Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
File:                     U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft (raw, json)
Hash identifier:          bzyCfTxPIQaoNEkHLkEg6DhcgTO/FDjHl+47W+3HxLE=
Subject key identifier:   DD:83:58:AC:CE:12:D1:2F:43:5C:23:E3:19:80:BE:C4:7A:4B:F4:5E
Authority key identifier: 53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6
Certificate issuer:       /CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
Certificate serial:       01974B1F168C69BCA872D68FD4096CFFD484
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
Manifest number:          12A0
Signing time:             Sat 07 Jun 2025 16:00:17 +0000
Manifest this update:     Sat 07 Jun 2025 16:00:17 +0000
Manifest next update:     Sun 08 Jun 2025 16:00:17 +0000
Files and hashes:         1: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl (hash: YqOEoR6vz35JyeGE7dS+imsSbC2Hjrk8fy0WgamMU/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:1f:16:8c:69:bc:a8:72:d6:8f:d4:09:6c:ff:d4:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
        Validity
            Not Before: Jun  7 16:00:17 2025 GMT
            Not After : Jun  8 16:00:17 2025 GMT
        Subject: CN=dd8358acce12d12f435c23e31980bec47a4bf45e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e4:ce:a6:aa:c5:3d:dd:e6:8c:30:64:f9:40:
                    1a:42:fd:41:3b:e6:70:4b:14:76:d2:b5:16:97:46:
                    af:bb:44:b0:fb:a9:be:fc:35:7e:a2:9b:56:54:b8:
                    bc:85:c3:13:f5:f5:a7:e2:55:fa:da:e2:d9:04:1f:
                    9f:89:82:d6:6d:8d:29:ac:d7:30:9a:51:b9:bf:b0:
                    56:d9:7c:fe:38:b0:66:db:8d:2c:d7:d5:f9:9c:44:
                    65:ee:05:cf:8b:8c:42:5f:f2:f2:73:c4:27:d0:ba:
                    67:d5:3b:eb:ad:3d:da:bc:76:72:71:52:57:30:df:
                    bc:b0:1d:ad:7d:1b:08:d7:91:45:25:ce:1a:4a:04:
                    68:2c:48:05:ae:b5:8d:bc:6a:35:f5:c0:b3:cf:1a:
                    51:89:e3:69:88:b2:8c:3b:69:e7:b8:08:d6:ee:f9:
                    c2:b9:89:91:99:2d:a6:de:74:35:0d:15:e3:3a:68:
                    c8:7d:06:6f:71:f9:e8:8e:65:96:8d:fd:40:0f:5a:
                    31:26:1a:a6:1f:e3:dc:78:58:97:56:0b:f4:69:d7:
                    e7:7b:f0:0a:a8:52:b2:3b:cb:fb:87:ee:a3:8c:d5:
                    1b:7a:1b:21:37:78:44:b8:88:c2:f9:38:42:8b:6f:
                    8c:13:62:84:c5:d9:63:90:2d:81:65:2b:28:7b:14:
                    88:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:83:58:AC:CE:12:D1:2F:43:5C:23:E3:19:80:BE:C4:7A:4B:F4:5E
            X509v3 Authority Key Identifier:
                keyid:53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:ed:76:92:8c:07:49:fa:c4:ff:54:de:b7:c2:a7:aa:74:aa:
         7e:56:0b:76:88:cc:8c:6f:0d:60:64:cc:f4:d5:e5:4f:bc:51:
         35:d2:d9:b1:d9:01:20:e7:6f:24:2c:8c:b8:d7:f9:c9:e4:30:
         0a:23:ab:2b:69:8c:80:5d:9f:71:5a:88:24:e9:1f:5d:95:9e:
         8b:30:c8:2e:84:68:f5:5e:8d:30:5b:28:d3:f4:20:ba:4d:f0:
         d7:31:45:33:5e:4c:37:c9:bf:f3:b3:36:cf:fe:e8:d6:31:05:
         ab:47:c2:d2:68:f8:4e:8d:e8:35:cc:84:fa:c2:73:9b:92:f8:
         83:2f:5e:94:0e:2f:38:2c:0a:6c:8d:b2:01:76:87:d3:90:fa:
         57:de:4d:e6:1f:76:2e:a3:16:11:8e:f6:2a:9b:c5:48:00:8a:
         50:91:1b:a9:a9:e8:3d:01:25:71:73:b1:0b:a1:d0:68:f2:b1:
         29:97:ba:f3:3d:e7:54:7a:c1:4c:a4:a5:ad:19:55:5b:cd:e8:
         7a:3a:da:83:6d:ba:54:72:9a:1f:9d:70:18:98:36:22:f3:3d:
         31:75:67:83:0e:5c:c7:7f:fe:d2:62:cf:9d:d2:7c:05:01:53:
         9a:61:75:3c:6b:a5:9e:4d:d8:3a:5e:cd:c8:49:ce:35:92:1d:
         c5:aa:0d:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLHxaMabyoctaP1Als/9SEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYTNjNGVlNjcwZGNlYTY4YjRkNzllYTZjMzE4NWZlMDI5
ZDk3YjYwHhcNMjUwNjA3MTYwMDE3WhcNMjUwNjA4MTYwMDE3WjAzMTEwLwYDVQQD
EyhkZDgzNThhY2NlMTJkMTJmNDM1YzIzZTMxOTgwYmVjNDdhNGJmNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OTOpqrFPd3mjDBk+UAaQv1BO+Zw
SxR20rUWl0avu0Sw+6m+/DV+optWVLi8hcMT9fWn4lX62uLZBB+fiYLWbY0prNcw
mlG5v7BW2Xz+OLBm240s19X5nERl7gXPi4xCX/Lyc8Qn0Lpn1TvrrT3avHZycVJX
MN+8sB2tfRsI15FFJc4aSgRoLEgFrrWNvGo19cCzzxpRieNpiLKMO2nnuAjW7vnC
uYmRmS2m3nQ1DRXjOmjIfQZvcfnojmWWjf1AD1oxJhqmH+PceFiXVgv0adfne/AK
qFKyO8v7h+6jjNUbehshN3hEuIjC+ThCi2+ME2KExdljkC2BZSsoexSIOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2DWKzOEtEvQ1wj4xmAvsR6S/ReMB8GA1UdIwQY
MBaAFFOjxO5nDc6mi0156mwxhf4CnZe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjIt
MDQ0YzMyNTMxYWQzLzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjItMDQ0YzMyNTMxYWQz
LzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEO12kowH
SfrE/1Tet8KnqnSqflYLdojMjG8NYGTM9NXlT7xRNdLZsdkBIOdvJCyMuNf5yeQw
CiOrK2mMgF2fcVqIJOkfXZWeizDILoRo9V6NMFso0/Qguk3w1zFFM15MN8m/87M2
z/7o1jEFq0fC0mj4To3oNcyE+sJzm5L4gy9elA4vOCwKbI2yAXaH05D6V95N5h92
LqMWEY72KpvFSACKUJEbqanoPQElcXOxC6HQaPKxKZe68z3nVHrBTKSlrRlVW83o
ejrag226VHKaH51wGJg2IvM9MXVngw5cx3/+0mLPndJ8BQFTmmF1PGulnk3YOl7N
yEnONZIdxaoNWw==
-----END CERTIFICATE-----