Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
File:                     uvzQImt58j3kemr95RRLGynii1w.mft (raw, json)
Hash identifier:          leTGK9NhJsLlqyUjXe7Wx/gXnvfbU6wtt/J1/J1tHt0=
Subject key identifier:   9C:DF:D2:44:AC:F7:4C:E1:ED:B6:E9:53:55:52:29:B0:58:83:15:F1
Authority key identifier: BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C
Certificate issuer:       /CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
Certificate serial:       019752D90627B8ACB943DAB6C20E3F0FC5F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
Manifest number:          0758
Signing time:             Mon 09 Jun 2025 04:00:43 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:43 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:43 +0000
Files and hashes:         1: uvzQImt58j3kemr95RRLGynii1w.crl (hash: LgSNWhU/4ZaC/Nz3x0TOXSahPcTstWKz0K0jkspHQ8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d9:06:27:b8:ac:b9:43:da:b6:c2:0e:3f:0f:c5:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
        Validity
            Not Before: Jun  9 04:00:43 2025 GMT
            Not After : Jun 10 04:00:43 2025 GMT
        Subject: CN=9cdfd244acf74ce1edb6e953555229b0588315f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:08:bc:6f:0a:0b:88:a4:ad:8e:24:33:c1:02:
                    59:f5:2f:40:f8:d3:66:8b:88:da:53:fe:fa:1e:16:
                    7a:43:fa:9a:62:5b:47:96:ea:09:60:03:67:31:30:
                    a8:94:c7:bf:8f:5f:c8:21:9d:14:c9:9d:c2:05:7a:
                    b8:26:14:af:fb:69:a3:fd:21:08:e4:cf:f1:55:42:
                    0a:88:33:79:8e:de:f7:ec:b5:57:00:76:28:48:ef:
                    c2:ef:3b:73:b9:52:06:da:e7:5a:9a:f0:18:72:65:
                    b0:7c:b0:5d:67:1c:e7:ff:19:72:25:7f:b2:ba:81:
                    17:e8:b7:88:ea:b0:3c:cf:01:c9:99:e6:22:9a:07:
                    5e:89:66:65:e9:75:ac:fa:30:83:4d:f8:36:3c:a0:
                    9f:4c:b5:3e:4f:b6:58:25:e6:9a:57:89:62:13:72:
                    e6:c8:50:dd:a0:fe:38:0b:27:8b:8f:01:40:61:4c:
                    2f:55:cf:82:91:b8:22:ce:9c:eb:27:06:07:36:aa:
                    53:c0:1e:cb:c3:80:f0:99:01:ff:11:5e:8d:c6:d9:
                    80:34:40:84:b7:2a:b3:74:f7:23:1b:9f:b6:d5:e4:
                    2d:f4:ef:2c:60:00:d2:14:31:e1:e9:33:37:21:3c:
                    c7:e1:a9:68:fb:a8:99:5f:cf:66:77:54:8d:3b:71:
                    1c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:DF:D2:44:AC:F7:4C:E1:ED:B6:E9:53:55:52:29:B0:58:83:15:F1
            X509v3 Authority Key Identifier:
                keyid:BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:43:25:ed:e6:70:5b:9a:d6:84:5c:f8:7b:e1:0d:ca:f3:f4:
         1b:53:62:2c:55:ef:3c:69:c6:55:94:7f:36:7e:ef:7a:d5:d6:
         95:5c:41:90:0c:7a:bd:4b:7c:45:68:0f:a8:fa:19:82:e6:14:
         a1:8d:fe:08:5d:b4:c7:48:93:a4:17:ca:fa:79:67:e2:b7:c5:
         1e:c1:6f:5c:5a:f3:eb:c0:75:eb:b6:0f:4b:e6:4b:99:36:81:
         f3:cc:df:a0:10:bd:35:06:ef:5f:f7:27:c8:6d:7e:47:f6:87:
         d3:5b:b2:ba:34:6d:46:ad:e5:c0:9d:da:29:b9:52:32:d7:18:
         a4:25:2c:82:31:49:d8:6d:ea:b2:46:20:1e:5c:e2:90:a0:2a:
         70:e9:aa:0d:69:03:db:3f:0d:98:a5:68:c9:ba:d8:5c:58:d2:
         69:4f:8b:e3:82:ba:a3:49:51:3d:5f:48:ac:02:99:af:97:85:
         37:c6:01:fe:ee:38:e5:c1:82:d8:82:6c:87:20:05:fe:f1:c4:
         2c:e6:f4:09:f7:64:e1:95:08:73:36:40:c9:c8:de:d5:87:6b:
         d9:1a:2d:bc:d8:3a:1d:30:0a:1a:f0:56:2d:80:e5:7c:2c:a9:
         11:d8:1b:6a:c4:64:3b:7b:81:6a:23:e7:c3:da:2a:bf:fb:c4:
         f1:67:d4:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2QYnuKy5Q9q2wg4/D8XyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhZmNkMDIyNmI3OWYyM2RlNDdhNmFmZGU1MTQ0YjFiMjll
MjhiNWMwHhcNMjUwNjA5MDQwMDQzWhcNMjUwNjEwMDQwMDQzWjAzMTEwLwYDVQQD
Eyg5Y2RmZDI0NGFjZjc0Y2UxZWRiNmU5NTM1NTUyMjliMDU4ODMxNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogi8bwoLiKStjiQzwQJZ9S9A+NNm
i4jaU/76HhZ6Q/qaYltHluoJYANnMTColMe/j1/IIZ0UyZ3CBXq4JhSv+2mj/SEI
5M/xVUIKiDN5jt737LVXAHYoSO/C7ztzuVIG2udamvAYcmWwfLBdZxzn/xlyJX+y
uoEX6LeI6rA8zwHJmeYimgdeiWZl6XWs+jCDTfg2PKCfTLU+T7ZYJeaaV4liE3Lm
yFDdoP44CyeLjwFAYUwvVc+CkbgizpzrJwYHNqpTwB7Lw4DwmQH/EV6NxtmANECE
tyqzdPcjG5+21eQt9O8sYADSFDHh6TM3ITzH4alo+6iZX89md1SNO3EcPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJzf0kSs90zh7bbpU1VSKbBYgxXxMB8GA1UdIwQY
MBaAFLr80CJrefI95Hpq/eUUSxsp4otcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82YTEyY2UtYWZiYy00NTgzLTk3NzMt
YzE4MTM5NDdlMjMzLzEvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82YTEyY2UtYWZiYy00NTgzLTk3NzMtYzE4MTM5NDdlMjMz
LzEvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQEMl7eZw
W5rWhFz4e+ENyvP0G1NiLFXvPGnGVZR/Nn7vetXWlVxBkAx6vUt8RWgPqPoZguYU
oY3+CF20x0iTpBfK+nln4rfFHsFvXFrz68B167YPS+ZLmTaB88zfoBC9NQbvX/cn
yG1+R/aH01uyujRtRq3lwJ3aKblSMtcYpCUsgjFJ2G3qskYgHlzikKAqcOmqDWkD
2z8NmKVoybrYXFjSaU+L44K6o0lRPV9IrAKZr5eFN8YB/u445cGC2IJshyAF/vHE
LOb0Cfdk4ZUIczZAycje1Ydr2RotvNg6HTAKGvBWLYDlfCypEdgbasRkO3uBaiPn
w9oqv/vE8WfUkg==
-----END CERTIFICATE-----