Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft
File:                     ujWrXugfdPzKSgwT6XLsHP6WeTs.mft (raw, json)
Hash identifier:          EfMekbmNAdp1sqas2fCc0wUiI6q+oPGtqpjQXp3xD6Y=
Subject key identifier:   32:04:B0:37:B5:EC:BE:F9:48:A0:F4:71:71:ED:86:B0:E5:6A:EC:87
Authority key identifier: BA:35:AB:5E:E8:1F:74:FC:CA:4A:0C:13:E9:72:EC:1C:FE:96:79:3B
Certificate issuer:       /CN=ba35ab5ee81f74fcca4a0c13e972ec1cfe96793b
Certificate serial:       0196515BD5AA83065207DAF0D3C008CD8059
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ujWrXugfdPzKSgwT6XLsHP6WeTs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft
Manifest number:          07D3
Signing time:             Sun 20 Apr 2025 04:01:35 +0000
Manifest this update:     Sun 20 Apr 2025 04:01:35 +0000
Manifest next update:     Mon 21 Apr 2025 04:01:35 +0000
Files and hashes:         1: ujWrXugfdPzKSgwT6XLsHP6WeTs.crl (hash: MgbRV+8AHifCHdDQUGTdhyM9jGqHoMvRI4zm47BUNrc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ujWrXugfdPzKSgwT6XLsHP6WeTs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5b:d5:aa:83:06:52:07:da:f0:d3:c0:08:cd:80:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba35ab5ee81f74fcca4a0c13e972ec1cfe96793b
        Validity
            Not Before: Apr 20 04:01:35 2025 GMT
            Not After : Apr 21 04:01:35 2025 GMT
        Subject: CN=3204b037b5ecbef948a0f47171ed86b0e56aec87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:98:ef:d1:bb:fc:02:bc:9b:03:1f:c7:6c:26:
                    c2:db:65:70:22:7a:96:52:78:0a:90:37:6d:24:ec:
                    c9:d3:87:5e:e6:a6:b4:03:c1:44:08:d1:be:8d:9b:
                    6b:58:8a:9b:71:aa:e5:42:92:cf:9e:71:a0:59:bb:
                    1f:3a:4a:6a:47:de:b7:b6:10:4a:51:d0:5c:80:a7:
                    7d:80:23:94:03:ba:4e:e3:7a:6a:60:b3:01:f4:fa:
                    49:7d:a6:a0:e4:ff:3f:94:52:83:d8:0e:ca:30:ce:
                    d4:22:34:b1:70:21:ab:93:54:bb:60:56:51:9b:a8:
                    fa:01:73:d3:1c:98:40:e1:21:ba:f0:a0:80:2b:2c:
                    40:d7:91:f6:40:5d:d9:09:65:b1:74:e0:25:da:ae:
                    e6:24:d6:fe:05:29:19:eb:8e:e3:ea:9c:e9:44:56:
                    8c:3e:3e:8c:2c:ad:04:5d:be:61:30:ff:33:4e:1d:
                    a0:23:2e:42:70:cd:d2:3a:2f:01:62:39:f2:f2:5c:
                    33:bb:2e:63:dd:2b:d6:55:cc:fa:c9:4e:0d:11:d3:
                    5d:1e:c0:eb:9e:86:3e:6d:c1:a3:10:e2:3c:f2:ac:
                    71:59:eb:0a:31:b7:ee:e2:7f:48:e6:41:50:9a:01:
                    13:3e:97:d0:16:51:92:8d:95:54:af:2c:8e:8e:22:
                    81:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:04:B0:37:B5:EC:BE:F9:48:A0:F4:71:71:ED:86:B0:E5:6A:EC:87
            X509v3 Authority Key Identifier:
