Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
File:                     UTNdj7orxzOYOV-90-DW8_89G2Q.mft (raw, json)
Hash identifier:          gmcQMVAID1A7ss4wqeLjkjpOsn7FSM0FIw6iJweOlVw=
Subject key identifier:   B2:98:A6:77:57:F8:82:C4:31:91:1F:B8:BC:8C:FB:79:82:D9:61:9A
Authority key identifier: 51:33:5D:8F:BA:2B:C7:33:98:39:5F:BD:D3:E0:D6:F3:FF:3D:1B:64
Certificate issuer:       /CN=51335d8fba2bc73398395fbdd3e0d6f3ff3d1b64
Certificate serial:       019642C38CA650021D37CB16025FF78E3872
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
Manifest number:          1088
Signing time:             Thu 17 Apr 2025 08:00:33 +0000
Manifest this update:     Thu 17 Apr 2025 08:00:33 +0000
Manifest next update:     Fri 18 Apr 2025 08:00:33 +0000
Files and hashes:         1: UTNdj7orxzOYOV-90-DW8_89G2Q.crl (hash: X4BtT7PK7W7cdVzGMF2Gj2zB7pHhxh6GrTFixKbdup8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:42:c3:8c:a6:50:02:1d:37:cb:16:02:5f:f7:8e:38:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51335d8fba2bc73398395fbdd3e0d6f3ff3d1b64
        Validity
            Not Before: Apr 17 08:00:33 2025 GMT
            Not After : Apr 18 08:00:33 2025 GMT
        Subject: CN=b298a67757f882c431911fb8bc8cfb7982d9619a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:aa:b1:8a:be:92:00:03:b0:a7:d7:01:df:7b:
                    1a:6a:7c:e9:45:6b:75:69:29:41:11:91:d9:3b:ad:
                    80:04:31:83:a7:6d:65:db:88:3a:4e:38:98:c5:f6:
                    aa:53:40:6f:ec:20:a1:e1:cc:00:4a:72:74:fc:7d:
                    ff:5e:46:76:be:ba:fc:f3:a2:ec:77:58:77:1d:d4:
                    6d:d4:9e:39:76:7b:b2:97:ff:1b:c3:8a:e8:a9:7a:
                    16:d9:c3:7e:6e:d9:90:37:19:76:84:ba:64:be:25:
                    af:ec:6f:93:3e:bb:f7:59:17:73:3a:c0:dd:25:d6:
                    83:21:a6:fc:e8:0d:13:de:23:40:9d:94:aa:c7:b6:
                    aa:51:3e:54:14:d8:db:62:57:76:6c:9a:f3:b9:05:
                    b2:d9:bd:d1:d3:02:88:34:74:d8:58:cc:94:f7:03:
                    09:02:36:bb:01:77:ed:7a:28:0d:f3:29:97:f5:d0:
                    e5:b8:65:62:a6:ab:c4:98:97:1a:91:ef:a0:b0:da:
                    71:f1:a6:bc:04:cd:1b:8f:26:89:fd:bc:cf:a2:2e:
                    6b:03:96:29:60:0d:25:00:9d:d6:56:be:97:42:09:
                    b1:69:5c:79:5d:5e:2f:cf:20:4a:b9:4e:69:76:1b:
                    b4:e0:9f:ca:d2:58:05:9f:9e:58:f3:ce:d6:2a:6d:
                    f7:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:98:A6:77:57:F8:82:C4:31:91:1F:B8:BC:8C:FB:79:82:D9:61:9A
