Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
File:                     uv5tfV8eRHjRoCUXHaawObJjAR8.mft (raw, json)
Hash identifier:          Hd/r9GnSOtKjHxfsL9oU3+tBAJ7UWD08mfI2ID4m9Lc=
Subject key identifier:   81:BF:D3:F0:67:E4:7C:F9:0C:0F:7B:44:D6:6A:B0:1E:C4:ED:13:1B
Authority key identifier: BA:FE:6D:7D:5F:1E:44:78:D1:A0:25:17:1D:A6:B0:39:B2:63:01:1F
Certificate issuer:       /CN=bafe6d7d5f1e4478d1a025171da6b039b263011f
Certificate serial:       0196ADD63A23004BE4CA602DD580A494C49E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uv5tfV8eRHjRoCUXHaawObJjAR8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
Manifest number:          08CF
Signing time:             Thu 08 May 2025 03:00:20 +0000
Manifest this update:     Thu 08 May 2025 03:00:20 +0000
Manifest next update:     Fri 09 May 2025 03:00:20 +0000
Files and hashes:         1: uv5tfV8eRHjRoCUXHaawObJjAR8.crl (hash: OrbkyRNEbuRvG2Cc9atqrDaGgyCOUbbH9BvECdLF5JM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uv5tfV8eRHjRoCUXHaawObJjAR8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 20:38:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ad:d6:3a:23:00:4b:e4:ca:60:2d:d5:80:a4:94:c4:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bafe6d7d5f1e4478d1a025171da6b039b263011f
        Validity
            Not Before: May  8 03:00:20 2025 GMT
            Not After : May  9 03:00:20 2025 GMT
        Subject: CN=81bfd3f067e47cf90c0f7b44d66ab01ec4ed131b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0e:e8:89:c8:ff:fc:9b:38:09:5e:e2:c6:17:
                    8b:41:01:b4:9b:56:63:90:d8:2c:8f:18:df:3f:17:
                    a7:79:93:e2:e3:14:cf:5b:34:e9:86:4d:f4:3c:80:
                    82:81:db:2c:21:52:5a:3a:c3:29:9e:56:73:16:f2:
                    4b:77:c7:12:d8:74:cd:26:fe:d8:cc:b2:65:0d:b5:
                    32:5a:7c:1b:b7:3b:1c:34:9a:63:71:95:d4:00:04:
                    9f:94:30:ad:61:46:1a:36:a9:7a:bb:bb:4a:ac:f2:
                    75:04:c0:23:68:a1:a3:d5:c2:9b:4f:22:08:fa:fc:
                    cb:36:1a:39:31:19:f8:f9:94:57:4d:b0:d9:8d:96:
                    2d:1a:2a:ac:fe:b0:71:f6:9a:34:4a:87:95:f6:2e:
                    76:a3:af:27:4d:f8:f8:bc:a0:78:d9:bf:02:08:c8:
                    a8:1c:45:9a:48:e8:3d:96:44:54:b0:93:84:59:ff:
                    45:7d:43:56:d0:02:11:76:0c:f2:bf:db:10:ef:23:
                    e7:f9:32:b0:21:69:3e:a1:4f:13:9b:b9:10:e6:01:
                    4b:7a:72:c1:4d:58:1d:62:11:75:cb:9b:97:e2:9d:
                    b9:85:4d:0e:dd:d7:9b:e1:1f:0c:14:ac:ed:d3:e3:
                    f8:c5:f0:43:db:a7:91:ef:d4:7d:48:62:56:09:03:
                    12:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:BF:D3:F0:67:E4:7C:F9:0C:0F:7B:44:D6:6A:B0:1E:C4:ED:13:1B
