Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
File:                     UMrU5Xdbox7K4ibRBG89waEEgU0.mft (raw, json)
Hash identifier:          XsPZvn5yRBmmu3vM45+rf3YqIyUN1MfyZa7UwywMiG4=
Subject key identifier:   2F:72:03:7F:81:44:A9:17:DB:05:00:3A:F0:69:08:F2:D2:57:24:E8
Authority key identifier: 50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D
Certificate issuer:       /CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
Certificate serial:       019643682F53BE65DF0C3AABE2BEBDA7E58F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
Manifest number:          048A
Signing time:             Thu 17 Apr 2025 11:00:23 +0000
Manifest this update:     Thu 17 Apr 2025 11:00:23 +0000
Manifest next update:     Fri 18 Apr 2025 11:00:23 +0000
Files and hashes:         1: UMrU5Xdbox7K4ibRBG89waEEgU0.crl (hash: RQXaWyZw8AckYe/oSu0pjq6qs/h4Y8ArtLSeH4sv11A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:68:2f:53:be:65:df:0c:3a:ab:e2:be:bd:a7:e5:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
        Validity
            Not Before: Apr 17 11:00:23 2025 GMT
            Not After : Apr 18 11:00:23 2025 GMT
        Subject: CN=2f72037f8144a917db05003af06908f2d25724e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:17:85:b0:bd:3a:3c:84:ce:27:ba:bb:37:ea:
                    2f:a1:ea:9b:d6:5c:69:e2:67:46:d4:28:13:27:1d:
                    40:fe:4b:bb:9b:e7:c6:fe:3e:c1:bc:ae:1c:60:e0:
                    1a:72:e6:d9:59:16:02:30:31:1f:60:f8:2b:d8:47:
                    d1:94:cf:d9:11:5c:33:31:11:cb:de:0e:11:0e:16:
                    c2:6d:93:cb:44:bf:d3:87:28:70:76:a9:c0:f6:f2:
                    10:c7:eb:08:bd:0c:0c:bb:94:ff:c2:0c:cc:83:a0:
                    2e:20:12:d7:90:e6:c7:fa:3d:b6:73:d2:ca:44:eb:
                    6b:1d:87:f8:0d:50:2f:a0:74:20:85:f6:e5:d1:74:
                    13:3d:5e:57:08:c2:10:bd:26:ae:13:e8:8a:c6:a9:
                    0d:a1:b1:bc:d7:c1:0f:af:81:30:e8:4a:0f:d1:1c:
                    b3:ce:03:1e:f7:4a:a3:b8:95:84:1b:63:52:3e:4a:
                    5c:1e:a4:6e:bd:0c:98:ff:f7:1f:ec:0c:b8:49:5f:
                    61:ac:1b:7f:7b:7d:5c:9d:4d:c7:6f:92:71:03:54:
                    a6:cb:ce:7d:d3:9c:40:86:c9:73:96:33:c7:77:1f:
                    80:20:27:ba:1d:a3:08:f9:cf:b5:e4:83:d1:0d:a6:
                    96:f9:a7:49:8d:d5:c5:7f:72:86:29:28:0a:3b:2a:
                    d7:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:72:03:7F:81:44:A9:17:DB:05:00:3A:F0:69:08:F2:D2:57:24:E8
            X509v3 Authority Key Identifier:
                keyid:50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:60:57:76:7c:59:36:8a:a8:c9:14:f3:af:65:8c:83:c3:e3:
         95:26:da:72:db:e9:82:af:9e:e7:fe:c3:01:e9:c1:64:d3:d5:
         3a:2b:3c:9e:ea:36:0c:0f:cc:44:f7:27:f4:ca:c9:d8:e8:2d:
         d6:b3:fe:3c:13:2f:d3:c8:d8:b3:df:e8:7f:f7:31:ea:80:33:
         fe:0d:f7:eb:43:2c:2c:d9:b2:a3:be:6c:63:c3:6a:84:4c:a1:
         6c:5b:bd:0c:38:77:18:fa:a6:b1:1d:31:e5:9c:31:1d:b3:92:
         51:0a:e1:36:59:10:d1:be:e5:6a:41:d7:00:f0:da:2a:0f:d6:
         1d:44:8f:54:2f:1a:a9:12:aa:75:56:af:d8:9d:7e:45:52:ad:
         63:c9:78:8a:48:71:18:cc:e9:63:33:b2:7e:57:11:51:84:46:
         95:1c:bf:67:eb:f6:c8:0d:e3:5b:d7:89:74:0b:3e:ae:b8:5c:
         cb:57:07:52:e1:94:c8:7d:c6:cf:b7:b1:f0:ae:18:97:34:63:
         46:a8:b1:c6:8d:a7:d6:0d:b0:05:a2:72:7b:3c:9f:68:6f:16:
         50:0b:bd:23:47:a6:c7:c9:25:66:c7:f0:3e:6c:14:b1:79:55:
         48:8c:59:c3:32:c1:92:c2:38:31:ed:7e:7f:76:79:fd:66:29:
         65:41:5f:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZDaC9TvmXfDDqr4r69p+WPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwY2FkNGU1Nzc1YmEzMWVjYWUyMjZkMTA0NmYzZGMxYTEw
NDgxNGQwHhcNMjUwNDE3MTEwMDIzWhcNMjUwNDE4MTEwMDIzWjAzMTEwLwYDVQQD
EygyZjcyMDM3ZjgxNDRhOTE3ZGIwNTAwM2FmMDY5MDhmMmQyNTcyNGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjheFsL06PITOJ7q7N+ovoeqb1lxp
4mdG1CgTJx1A/ku7m+fG/j7BvK4cYOAacubZWRYCMDEfYPgr2EfRlM/ZEVwzMRHL
3g4RDhbCbZPLRL/ThyhwdqnA9vIQx+sIvQwMu5T/wgzMg6AuIBLXkObH+j22c9LK
ROtrHYf4DVAvoHQghfbl0XQTPV5XCMIQvSauE+iKxqkNobG818EPr4Ew6EoP0Ryz
zgMe90qjuJWEG2NSPkpcHqRuvQyY//cf7Ay4SV9hrBt/e31cnU3Hb5JxA1Smy859
05xAhslzljPHdx+AICe6HaMI+c+15IPRDaaW+adJjdXFf3KGKSgKOyrXiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9yA3+BRKkX2wUAOvBpCPLSVyToMB8GA1UdIwQY
MBaAFFDK1OV3W6MeyuIm0QRvPcGhBIFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEt
NjYzOWJjYTdhMWIwLzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEtNjYzOWJjYTdhMWIw
LzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB2BXdnxZ
NoqoyRTzr2WMg8PjlSbactvpgq+e5/7DAenBZNPVOis8nuo2DA/MRPcn9MrJ2Ogt
1rP+PBMv08jYs9/of/cx6oAz/g3360MsLNmyo75sY8NqhEyhbFu9DDh3GPqmsR0x
5ZwxHbOSUQrhNlkQ0b7lakHXAPDaKg/WHUSPVC8aqRKqdVav2J1+RVKtY8l4ikhx
GMzpYzOyflcRUYRGlRy/Z+v2yA3jW9eJdAs+rrhcy1cHUuGUyH3Gz7ex8K4YlzRj
Rqixxo2n1g2wBaJyezyfaG8WUAu9I0emx8klZsfwPmwUsXlVSIxZwzLBksI4Me1+
f3Z5/WYpZUFf7g==
-----END CERTIFICATE-----