Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
File:                     U_8iLUoiYwLL8QBoyqb0xB97scs.mft (raw, json)
Hash identifier:          gruFMHNfssm5l7qOsz/uREqvciOXWSfsyu8+tCfI1Ek=
Subject key identifier:   71:CC:DD:E7:2D:AC:85:DF:56:84:33:4C:DA:84:BA:F4:AC:94:78:B0
Authority key identifier: 53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB
Certificate issuer:       /CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
Certificate serial:       01974C694BA1E76128C5AF8DF00B7E9FDFA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
Manifest number:          0124
Signing time:             Sat 07 Jun 2025 22:00:58 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:58 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:58 +0000
Files and hashes:         1: U_8iLUoiYwLL8QBoyqb0xB97scs.crl (hash: Q+1hO/6BCIw1HJDcqZ9yNZYuRlZaoyvy1KR6yF0WXYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:4b:a1:e7:61:28:c5:af:8d:f0:0b:7e:9f:df:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
        Validity
            Not Before: Jun  7 22:00:58 2025 GMT
            Not After : Jun  8 22:00:58 2025 GMT
        Subject: CN=71ccdde72dac85df5684334cda84baf4ac9478b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a6:58:01:fb:e5:a8:44:0a:0d:c6:00:a8:03:
                    7c:94:d1:5b:69:b0:d7:dc:90:a9:66:ed:cb:88:66:
                    44:5d:9f:0f:a9:d6:71:51:33:86:24:04:88:ff:fc:
                    97:54:6e:fa:9c:3c:34:5a:c3:69:90:d7:42:84:8b:
                    e5:93:b8:b3:bc:77:c2:78:10:99:71:e3:88:0e:68:
                    20:57:ed:4d:f8:bb:74:7d:98:f6:c1:a9:9a:58:2f:
                    aa:8d:26:a3:12:c9:5f:ae:f0:90:e3:bc:68:06:4f:
                    72:ab:d0:5d:97:b3:4e:7a:be:3b:98:21:4c:22:3d:
                    25:88:ff:74:7a:4e:dc:9b:a0:8b:c6:24:2b:f8:bc:
                    77:f3:de:da:29:17:14:bc:ce:11:78:12:4a:1c:d6:
                    ff:81:9d:1f:33:ab:c2:18:5b:d7:49:b3:74:30:4d:
                    ba:f9:d6:3e:5d:ad:89:6d:da:9c:fb:b7:8f:b4:21:
                    e0:f2:1f:43:f3:91:5b:81:85:8f:2d:bb:6f:0e:a5:
                    71:e0:dd:4e:a2:5f:9b:85:61:75:c1:0e:76:05:2b:
                    73:15:83:75:a3:68:dc:6e:8e:5f:9d:fa:61:16:16:
                    40:55:e3:c0:d6:ed:2b:00:86:83:e9:2e:f6:f5:ef:
                    cb:ea:16:82:c1:74:6a:04:1e:cc:9a:97:0d:1e:4c:
                    e0:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:CC:DD:E7:2D:AC:85:DF:56:84:33:4C:DA:84:BA:F4:AC:94:78:B0
            X509v3 Authority Key Identifier:
                keyid:53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:f5:5f:46:d1:f9:b2:8a:7e:d4:17:a9:10:de:02:13:8f:e3:
         30:a0:bf:08:2b:07:f0:df:00:91:68:ff:c8:81:5e:66:f2:10:
         b4:68:ab:b2:62:f6:af:4d:86:3a:52:15:7f:a7:8c:2a:37:34:
         ba:fd:2b:8e:56:42:77:49:2e:ab:e1:e2:a7:1c:82:13:96:21:
         c9:bf:2d:e2:93:a6:b8:53:39:1e:bc:15:d6:dc:12:81:cc:73:
         42:a5:b1:bf:66:45:74:16:ea:90:11:3d:bb:f8:63:a2:0d:69:
         0d:21:24:a0:a9:bf:ba:a5:b9:29:f5:5a:73:4f:2e:21:f2:9b:
         45:81:79:91:21:a9:6c:a6:63:15:6b:26:2c:10:b0:a1:51:4d:
         91:25:a8:63:f3:de:25:17:c9:16:99:59:ba:45:d6:0a:05:0f:
         2a:a8:70:c2:bf:c0:a6:60:c7:77:51:07:28:1f:72:9c:61:dc:
         10:39:dc:bb:c3:46:03:14:6f:b9:16:13:b5:af:84:b1:00:bd:
         46:41:af:d4:a3:24:18:f3:9c:7f:cf:a9:0d:76:fd:61:86:b2:
         a3:fb:2f:4b:46:ab:dd:28:b8:5c:a8:4c:a2:dd:4d:a1:e8:b2:
         54:57:0e:e6:59:28:84:a3:9e:7a:ba:e1:8a:d1:65:35:37:c7:
         c7:da:23:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaUuh52Eoxa+N8At+n9+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZmYyMjJkNGEyMjYzMDJjYmYxMDA2OGNhYTZmNGM0MWY3
YmIxY2IwHhcNMjUwNjA3MjIwMDU4WhcNMjUwNjA4MjIwMDU4WjAzMTEwLwYDVQQD
Eyg3MWNjZGRlNzJkYWM4NWRmNTY4NDMzNGNkYTg0YmFmNGFjOTQ3OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6ZYAfvlqEQKDcYAqAN8lNFbabDX
3JCpZu3LiGZEXZ8PqdZxUTOGJASI//yXVG76nDw0WsNpkNdChIvlk7izvHfCeBCZ
ceOIDmggV+1N+Lt0fZj2wamaWC+qjSajEslfrvCQ47xoBk9yq9Bdl7NOer47mCFM
Ij0liP90ek7cm6CLxiQr+Lx3897aKRcUvM4ReBJKHNb/gZ0fM6vCGFvXSbN0ME26
+dY+Xa2Jbdqc+7ePtCHg8h9D85FbgYWPLbtvDqVx4N1Ool+bhWF1wQ52BStzFYN1
o2jcbo5fnfphFhZAVePA1u0rAIaD6S729e/L6haCwXRqBB7MmpcNHkzgIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHM3ectrIXfVoQzTNqEuvSslHiwMB8GA1UdIwQY
MBaAFFP/Ii1KImMCy/EAaMqm9MQfe7HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQt
Y2EzNmQ5OGIzYzRkLzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQtY2EzNmQ5OGIzYzRk
LzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOvVfRtH5
sop+1BepEN4CE4/jMKC/CCsH8N8AkWj/yIFeZvIQtGirsmL2r02GOlIVf6eMKjc0
uv0rjlZCd0kuq+HipxyCE5Yhyb8t4pOmuFM5HrwV1twSgcxzQqWxv2ZFdBbqkBE9
u/hjog1pDSEkoKm/uqW5KfVac08uIfKbRYF5kSGpbKZjFWsmLBCwoVFNkSWoY/Pe
JRfJFplZukXWCgUPKqhwwr/ApmDHd1EHKB9ynGHcEDncu8NGAxRvuRYTta+EsQC9
RkGv1KMkGPOcf8+pDXb9YYayo/svS0ar3Si4XKhMot1NoeiyVFcO5lkohKOeerrh
itFlNTfHx9ojEQ==
-----END CERTIFICATE-----