            X509v3 Authority Key Identifier:
                keyid:BA:FE:6D:7D:5F:1E:44:78:D1:A0:25:17:1D:A6:B0:39:B2:63:01:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uv5tfV8eRHjRoCUXHaawObJjAR8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:e3:2d:34:c2:a7:c4:5c:f9:eb:b0:4c:73:a8:54:a0:9b:15:
         7c:ee:bc:46:f1:67:6f:0b:6c:77:ae:84:86:ab:ac:61:3a:c9:
         f7:db:97:f9:5d:5b:37:c3:30:1b:4b:32:61:52:21:6d:9f:36:
         4a:62:4c:06:27:9b:c2:22:04:2a:2a:db:90:d0:ce:11:74:91:
         59:0f:4f:de:e0:75:1b:b7:a0:27:6d:55:cd:1c:c6:59:8f:55:
         e5:28:f7:8b:16:fc:06:35:fa:81:d5:b6:8d:6b:7e:5d:1b:db:
         8f:9b:d6:6d:59:ce:23:a3:13:78:d3:c9:80:07:20:da:ca:c5:
         5c:11:ba:78:90:6f:7b:09:2d:88:43:43:4f:65:3f:b8:8f:93:
         3a:01:f4:4d:6e:ed:bc:e4:88:28:96:64:d2:26:9e:9b:1d:c9:
         4a:de:33:4e:62:8c:fe:51:00:e7:dc:2c:30:d4:68:7b:a0:0f:
         a2:30:4c:6f:86:1c:29:cd:98:07:bf:02:b2:86:ba:d9:93:3a:
         69:53:75:df:b7:46:5d:78:c7:fe:c3:71:8e:e7:9d:8b:3d:9e:
         e4:dd:19:0b:af:20:26:2b:f3:e9:b9:c5:e7:8c:3c:18:7e:f6:
         d9:0d:f8:39:16:3b:3a:13:34:39:53:66:72:ec:9f:67:56:04:
         d9:b8:ef:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZat1jojAEvkymAt1YCklMSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhZmU2ZDdkNWYxZTQ0NzhkMWEwMjUxNzFkYTZiMDM5YjI2
MzAxMWYwHhcNMjUwNTA4MDMwMDIwWhcNMjUwNTA5MDMwMDIwWjAzMTEwLwYDVQQD
Eyg4MWJmZDNmMDY3ZTQ3Y2Y5MGMwZjdiNDRkNjZhYjAxZWM0ZWQxMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ7oicj//Js4CV7ixheLQQG0m1Zj
kNgsjxjfPxeneZPi4xTPWzTphk30PICCgdssIVJaOsMpnlZzFvJLd8cS2HTNJv7Y
zLJlDbUyWnwbtzscNJpjcZXUAASflDCtYUYaNql6u7tKrPJ1BMAjaKGj1cKbTyII
+vzLNho5MRn4+ZRXTbDZjZYtGiqs/rBx9po0SoeV9i52o68nTfj4vKB42b8CCMio
HEWaSOg9lkRUsJOEWf9FfUNW0AIRdgzyv9sQ7yPn+TKwIWk+oU8Tm7kQ5gFLenLB
TVgdYhF1y5uX4p25hU0O3deb4R8MFKzt0+P4xfBD26eR79R9SGJWCQMSqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIG/0/Bn5Hz5DA97RNZqsB7E7RMbMB8GA1UdIwQY
MBaAFLr+bX1fHkR40aAlFx2msDmyYwEfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXY1dGZWOGVSSGpSb0NVWEhhYXdPYkpqQVI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS85ZmY4NmMtMWY3Yi00YmM3LTk3NmEt
ZGZiNzliYmExYjY4LzEvdXY1dGZWOGVSSGpSb0NVWEhhYXdPYkpqQVI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS85ZmY4NmMtMWY3Yi00YmM3LTk3NmEtZGZiNzliYmExYjY4
LzEvdXY1dGZWOGVSSGpSb0NVWEhhYXdPYkpqQVI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs+MtNMKn
xFz567BMc6hUoJsVfO68RvFnbwtsd66EhqusYTrJ99uX+V1bN8MwG0syYVIhbZ82
SmJMBiebwiIEKirbkNDOEXSRWQ9P3uB1G7egJ21VzRzGWY9V5Sj3ixb8BjX6gdW2
jWt+XRvbj5vWbVnOI6MTeNPJgAcg2srFXBG6eJBvewktiENDT2U/uI+TOgH0TW7t
vOSIKJZk0iaemx3JSt4zTmKM/lEA59wsMNRoe6APojBMb4YcKc2YB78Csoa62ZM6
aVN137dGXXjH/sNxjuediz2e5N0ZC68gJivz6bnF54w8GH722Q34ORY7OhM0OVNm
cuyfZ1YE2bjvxA==
-----END CERTIFICATE-----