            X509v3 Authority Key Identifier:
                keyid:51:33:5D:8F:BA:2B:C7:33:98:39:5F:BD:D3:E0:D6:F3:FF:3D:1B:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:48:f1:d9:19:2d:ed:a1:1b:a7:43:56:c4:17:d9:8c:18:09:
         d6:4e:a5:57:54:c3:e1:48:90:c7:0b:9b:bc:32:a2:d6:ca:71:
         bb:15:07:b1:d1:8c:72:90:87:d7:b3:8d:c7:c6:5d:e9:f3:f5:
         39:18:98:57:b0:62:91:54:c6:4e:54:32:67:0a:b6:96:a8:cf:
         ac:ca:7e:b7:a8:a5:29:6a:1f:c1:e9:77:e8:9d:fc:0d:88:c4:
         8e:9f:72:f3:ca:a7:79:cf:78:ca:d7:0a:bd:33:03:8f:12:2b:
         22:3b:57:73:41:37:40:4d:9a:08:53:2d:3d:66:01:d6:a2:17:
         35:73:1a:62:8b:7a:8c:c8:ea:34:f5:57:06:7d:d3:6f:6a:e8:
         7b:fc:ca:f0:2c:1f:84:ee:6a:e9:54:22:6e:19:52:70:38:26:
         b7:41:23:d8:54:ef:8c:5e:8a:c6:04:8d:36:06:5d:70:26:1f:
         3a:43:8f:04:eb:f5:50:b4:a4:ae:f3:82:70:83:a5:1d:92:d0:
         13:4d:8a:04:e8:c7:3b:dc:11:3b:95:da:88:3f:cd:bc:79:c6:
         73:24:04:40:db:b2:f1:be:7a:c7:2a:ea:4e:f9:fc:8c:9d:03:
         ec:c7:82:a0:d3:16:2b:50:40:74:e5:5e:d2:7c:d2:8d:4e:48:
         f4:22:7b:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZCw4ymUAIdN8sWAl/3jjhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMzM1ZDhmYmEyYmM3MzM5ODM5NWZiZGQzZTBkNmYzZmYz
ZDFiNjQwHhcNMjUwNDE3MDgwMDMzWhcNMjUwNDE4MDgwMDMzWjAzMTEwLwYDVQQD
EyhiMjk4YTY3NzU3Zjg4MmM0MzE5MTFmYjhiYzhjZmI3OTgyZDk2MTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6qxir6SAAOwp9cB33saanzpRWt1
aSlBEZHZO62ABDGDp21l24g6TjiYxfaqU0Bv7CCh4cwASnJ0/H3/XkZ2vrr886Ls
d1h3HdRt1J45dnuyl/8bw4roqXoW2cN+btmQNxl2hLpkviWv7G+TPrv3WRdzOsDd
JdaDIab86A0T3iNAnZSqx7aqUT5UFNjbYld2bJrzuQWy2b3R0wKINHTYWMyU9wMJ
Aja7AXfteigN8ymX9dDluGVipqvEmJcake+gsNpx8aa8BM0bjyaJ/bzPoi5rA5Yp
YA0lAJ3WVr6XQgmxaVx5XV4vzyBKuU5pdhu04J/K0lgFn55Y887WKm33SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKYpndX+ILEMZEfuLyM+3mC2WGaMB8GA1UdIwQY
MBaAFFEzXY+6K8czmDlfvdPg1vP/PRtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80MmIzMTctMTJjOC00ZGQxLTljNTUt
YmZhOTY5ZTU2N2IxLzEvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80MmIzMTctMTJjOC00ZGQxLTljNTUtYmZhOTY5ZTU2N2Ix
LzEvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQEjx2Rkt
7aEbp0NWxBfZjBgJ1k6lV1TD4UiQxwubvDKi1spxuxUHsdGMcpCH17ONx8Zd6fP1
ORiYV7BikVTGTlQyZwq2lqjPrMp+t6ilKWofwel36J38DYjEjp9y88qnec94ytcK
vTMDjxIrIjtXc0E3QE2aCFMtPWYB1qIXNXMaYot6jMjqNPVXBn3Tb2roe/zK8Cwf
hO5q6VQibhlScDgmt0Ej2FTvjF6KxgSNNgZdcCYfOkOPBOv1ULSkrvOCcIOlHZLQ
E02KBOjHO9wRO5XaiD/NvHnGcyQEQNuy8b56xyrqTvn8jJ0D7MeCoNMWK1BAdOVe
0nzSjU5I9CJ7zw==
-----END CERTIFICATE-----