0b:bf:46:f1:e7:4d:c9:57:c2:f2:
         ad:0b:a3:85:be:e7:67:7a:56:bb:71:d8:7d:ef:43:b3:62:03:
         a0:36:73:60:56:63:99:e2:e2:37:5c:fa:0f:4f:b9:8f:1b:9c:
         3f:4e:d2:a8:a4:e7:9c:b5:d3:0b:e7:31:7a:d7:8b:fa:df:70:
         de:88:ee:34:2d:f3:a4:a3:c7:c5:b1:cb:0c:85:38:cc:5d:a7:
         dd:51:61:a4:5c:42:4b:05:d7:bc:f5:ee:69:92:a8:f8:15:a8:
         ca:67:47:96:6a:65:d9:21:a7:8f:6b:a2:00:ba:dc:6d:0d:52:
         06:bc:49:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkom/pPUQtahulkRSY7B9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYTg4ZjlhODM0MTAxYWRmODc3MDM3YTUxYzgxZDEzM2Fh
OTQ2ZWMwHhcNMjUwNDIwMTkwMDExWhcNMjUwNDIxMTkwMDExWjAzMTEwLwYDVQQD
EygwZDlkY2ViZWIxOGI2YzBhYzNkYjAzNmE3MjQyNjVmOGVhYTgyNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZnKq+c8GLpcA2e+BYHMGRHPXyzx
fqC86MIbacuD6rogM2EwJ9Bm77YriVNjbMNn9n8fTyOKyB1xzGNOpqmDYI3heWgA
Tj/1EDEtzaL/TmHHjrRzA794EiOXchTCgvg480pGpPXuxXOK/c0V+wfFYswsJDGT
Z54YCavCxn/ST3nHeZC67wk+xgJ/SH8cxmfrshDEGOcmQ9ZtvIKCQ36RMxkV3dGj
r3INUCjsTeApl2RnaiCZ+tXPQTEKPZsnrWfezoGvA/sBtznUtiwY2RO/ZpeE94TJ
Les5AYD6E7iCmSx6A5My8fid3dBZRnJpIZeLQ+wiqufq6hNe2AWazHGfhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2dzr6xi2wKw9sDanJCZfjqqCY7MB8GA1UdIwQY
MBaAFFCoj5qDQQGt+HcDelHIHRM6qUbsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUtpUG1vTkJBYTM0ZHdONlVjZ2RFenFwUnV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85NzYwYzYtM2ZjZS00MmJkLWJiYzgt
NDlmYmMzMGE4ZjYxLzEvVUtpUG1vTkJBYTM0ZHdONlVjZ2RFenFwUnV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85NzYwYzYtM2ZjZS00MmJkLWJiYzgtNDlmYmMzMGE4ZjYx
LzEvVUtpUG1vTkJBYTM0ZHdONlVjZ2RFenFwUnV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoIuFhp2K
v5LVZ12Yc+YM2enIsHF0U3sAuCUfTDpRao6ifzq2eYvl/8HTcxLZFvb0lG7IAhgK
wqlFBLZ5OPi3kTgB7n4OhezslOpOfeZ7LLsTPwNc3BeXfGYB6sd/8Ib4Q0Gxcd4R
0V3Qtn0t/zLYWRwdX4jPtYhThNopg0a9YAiqgum8trwLv0bx503JV8LyrQujhb7n
Z3pWu3HYfe9Ds2IDoDZzYFZjmeLiN1z6D0+5jxucP07SqKTnnLXTC+cxeteL+t9w
3ojuNC3zpKPHxbHLDIU4zF2n3VFhpFxCSwXXvPXuaZKo+BWoymdHlmpl2SGnj2ui
ALrcbQ1SBrxJZw==
-----END CERTIFICATE-----