Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8a6744-39a2-4457-b845-d02eb27373e6/1/0Ul7Mkd2fTSZkemWyrivfUmUKvQ.mft
File:                     0Ul7Mkd2fTSZkemWyrivfUmUKvQ.mft (raw, json)
Hash identifier:          VbDnGq3XnPpzJcXb4GTyvCF7qMrnnq6CxuA7wF2hDeY=
Subject key identifier:   40:C3:1B:C8:00:7E:B0:27:54:7A:C1:E8:BA:FE:96:7A:7A:D6:79:27
Authority key identifier: D1:49:7B:32:47:76:7D:34:99:91:E9:96:CA:B8:AF:7D:49:94:2A:F4
Certificate issuer:       /CN=d1497b3247767d349991e996cab8af7d49942af4
Certificate serial:       0196C2A70610872DEA788116A7B8DF0E8C43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Ul7Mkd2fTSZkemWyrivfUmUKvQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/8a6744-39a2-4457-b845-d02eb27373e6/1/0Ul7Mkd2fTSZkemWyrivfUmUKvQ.mft
Manifest number:          14C7
Signing time:             Mon 12 May 2025 04:00:47 +0000
Manifest this update:     Mon 12 May 2025 04:00:47 +0000
Manifest next update:     Tue 13 May 2025 04:00:47 +0000
Files and hashes:         1: 0Ul7Mkd2fTSZkemWyrivfUmUKvQ.crl (hash: AB2/J0m7R+f9jFwLP0yC3TCcom4dWHFh/7FxOeoy1Rg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/8a6744-39a2-4457-b845-d02eb27373e6/1/0Ul7Mkd2fTSZkemWyrivfUmUKvQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/8a6744-39a2-4457-b845-d02eb27373e6/1/0Ul7Mkd2fTSZkemWyrivfUmUKvQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Ul7Mkd2fTSZkemWyrivfUmUKvQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:a7:06:10:87:2d:ea:78:81:16:a7:b8:df:0e:8c:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1497b3247767d349991e996cab8af7d49942af4
        Validity
            Not Before: May 12 04:00:47 2025 GMT
            Not After : May 13 04:00:47 2025 GMT
        Subject: CN=40c31bc8007eb027547ac1e8bafe967a7ad67927
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:68:55:eb:af:20:7e:f4:06:ce:b5:b2:ab:1c:
                    8d:da:5b:f3:43:1b:42:c2:b6:3c:b4:2a:80:a9:fc:
                    05:ed:32:db:53:f2:bc:5b:dd:3c:2d:6f:b7:98:69:
                    e8:d7:5a:b8:cb:01:9c:c1:36:40:16:5c:a9:41:ea:
                    d5:68:2c:41:59:35:ad:d9:b6:02:d6:0b:54:4f:95:
                    6f:a3:32:e7:08:55:fb:cb:4f:bb:5e:c8:a2:46:77:
                    7f:72:e3:92:ab:ab:8f:29:a2:71:dd:1c:c2:c2:95:
                    52:2b:bd:59:48:4b:cb:87:88:1a:4f:fa:df:d1:4f:
                    fd:8f:05:52:87:78:bf:2d:6f:9d:b0:c5:13:d1:32:
                    ed:9d:04:1d:eb:02:46:79:eb:4d:b0:da:1d:60:93:
                    3e:49:58:9c:1c:3b:62:69:98:e9:44:c1:1c:dc:f0:
                    a1:4c:dd:ab:d5:93:9c:48:79:d9:88:14:7b:d1:5b:
                    f6:f7:c3:8c:4a:94:a3:46:d0:43:ac:a8:f0:4c:8e:
                    19:ae:a2:25:bb:22:a6:91:c2:b8:94:e2:48:d1:8b:
                    3c:d4:96:38:42:a4:82:22:15:80:03:4d:a4:e7:48:
                    cf:ad:ca:52:fd:52:4d:60:de:d7:6c:ff:01:99:f4:
                    0f:75:11:3c:48:d8:15:31:35:06:0c:4b:59:bf:17:
                    f2:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:C3:1B:C8:00:7E:B0:27:54:7A:C1:E8:BA:FE:96:7A:7A:D6:79:27
