Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft
File:                     ujWrXugfdPzKSgwT6XLsHP6WeTs.mft (raw, json)
Hash identifier:          bSuwoMA0AcTQkFIATR7ViS7KJJ7fmSFNhrhCt972lCE=
Subject key identifier:   95:FA:A6:92:BD:12:44:6E:1D:1B:C3:C5:79:10:43:C4:83:B6:08:57
Authority key identifier: BA:35:AB:5E:E8:1F:74:FC:CA:4A:0C:13:E9:72:EC:1C:FE:96:79:3B
Certificate issuer:       /CN=ba35ab5ee81f74fcca4a0c13e972ec1cfe96793b
Certificate serial:       0197488C2207EB3B86A8C0562CD75086BF63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ujWrXugfdPzKSgwT6XLsHP6WeTs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft
Manifest number:          0853
Signing time:             Sat 07 Jun 2025 04:00:32 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:32 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:32 +0000
Files and hashes:         1: ujWrXugfdPzKSgwT6XLsHP6WeTs.crl (hash: 6Nz+G2eQQakNz4Isa4EQJKTqBkaXKPDD9R9cR5eMhOQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ujWrXugfdPzKSgwT6XLsHP6WeTs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:22:07:eb:3b:86:a8:c0:56:2c:d7:50:86:bf:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba35ab5ee81f74fcca4a0c13e972ec1cfe96793b
        Validity
            Not Before: Jun  7 04:00:32 2025 GMT
            Not After : Jun  8 04:00:32 2025 GMT
        Subject: CN=95faa692bd12446e1d1bc3c5791043c483b60857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:9a:2e:bc:1f:88:06:7b:d7:54:f6:b2:a4:5c:
                    ab:8c:d9:bf:93:e8:1a:21:9e:83:91:48:24:01:26:
                    e4:f1:a1:50:b9:b2:bb:8e:09:6d:26:04:e0:1a:ee:
                    c8:15:e0:53:5d:f0:9d:6c:7d:ac:a9:3e:2d:de:89:
                    65:63:73:a6:de:64:16:9d:2d:a8:0a:2f:05:f8:f1:
                    9f:6e:12:ea:6f:3c:12:df:a2:10:ab:f6:60:0a:fa:
                    3f:80:d7:d1:aa:1c:82:42:a2:25:70:e9:17:40:dd:
                    b2:19:98:2a:7f:b1:3e:ea:86:6c:a8:27:20:38:43:
                    0a:a1:ea:6a:86:f6:6e:76:34:24:0b:a7:6b:48:94:
                    2e:26:74:e8:03:21:17:14:5b:2c:20:5a:ac:e1:33:
                    ae:75:bf:4e:3f:e4:81:ac:11:8b:5c:3a:05:e6:03:
                    ea:0e:58:b9:18:06:3e:1c:8d:1e:f3:7f:b4:01:44:
                    38:8f:51:3f:67:b0:b8:01:c4:39:b8:5a:de:3c:e3:
                    20:3f:0b:06:4e:09:56:6d:65:6d:83:19:ef:45:a5:
                    ef:7e:49:68:cd:60:4a:3b:e7:cb:62:c3:3c:46:5e:
                    96:ed:94:ac:22:68:0e:1c:dc:85:03:14:f7:3b:f6:
                    a6:b8:af:53:9e:40:6c:a7:b4:43:e4:38:52:55:78:
                    5d:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:FA:A6:92:BD:12:44:6E:1D:1B:C3:C5:79:10:43:C4:83:B6:08:57
            X509v3 Authority Key Identifier:
