Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
File:                     UMrU5Xdbox7K4ibRBG89waEEgU0.mft (raw, json)
Hash identifier:          s9MDBZZojGB4Y1m493mCT3Lp1eyaU9lj9be5jDXXSUc=
Subject key identifier:   18:31:83:2C:56:9C:DC:05:90:27:E5:66:6F:E8:FA:2C:7D:59:48:44
Authority key identifier: 50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D
Certificate issuer:       /CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
Certificate serial:       0194C5082CD4566AB62B9529BAEB25B635F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
Manifest number:          03C4
Signing time:             Sun 02 Feb 2025 05:00:34 +0000
Manifest this update:     Sun 02 Feb 2025 05:00:34 +0000
Manifest next update:     Mon 03 Feb 2025 05:00:34 +0000
Files and hashes:         1: UMrU5Xdbox7K4ibRBG89waEEgU0.crl (hash: /1DjQjW7+zknaztuj5aOg1Hh70wgQ1nO0AF1GY7f7O8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c5:08:2c:d4:56:6a:b6:2b:95:29:ba:eb:25:b6:35:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
        Validity
            Not Before: Feb  2 05:00:34 2025 GMT
            Not After : Feb  3 05:00:34 2025 GMT
        Subject: CN=1831832c569cdc059027e5666fe8fa2c7d594844
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3f:83:b2:eb:d9:cf:29:21:23:9f:b8:8f:f1:
                    f6:85:b9:56:1d:79:e0:40:d8:ed:f3:1f:9b:a5:98:
                    a9:4b:71:22:a6:e1:e3:9a:70:c7:16:28:8c:9b:6b:
                    6d:aa:f3:8e:20:1f:01:4a:fa:ec:58:13:8f:1b:72:
                    bd:03:dd:61:7a:ed:b0:9f:ac:30:27:2c:4d:b5:8c:
                    92:1a:d5:49:34:ac:da:b8:95:37:2c:92:7a:a6:9d:
                    10:98:39:39:66:ae:4c:85:37:a8:a7:7f:0b:c0:02:
                    de:a1:1c:1e:55:70:25:b3:84:bd:0e:5d:9b:a1:62:
                    1e:73:b4:83:6a:fc:86:a9:00:5f:db:2b:55:f4:5d:
                    75:0d:e7:0f:70:f8:c0:96:c7:93:0c:d2:c8:71:be:
                    5b:5b:d1:06:dd:52:4d:99:c0:98:8a:bd:1a:5a:08:
                    12:0e:ae:30:87:a0:ea:41:59:e6:ea:e9:14:d7:5a:
                    52:24:09:93:05:ca:81:8e:a5:b3:40:5a:76:4f:32:
                    11:e5:4e:73:6a:6f:55:f1:ff:13:0b:e5:50:a0:25:
                    2e:52:00:0c:fe:05:09:e1:5b:b3:45:24:91:81:30:
                    cc:aa:40:0f:bc:2c:a1:b1:ac:c0:99:82:a7:bb:d1:
                    af:e9:82:e0:b7:ce:ef:f0:2d:33:e7:4f:54:5f:47:
                    99:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:31:83:2C:56:9C:DC:05:90:27:E5:66:6F:E8:FA:2C:7D:59:48:44
            X509v3 Authority Key Identifier:
                keyid:50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:75:80:3f:f2:4a:cf:93:0c:91:79:bb:0b:5b:ef:2e:33:6d:
         55:72:37:f0:1f:65:3e:f5:c6:56:6e:c1:3d:2e:50:c1:da:68:
         9f:35:fe:ac:87:3a:88:ff:45:00:fc:4b:c1:a4:1b:7a:52:a0:
         58:78:33:13:05:b8:99:37:00:e7:d8:38:2f:e8:47:ed:34:73:
         52:bb:18:77:1b:93:8d:92:61:7d:f9:cc:ca:50:be:5a:04:cf:
         cd:92:8e:5f:b2:ed:94:0b:9c:60:56:4f:be:df:d7:02:a5:72:
         76:08:61:7c:07:e0:c3:72:00:8e:ab:c8:ad:7b:6a:9d:8d:0f:
         26:a3:dd:16:6e:3b:9c:7c:7c:04:03:1f:a4:94:dc:50:b0:58:
         a6:2a:fd:ea:39:a6:5c:ca:73:3e:97:4d:30:e8:7f:56:e4:5b:
         8f:c0:61:ee:01:cc:00:e7:85:c6:ff:a2:63:65:90:98:cb:06:
         d3:47:2f:f1:e6:cc:3b:cb:b4:11:a3:77:c2:d2:5a:54:7c:ba:
         ee:98:83:ea:22:b0:01:64:84:13:db:21:59:f9:b5:82:ba:c6:
         76:ff:74:57:4e:31:4a:7e:f3:64:0f:ec:4d:b6:e4:d5:f6:09:
         c4:cf:4e:a6:ab:af:28:b9:4b:8a:2b:f2:7a:db:3c:d5:7c:c1:
         4f:ba:2c:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFCCzUVmq2K5UpuusltjX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwY2FkNGU1Nzc1YmEzMWVjYWUyMjZkMTA0NmYzZGMxYTEw
NDgxNGQwHhcNMjUwMjAyMDUwMDM0WhcNMjUwMjAzMDUwMDM0WjAzMTEwLwYDVQQD
EygxODMxODMyYzU2OWNkYzA1OTAyN2U1NjY2ZmU4ZmEyYzdkNTk0ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T+DsuvZzykhI5+4j/H2hblWHXng
QNjt8x+bpZipS3EipuHjmnDHFiiMm2ttqvOOIB8BSvrsWBOPG3K9A91heu2wn6ww
JyxNtYySGtVJNKzauJU3LJJ6pp0QmDk5Zq5MhTeop38LwALeoRweVXAls4S9Dl2b
oWIec7SDavyGqQBf2ytV9F11DecPcPjAlseTDNLIcb5bW9EG3VJNmcCYir0aWggS
Dq4wh6DqQVnm6ukU11pSJAmTBcqBjqWzQFp2TzIR5U5zam9V8f8TC+VQoCUuUgAM
/gUJ4VuzRSSRgTDMqkAPvCyhsazAmYKnu9Gv6YLgt87v8C0z509UX0eZjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBgxgyxWnNwFkCflZm/o+ix9WUhEMB8GA1UdIwQY
MBaAFFDK1OV3W6MeyuIm0QRvPcGhBIFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEt
NjYzOWJjYTdhMWIwLzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEtNjYzOWJjYTdhMWIw
LzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADXWAP/JK
z5MMkXm7C1vvLjNtVXI38B9lPvXGVm7BPS5QwdponzX+rIc6iP9FAPxLwaQbelKg
WHgzEwW4mTcA59g4L+hH7TRzUrsYdxuTjZJhffnMylC+WgTPzZKOX7LtlAucYFZP
vt/XAqVydghhfAfgw3IAjqvIrXtqnY0PJqPdFm47nHx8BAMfpJTcULBYpir96jmm
XMpzPpdNMOh/VuRbj8Bh7gHMAOeFxv+iY2WQmMsG00cv8ebMO8u0EaN3wtJaVHy6
7piD6iKwAWSEE9shWfm1grrGdv90V04xSn7zZA/sTbbk1fYJxM9OpquvKLlLiivy
ets81XzBT7osIw==
-----END CERTIFICATE-----