Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
File:                     UtlINdtX9r4TjoZPWT7mrai4PtA.mft (raw, json)
Hash identifier:          aG0GcNupl3ZlqlSXK0Zlp0ES8U4avARbW8CZZ0Cj8LA=
Subject key identifier:   35:DB:66:A1:82:59:60:45:7F:37:8D:C7:DE:C8:4E:BA:5F:94:D9:BC
Authority key identifier: 52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0
Certificate issuer:       /CN=52d94835db57f6be138e864f593ee6ada8b83ed0
Certificate serial:       01974855069E6864525C7803837DF3CDD007
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
Manifest number:          30
Signing time:             Sat 07 Jun 2025 03:00:21 +0000
Manifest this update:     Sat 07 Jun 2025 03:00:21 +0000
Manifest next update:     Sun 08 Jun 2025 03:00:21 +0000
Files and hashes:         1: UtlINdtX9r4TjoZPWT7mrai4PtA.crl (hash: cY78f1ljCdBgHDYgZbMKMj6LFXB9fn7mIJFWnPOcwS4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:55:06:9e:68:64:52:5c:78:03:83:7d:f3:cd:d0:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52d94835db57f6be138e864f593ee6ada8b83ed0
        Validity
            Not Before: Jun  7 03:00:21 2025 GMT
            Not After : Jun  8 03:00:21 2025 GMT
        Subject: CN=35db66a1825960457f378dc7dec84eba5f94d9bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:e0:0a:d4:e1:50:14:73:fa:07:fa:14:26:26:
                    4e:36:03:09:48:07:12:8e:ab:bf:d5:5c:2e:15:59:
                    c3:76:53:fb:9a:22:9b:dc:79:f6:d1:73:54:3d:af:
                    33:f2:0c:cb:b5:83:b2:d3:e9:2c:e5:f1:9a:a6:ed:
                    d4:5f:fe:01:54:91:89:f1:ee:37:15:f5:76:a1:63:
                    b3:3f:f8:04:89:8b:a5:e6:70:a5:42:1f:06:9a:72:
                    ae:b7:c3:04:ad:3c:94:78:c4:61:b4:86:82:f1:08:
                    5d:b0:f0:8f:11:55:b7:07:d4:52:44:4e:c6:cc:d3:
                    84:7e:c2:40:b9:a9:fd:11:37:1a:b4:e3:3e:dd:68:
                    fe:4e:65:ec:be:cc:d0:70:89:ce:e4:15:e1:01:05:
                    3b:48:02:bd:17:fb:8f:1c:bb:62:db:a0:36:45:8a:
                    a5:6f:1e:d1:9b:58:d6:b3:f6:64:e6:d4:ab:0b:ca:
                    8b:15:d4:02:4a:6f:38:99:4a:00:db:3a:b9:d4:18:
                    05:47:44:93:1b:71:f9:4a:ee:71:53:e5:59:25:67:
                    f7:d2:bc:9c:11:a2:31:ba:53:db:6c:ae:6f:c8:0e:
                    4e:b3:3c:69:d6:46:80:f3:7e:53:09:20:04:f1:bc:
                    3f:cc:74:18:00:9d:b6:e9:1b:73:af:e2:66:38:1d:
                    93:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:DB:66:A1:82:59:60:45:7F:37:8D:C7:DE:C8:4E:BA:5F:94:D9:BC
            X509v3 Authority Key Identifier:
                keyid:52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:a8:00:39:30:f1:10:96:28:d5:25:d7:9b:c2:18:80:92:6d:
         38:06:3f:b1:7b:50:b8:fb:da:bc:cb:5b:66:10:b3:76:69:88:
         ce:b5:ce:4e:d8:f6:e0:8c:99:9b:a5:86:f3:ed:36:a1:da:5a:
         12:39:c8:89:a8:d2:97:75:b8:dd:0e:93:7e:f2:91:c0:c4:04:
         3c:3f:4f:14:08:80:db:30:99:e8:28:1c:33:98:b6:86:f4:82:
         e8:a6:63:40:a4:c8:0e:c4:66:98:98:87:27:f3:d3:89:ad:84:
         43:6e:df:9a:58:eb:e6:2b:08:4f:0b:25:11:6b:1c:c4:61:cb:
         6b:f0:82:9c:32:4a:48:dd:eb:1a:cf:71:f9:b8:d6:21:d8:9b:
         fe:b1:60:77:63:13:c3:aa:cd:cf:d2:36:aa:98:24:a9:90:1d:
         f9:39:c2:1a:96:58:47:a4:0e:80:11:76:30:3e:b7:b4:89:50:
         03:0c:37:4a:ae:43:df:76:76:38:d8:c3:9b:81:e4:86:9c:ce:
         c7:0a:5a:b7:f3:33:13:48:d6:de:b9:d6:94:8a:28:b6:e9:ef:
         de:8a:83:21:48:19:91:c1:2a:18:7c:2e:65:d9:47:91:fa:81:
         47:be:0b:f0:fd:32:f6:6e:0b:09:45:59:60:ed:ee:02:b0:c7:
         ec:75:b2:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIVQaeaGRSXHgDg33zzdAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZDk0ODM1ZGI1N2Y2YmUxMzhlODY0ZjU5M2VlNmFkYThi
ODNlZDAwHhcNMjUwNjA3MDMwMDIxWhcNMjUwNjA4MDMwMDIxWjAzMTEwLwYDVQQD
EygzNWRiNjZhMTgyNTk2MDQ1N2YzNzhkYzdkZWM4NGViYTVmOTRkOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOAK1OFQFHP6B/oUJiZONgMJSAcS
jqu/1VwuFVnDdlP7miKb3Hn20XNUPa8z8gzLtYOy0+ks5fGapu3UX/4BVJGJ8e43
FfV2oWOzP/gEiYul5nClQh8GmnKut8MErTyUeMRhtIaC8QhdsPCPEVW3B9RSRE7G
zNOEfsJAuan9ETcatOM+3Wj+TmXsvszQcInO5BXhAQU7SAK9F/uPHLti26A2RYql
bx7Rm1jWs/Zk5tSrC8qLFdQCSm84mUoA2zq51BgFR0STG3H5Su5xU+VZJWf30ryc
EaIxulPbbK5vyA5Oszxp1kaA835TCSAE8bw/zHQYAJ226Rtzr+JmOB2TMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXbZqGCWWBFfzeNx97ITrpflNm8MB8GA1UdIwQY
MBaAFFLZSDXbV/a+E46GT1k+5q2ouD7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEt
M2QwOGFhYmQ1ZTliLzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEtM2QwOGFhYmQ1ZTli
LzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPKgAOTDx
EJYo1SXXm8IYgJJtOAY/sXtQuPvavMtbZhCzdmmIzrXOTtj24IyZm6WG8+02odpa
EjnIiajSl3W43Q6TfvKRwMQEPD9PFAiA2zCZ6CgcM5i2hvSC6KZjQKTIDsRmmJiH
J/PTia2EQ27fmljr5isITwslEWscxGHLa/CCnDJKSN3rGs9x+bjWIdib/rFgd2MT
w6rNz9I2qpgkqZAd+TnCGpZYR6QOgBF2MD63tIlQAww3Sq5D33Z2ONjDm4HkhpzO
xwpat/MzE0jW3rnWlIootunv3oqDIUgZkcEqGHwuZdlHkfqBR74L8P0y9m4LCUVZ
YO3uArDH7HWyjw==
-----END CERTIFICATE-----