                keyid:BA:35:AB:5E:E8:1F:74:FC:CA:4A:0C:13:E9:72:EC:1C:FE:96:79:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujWrXugfdPzKSgwT6XLsHP6WeTs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:b9:ea:6c:9e:eb:c3:cd:83:7e:88:a7:50:3e:56:aa:30:06:
         60:93:95:43:66:c5:c1:8d:00:e0:f6:f0:8d:db:15:31:a6:12:
         52:e3:10:62:da:c0:32:83:c1:6b:79:f7:a1:a2:2d:81:43:40:
         7d:08:aa:8e:13:9c:e9:6a:39:29:e1:d8:cc:4d:d7:5d:5e:6e:
         2b:40:48:45:bc:cd:ac:26:ea:a0:51:58:d3:e3:a3:41:c0:f6:
         fa:ae:0c:40:c3:26:d8:ec:f8:f1:0a:31:fc:d4:6f:03:a2:16:
         51:d9:5e:ae:ef:b2:78:3f:3c:ed:8f:47:0a:b0:b7:3e:97:28:
         c6:66:ab:c8:93:5e:0f:9a:f0:fb:e6:e5:85:6f:4d:3d:ec:3e:
         35:2c:c4:c0:cf:f8:36:bc:62:8f:a4:5f:41:7e:b8:4c:44:3d:
         0b:1c:d0:6f:02:2a:3c:cf:62:6d:c0:46:ee:99:61:02:ce:36:
         ff:81:8c:2b:0d:ff:d7:2d:93:1c:4b:4f:1b:90:ea:1f:bc:4d:
         c1:57:b4:70:c2:0a:7e:d1:33:7d:4f:dd:df:76:a5:97:e7:ad:
         70:00:4f:85:90:9e:f9:54:d9:e4:13:a8:9f:a2:f2:84:1e:35:
         91:8b:2a:16:b7:b7:79:22:07:a0:9b:af:f5:ae:d3:77:26:31:
         70:13:17:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjCIH6zuGqMBWLNdQhr9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzVhYjVlZTgxZjc0ZmNjYTRhMGMxM2U5NzJlYzFjZmU5
Njc5M2IwHhcNMjUwNjA3MDQwMDMyWhcNMjUwNjA4MDQwMDMyWjAzMTEwLwYDVQQD
Eyg5NWZhYTY5MmJkMTI0NDZlMWQxYmMzYzU3OTEwNDNjNDgzYjYwODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZouvB+IBnvXVPaypFyrjNm/k+ga
IZ6DkUgkASbk8aFQubK7jgltJgTgGu7IFeBTXfCdbH2sqT4t3ollY3Om3mQWnS2o
Ci8F+PGfbhLqbzwS36IQq/ZgCvo/gNfRqhyCQqIlcOkXQN2yGZgqf7E+6oZsqCcg
OEMKoepqhvZudjQkC6drSJQuJnToAyEXFFssIFqs4TOudb9OP+SBrBGLXDoF5gPq
Dli5GAY+HI0e83+0AUQ4j1E/Z7C4AcQ5uFrePOMgPwsGTglWbWVtgxnvRaXvfklo
zWBKO+fLYsM8Rl6W7ZSsImgOHNyFAxT3O/amuK9TnkBsp7RD5DhSVXhdJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJX6ppK9EkRuHRvDxXkQQ8SDtghXMB8GA1UdIwQY
MBaAFLo1q17oH3T8ykoME+ly7Bz+lnk7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpXclh1Z2ZkUHpLU2d3VDZYTHNIUDZXZVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jMGJkNjYtZWVkMi00MjlmLWE2Yzct
MTVlZmM2Nzg1YjE2LzEvdWpXclh1Z2ZkUHpLU2d3VDZYTHNIUDZXZVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jMGJkNjYtZWVkMi00MjlmLWE2YzctMTVlZmM2Nzg1YjE2
LzEvdWpXclh1Z2ZkUHpLU2d3VDZYTHNIUDZXZVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgrnqbJ7r
w82DfoinUD5WqjAGYJOVQ2bFwY0A4PbwjdsVMaYSUuMQYtrAMoPBa3n3oaItgUNA
fQiqjhOc6Wo5KeHYzE3XXV5uK0BIRbzNrCbqoFFY0+OjQcD2+q4MQMMm2Oz48Qox
/NRvA6IWUdleru+yeD887Y9HCrC3PpcoxmaryJNeD5rw++blhW9NPew+NSzEwM/4
Nrxij6RfQX64TEQ9CxzQbwIqPM9ibcBG7plhAs42/4GMKw3/1y2THEtPG5DqH7xN
wVe0cMIKftEzfU/d33all+etcABPhZCe+VTZ5BOon6LyhB41kYsqFre3eSIHoJuv
9a7TdyYxcBMXmg==
-----END CERTIFICATE-----