            X509v3 Authority Key Identifier:
                keyid:D1:49:7B:32:47:76:7D:34:99:91:E9:96:CA:B8:AF:7D:49:94:2A:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Ul7Mkd2fTSZkemWyrivfUmUKvQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8a6744-39a2-4457-b845-d02eb27373e6/1/0Ul7Mkd2fTSZkemWyrivfUmUKvQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8a6744-39a2-4457-b845-d02eb27373e6/1/0Ul7Mkd2fTSZkemWyrivfUmUKvQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:76:1b:bd:e7:73:08:49:e2:bf:42:65:a2:27:53:3c:c7:db:
         6d:a8:e4:bc:6d:2b:40:0d:91:38:0f:07:8c:15:49:3c:4c:7d:
         4b:5b:fa:c1:14:78:a7:10:bc:49:87:c5:4b:0f:4b:a4:69:33:
         38:c6:e0:6a:de:3b:69:ec:1f:bc:d8:17:c7:4b:23:db:91:9d:
         9c:ba:49:21:24:13:3a:9d:d1:a0:d7:96:88:4e:eb:36:cb:16:
         ab:00:bc:9a:f8:2b:05:d0:23:5b:15:11:09:bb:9f:1c:6a:5d:
         28:74:03:ba:27:11:71:e6:8c:16:ef:dd:19:72:cd:76:49:93:
         f9:bb:a5:bc:b6:27:01:a3:55:76:4f:ca:7a:bc:02:38:7b:1d:
         f8:88:24:bd:0a:45:73:1d:f8:d5:5b:20:61:b8:f5:33:fc:d6:
         53:39:16:8f:6c:34:ae:37:5c:e0:f1:5e:da:39:51:66:8f:eb:
         c4:b2:7d:93:29:ef:cd:a0:66:f3:36:ca:c6:7b:9d:d2:97:a2:
         29:1a:2b:71:be:63:f6:4e:35:e2:fe:fd:11:43:b5:5a:f4:0d:
         1b:cd:7e:b9:66:ce:f4:69:fc:5c:2d:ba:d7:68:fd:26:b8:dd:
         8b:78:6d:f5:99:8b:f8:17:8b:07:39:2c:67:10:7b:f5:3b:17:
         ba:8e:bf:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCpwYQhy3qeIEWp7jfDoxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNDk3YjMyNDc3NjdkMzQ5OTkxZTk5NmNhYjhhZjdkNDk5
NDJhZjQwHhcNMjUwNTEyMDQwMDQ3WhcNMjUwNTEzMDQwMDQ3WjAzMTEwLwYDVQQD
Eyg0MGMzMWJjODAwN2ViMDI3NTQ3YWMxZThiYWZlOTY3YTdhZDY3OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGhV668gfvQGzrWyqxyN2lvzQxtC
wrY8tCqAqfwF7TLbU/K8W908LW+3mGno11q4ywGcwTZAFlypQerVaCxBWTWt2bYC
1gtUT5VvozLnCFX7y0+7XsiiRnd/cuOSq6uPKaJx3RzCwpVSK71ZSEvLh4gaT/rf
0U/9jwVSh3i/LW+dsMUT0TLtnQQd6wJGeetNsNodYJM+SVicHDtiaZjpRMEc3PCh
TN2r1ZOcSHnZiBR70Vv298OMSpSjRtBDrKjwTI4ZrqIluyKmkcK4lOJI0Ys81JY4
QqSCIhWAA02k50jPrcpS/VJNYN7XbP8BmfQPdRE8SNgVMTUGDEtZvxfyowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDDG8gAfrAnVHrB6Lr+lnp61nknMB8GA1UdIwQY
MBaAFNFJezJHdn00mZHplsq4r31JlCr0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFVsN01rZDJmVFNaa2VtV3lyaXZmVW1VS3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84YTY3NDQtMzlhMi00NDU3LWI4NDUt
ZDAyZWIyNzM3M2U2LzEvMFVsN01rZDJmVFNaa2VtV3lyaXZmVW1VS3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi84YTY3NDQtMzlhMi00NDU3LWI4NDUtZDAyZWIyNzM3M2U2
LzEvMFVsN01rZDJmVFNaa2VtV3lyaXZmVW1VS3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWnYbvedz
CEniv0JloidTPMfbbajkvG0rQA2ROA8HjBVJPEx9S1v6wRR4pxC8SYfFSw9LpGkz
OMbgat47aewfvNgXx0sj25GdnLpJISQTOp3RoNeWiE7rNssWqwC8mvgrBdAjWxUR
CbufHGpdKHQDuicRceaMFu/dGXLNdkmT+bulvLYnAaNVdk/KerwCOHsd+IgkvQpF
cx341VsgYbj1M/zWUzkWj2w0rjdc4PFe2jlRZo/rxLJ9kynvzaBm8zbKxnud0pei
KRorcb5j9k414v79EUO1WvQNG81+uWbO9Gn8XC2612j9Jrjdi3ht9ZmL+BeLBzks
ZxB79TsXuo6/9Q==
-----END CERTIFICATE-----