                keyid:BA:35:AB:5E:E8:1F:74:FC:CA:4A:0C:13:E9:72:EC:1C:FE:96:79:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujWrXugfdPzKSgwT6XLsHP6WeTs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:f8:9e:50:c8:ad:83:59:57:94:47:b3:6b:54:5a:5c:c6:74:
         1b:e5:d8:d8:32:2a:ce:ec:3b:10:4a:67:24:43:8c:f1:d7:2b:
         ec:e0:46:ad:a3:80:b8:e6:73:12:b9:60:0f:ca:e6:ab:e2:6d:
         a3:48:1d:aa:5e:7c:09:47:39:97:01:ee:02:d9:b3:95:b3:37:
         52:f3:79:dc:00:87:e4:81:c9:59:c7:0a:f4:f1:8b:2b:fc:06:
         ff:99:38:fb:91:59:96:80:42:ab:80:92:03:fc:46:d5:df:65:
         96:ab:08:4e:14:6c:48:50:76:4e:b7:5c:fc:f3:87:c2:a3:f7:
         1f:ea:1c:9a:7a:2a:40:f9:6b:13:2a:de:02:ef:ea:0a:3e:ce:
         05:aa:45:da:dd:9f:53:7c:bf:e3:be:2b:46:b4:05:53:ab:2c:
         2b:f2:f7:7d:87:62:60:82:55:f3:30:e4:d2:01:f6:11:b1:f6:
         d6:af:fc:fd:b5:fa:1f:e9:a4:8c:f5:17:8b:39:f7:7a:5c:f0:
         ca:39:5f:c1:03:68:c8:0e:d9:61:c1:77:8d:21:fb:dc:9b:45:
         11:ea:25:19:f7:27:13:b2:a6:28:c2:80:2f:55:60:1a:fa:b4:
         28:d8:f8:6a:b2:cd:66:c7:b1:b1:cb:49:eb:43:a8:e1:03:0b:
         99:2b:ba:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRW9WqgwZSB9rw08AIzYBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzVhYjVlZTgxZjc0ZmNjYTRhMGMxM2U5NzJlYzFjZmU5
Njc5M2IwHhcNMjUwNDIwMDQwMTM1WhcNMjUwNDIxMDQwMTM1WjAzMTEwLwYDVQQD
EygzMjA0YjAzN2I1ZWNiZWY5NDhhMGY0NzE3MWVkODZiMGU1NmFlYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipjv0bv8ArybAx/HbCbC22VwInqW
UngKkDdtJOzJ04de5qa0A8FECNG+jZtrWIqbcarlQpLPnnGgWbsfOkpqR963thBK
UdBcgKd9gCOUA7pO43pqYLMB9PpJfaag5P8/lFKD2A7KMM7UIjSxcCGrk1S7YFZR
m6j6AXPTHJhA4SG68KCAKyxA15H2QF3ZCWWxdOAl2q7mJNb+BSkZ647j6pzpRFaM
Pj6MLK0EXb5hMP8zTh2gIy5CcM3SOi8BYjny8lwzuy5j3SvWVcz6yU4NEdNdHsDr
noY+bcGjEOI88qxxWesKMbfu4n9I5kFQmgETPpfQFlGSjZVUryyOjiKBLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIEsDe17L75SKD0cXHthrDlauyHMB8GA1UdIwQY
MBaAFLo1q17oH3T8ykoME+ly7Bz+lnk7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpXclh1Z2ZkUHpLU2d3VDZYTHNIUDZXZVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jMGJkNjYtZWVkMi00MjlmLWE2Yzct
MTVlZmM2Nzg1YjE2LzEvdWpXclh1Z2ZkUHpLU2d3VDZYTHNIUDZXZVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jMGJkNjYtZWVkMi00MjlmLWE2YzctMTVlZmM2Nzg1YjE2
LzEvdWpXclh1Z2ZkUHpLU2d3VDZYTHNIUDZXZVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvieUMit
g1lXlEeza1RaXMZ0G+XY2DIqzuw7EEpnJEOM8dcr7OBGraOAuOZzErlgD8rmq+Jt
o0gdql58CUc5lwHuAtmzlbM3UvN53ACH5IHJWccK9PGLK/wG/5k4+5FZloBCq4CS
A/xG1d9llqsIThRsSFB2Trdc/POHwqP3H+ocmnoqQPlrEyreAu/qCj7OBapF2t2f
U3y/474rRrQFU6ssK/L3fYdiYIJV8zDk0gH2EbH21q/8/bX6H+mkjPUXizn3elzw
yjlfwQNoyA7ZYcF3jSH73JtFEeolGfcnE7KmKMKAL1VgGvq0KNj4arLNZsexsctJ
60Oo4QMLmSu6oA==
-----END CERTIFICATE-----