Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
File:                     UMrU5Xdbox7K4ibRBG89waEEgU0.mft (raw, json)
Hash identifier:          jBGwYSd8hUfUxfwNfWR1xQj1Q/kTcurrVQJZ/dYEm3s=
Subject key identifier:   34:5C:F6:7A:2D:D6:39:A1:73:C7:02:8C:34:0E:3F:00:82:70:BA:AD
Authority key identifier: 50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D
Certificate issuer:       /CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
Certificate serial:       0197481E3FC24FC4647F71C2DAD6466BF450
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
Manifest number:          0511
Signing time:             Sat 07 Jun 2025 02:00:31 +0000
Manifest this update:     Sat 07 Jun 2025 02:00:31 +0000
Manifest next update:     Sun 08 Jun 2025 02:00:31 +0000
Files and hashes:         1: UMrU5Xdbox7K4ibRBG89waEEgU0.crl (hash: omg7+3lhHqrOxexPRu8LlDcX38Dw68UWSFB9wsAsAM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:1e:3f:c2:4f:c4:64:7f:71:c2:da:d6:46:6b:f4:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
        Validity
            Not Before: Jun  7 02:00:31 2025 GMT
            Not After : Jun  8 02:00:31 2025 GMT
        Subject: CN=345cf67a2dd639a173c7028c340e3f008270baad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:80:44:08:38:1a:72:ab:16:f9:0d:1d:d5:a6:
                    36:b0:99:5f:14:8f:cb:e2:e7:6e:e4:36:7a:f0:96:
                    c6:11:bf:0c:21:65:43:9b:81:b0:88:91:f2:bc:d1:
                    25:d7:cc:a5:c3:cf:19:a0:9d:a8:d2:14:cb:dc:35:
                    a7:91:ae:67:67:a1:5b:ff:c8:ab:19:3b:8f:e4:ab:
                    d4:8e:6c:84:d2:9d:bb:ef:da:20:3b:50:d2:8f:16:
                    d7:8b:75:f4:5e:3b:40:82:b6:b8:0c:8a:8b:43:b6:
                    03:69:06:55:01:a7:e4:2f:15:58:05:7c:27:50:b7:
                    e3:5f:54:67:1d:31:93:e6:4c:a0:0a:c9:ad:1c:84:
                    70:80:fe:81:2a:d4:ac:82:59:0a:b8:96:24:b1:86:
                    ea:90:f0:91:9d:35:60:e3:ff:89:41:f5:60:43:40:
                    d4:a5:14:c9:31:17:62:c7:45:f8:28:d7:de:c6:d7:
                    d9:c4:2b:41:31:39:2b:e8:02:c1:a6:0c:5d:1f:af:
                    3f:1d:85:fe:ca:ac:a2:a7:c1:c0:21:c0:61:c9:17:
                    45:c8:68:6b:90:64:9c:0c:17:0b:57:64:38:86:96:
                    db:fa:18:86:be:c4:ec:a2:4b:8a:1e:b5:56:fd:47:
                    56:b8:63:dc:b1:d1:f7:6b:33:a9:60:97:45:a1:de:
                    70:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:5C:F6:7A:2D:D6:39:A1:73:C7:02:8C:34:0E:3F:00:82:70:BA:AD
            X509v3 Authority Key Identifier:
                keyid:50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:e6:33:8a:ea:a1:b5:8a:05:29:65:a4:3b:5c:72:f5:da:ec:
         83:04:28:69:22:6b:f0:9b:b3:aa:d3:b3:44:e1:03:06:ed:ee:
         6f:1d:e3:41:83:9a:91:83:05:dc:4c:1a:7a:f3:c1:d8:7f:d1:
         e5:18:71:64:57:49:0e:dd:d7:73:0d:9c:e0:bd:8b:14:d4:cd:
         89:4d:e9:08:17:cb:f4:3b:3a:e5:1c:bd:03:d3:ee:72:83:9c:
         e0:19:39:fe:b9:d1:0d:7a:36:22:14:1a:d9:a7:8e:0b:1d:6e:
         c2:dd:c6:76:2d:e0:32:be:e8:23:44:c6:19:f1:0c:ab:ba:68:
         a9:fb:c0:ac:f5:19:c1:bc:ec:4c:0b:46:5c:14:8e:4e:1e:65:
         86:99:45:4d:0e:bd:62:df:bf:30:ce:04:63:58:e2:15:1b:af:
         04:be:47:e0:56:3c:6a:b4:73:af:bb:42:75:91:ba:2d:eb:97:
         a2:08:3d:b5:8d:44:27:25:93:5a:44:05:c3:af:e4:9b:81:12:
         d5:82:e9:2c:51:2b:55:27:47:64:37:66:fb:05:2b:54:86:5b:
         8c:73:d4:1d:93:84:ed:b6:81:6d:a9:29:82:7d:99:0a:d0:67:
         e2:bf:cf:51:6a:a7:d3:f5:48:72:87:f8:e0:1e:0e:a4:93:e1:
         0a:95:41:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIHj/CT8Rkf3HC2tZGa/RQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwY2FkNGU1Nzc1YmEzMWVjYWUyMjZkMTA0NmYzZGMxYTEw
NDgxNGQwHhcNMjUwNjA3MDIwMDMxWhcNMjUwNjA4MDIwMDMxWjAzMTEwLwYDVQQD
EygzNDVjZjY3YTJkZDYzOWExNzNjNzAyOGMzNDBlM2YwMDgyNzBiYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoBECDgacqsW+Q0d1aY2sJlfFI/L
4udu5DZ68JbGEb8MIWVDm4GwiJHyvNEl18ylw88ZoJ2o0hTL3DWnka5nZ6Fb/8ir
GTuP5KvUjmyE0p2779ogO1DSjxbXi3X0XjtAgra4DIqLQ7YDaQZVAafkLxVYBXwn
ULfjX1RnHTGT5kygCsmtHIRwgP6BKtSsglkKuJYksYbqkPCRnTVg4/+JQfVgQ0DU
pRTJMRdix0X4KNfextfZxCtBMTkr6ALBpgxdH68/HYX+yqyip8HAIcBhyRdFyGhr
kGScDBcLV2Q4hpbb+hiGvsTsokuKHrVW/UdWuGPcsdH3azOpYJdFod5w6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRc9not1jmhc8cCjDQOPwCCcLqtMB8GA1UdIwQY
MBaAFFDK1OV3W6MeyuIm0QRvPcGhBIFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEt
NjYzOWJjYTdhMWIwLzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEtNjYzOWJjYTdhMWIw
LzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARuYziuqh
tYoFKWWkO1xy9drsgwQoaSJr8JuzqtOzROEDBu3ubx3jQYOakYMF3EwaevPB2H/R
5RhxZFdJDt3Xcw2c4L2LFNTNiU3pCBfL9Ds65Ry9A9PucoOc4Bk5/rnRDXo2IhQa
2aeOCx1uwt3Gdi3gMr7oI0TGGfEMq7poqfvArPUZwbzsTAtGXBSOTh5lhplFTQ69
Yt+/MM4EY1jiFRuvBL5H4FY8arRzr7tCdZG6LeuXogg9tY1EJyWTWkQFw6/km4ES
1YLpLFErVSdHZDdm+wUrVIZbjHPUHZOE7baBbakpgn2ZCtBn4r/PUWqn0/VIcof4
4B4OpJPhCpVB7Q==
-----END CERTIFICATE-----