Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
File:                     uU8woHaUohE5ZIclom6zTOSha6s.mft (raw, json)
Hash identifier:          XsahfSaO/L99na6ptgzxgNM1Ic1Yvj62vpwdptxOUXw=
Subject key identifier:   3E:97:D9:CF:25:AB:D5:9E:C8:60:D6:C0:6E:D7:9D:90:6D:BE:76:76
Authority key identifier: B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB
Certificate issuer:       /CN=b94f30a07694a21139648725a26eb34ce4a16bab
Certificate serial:       0196C427CF0E6A088EF8ECDC6E376A45EFBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
Manifest number:          01CB
Signing time:             Mon 12 May 2025 11:01:05 +0000
Manifest this update:     Mon 12 May 2025 11:01:05 +0000
Manifest next update:     Tue 13 May 2025 11:01:05 +0000
Files and hashes:         1: uU8woHaUohE5ZIclom6zTOSha6s.crl (hash: 0rmX2Us3o02Ln3XsLO0z3pufoEr6YjHX6ffIViKLBEM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 11:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c4:27:cf:0e:6a:08:8e:f8:ec:dc:6e:37:6a:45:ef:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b94f30a07694a21139648725a26eb34ce4a16bab
        Validity
            Not Before: May 12 11:01:05 2025 GMT
            Not After : May 13 11:01:05 2025 GMT
        Subject: CN=3e97d9cf25abd59ec860d6c06ed79d906dbe7676
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:63:27:bd:0d:e8:eb:a8:bb:70:29:85:6c:1d:
                    10:3c:60:a2:18:6c:ca:35:03:28:e2:82:95:29:c8:
                    6b:c1:8c:ca:49:7a:fa:2d:79:0a:91:1e:5d:ef:24:
                    fb:a5:ad:a4:4b:64:b8:18:24:bd:eb:33:81:7d:20:
                    c2:39:17:f3:ee:fe:70:e5:34:ed:f3:c5:a5:2c:15:
                    4f:d6:a4:ee:df:91:38:b7:42:2d:16:eb:89:36:23:
                    3a:0d:95:07:4c:d3:22:42:d4:f9:e2:f5:33:dd:22:
                    4c:1d:22:09:96:9a:f6:e9:e7:de:87:f5:0a:8e:4b:
                    08:9d:a7:b0:ad:f6:c2:ec:5f:7b:8b:41:a3:99:0c:
                    42:cf:d7:87:d2:7d:05:9f:5e:bd:4b:c7:c9:3f:73:
                    d1:f3:a1:49:a5:70:19:31:e0:01:e8:99:dd:88:54:
                    0d:89:ee:68:84:17:c0:da:81:1d:f6:ab:9c:2e:28:
                    9c:6c:19:1c:6c:f2:6d:e8:f5:0b:f6:68:ef:2f:25:
                    27:c2:48:4a:73:21:1f:c7:aa:dd:cf:26:a7:1a:ac:
                    1f:49:ef:fb:13:be:6b:bb:af:2a:3c:c5:ff:2c:93:
                    1e:13:a0:44:3b:4c:4e:06:94:10:7f:79:dc:f4:58:
                    c3:0c:d3:24:82:4d:b7:83:62:e9:49:ad:a8:40:2a:
                    5e:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:97:D9:CF:25:AB:D5:9E:C8:60:D6:C0:6E:D7:9D:90:6D:BE:76:76
            X509v3 Authority Key Identifier:
                keyid:B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:f7:45:1a:39:8f:f8:a4:72:1e:fc:93:ed:ab:81:9e:7b:09:
         ca:9e:6e:7f:e1:3e:bc:cb:6c:2e:24:d1:44:07:54:c8:50:0d:
         30:2f:75:45:48:9e:52:a7:4f:fb:47:52:76:17:ad:e3:29:b5:
         a9:28:39:23:7d:7a:2b:51:b1:88:18:f7:18:5f:86:b7:79:64:
         08:4d:92:ea:19:e8:65:e7:50:8a:61:59:c5:d9:33:04:ab:f4:
         92:b7:54:68:19:f0:80:ce:71:3a:03:bd:f8:20:dc:4f:15:bc:
         e6:d1:da:ac:1e:b0:ef:8d:7d:10:a1:cb:1b:73:a5:42:43:ab:
         0a:ea:35:4b:5a:41:43:de:06:d7:c6:a4:20:b7:b1:94:39:d7:
         44:a8:4a:5f:7a:ec:c1:f6:65:d6:60:4e:18:a3:66:13:64:d7:
         57:b7:8c:5b:57:64:75:ac:0b:f2:18:36:8e:37:4f:e6:6c:4f:
         e1:c5:0f:37:47:79:23:ff:52:61:b5:b5:62:f2:fc:8c:36:e7:
         8c:ce:a6:ee:3c:17:b0:d4:21:20:5a:43:b0:8f:ea:d1:07:d2:
         16:5a:83:df:b4:f5:3b:cf:1b:17:0d:72:4b:cf:4d:84:23:4d:
         f6:fd:0d:16:ec:ce:ea:0c:63:e0:b2:c4:f7:72:01:94:4a:d9:
         4d:c0:9a:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbEJ88OagiO+OzcbjdqRe++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NGYzMGEwNzY5NGEyMTEzOTY0ODcyNWEyNmViMzRjZTRh
MTZiYWIwHhcNMjUwNTEyMTEwMTA1WhcNMjUwNTEzMTEwMTA1WjAzMTEwLwYDVQQD
EygzZTk3ZDljZjI1YWJkNTllYzg2MGQ2YzA2ZWQ3OWQ5MDZkYmU3Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WMnvQ3o66i7cCmFbB0QPGCiGGzK
NQMo4oKVKchrwYzKSXr6LXkKkR5d7yT7pa2kS2S4GCS96zOBfSDCORfz7v5w5TTt
88WlLBVP1qTu35E4t0ItFuuJNiM6DZUHTNMiQtT54vUz3SJMHSIJlpr26efeh/UK
jksInaewrfbC7F97i0GjmQxCz9eH0n0Fn169S8fJP3PR86FJpXAZMeAB6JndiFQN
ie5ohBfA2oEd9qucLiicbBkcbPJt6PUL9mjvLyUnwkhKcyEfx6rdzyanGqwfSe/7
E75ru68qPMX/LJMeE6BEO0xOBpQQf3nc9FjDDNMkgk23g2LpSa2oQCpeGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6X2c8lq9WeyGDWwG7XnZBtvnZ2MB8GA1UdIwQY
MBaAFLlPMKB2lKIROWSHJaJus0zkoWurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDIt
NzdhMzgzNWQ0ZmJiLzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDItNzdhMzgzNWQ0ZmJi
LzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH/dFGjmP
+KRyHvyT7auBnnsJyp5uf+E+vMtsLiTRRAdUyFANMC91RUieUqdP+0dSdhet4ym1
qSg5I316K1GxiBj3GF+Gt3lkCE2S6hnoZedQimFZxdkzBKv0krdUaBnwgM5xOgO9
+CDcTxW85tHarB6w7419EKHLG3OlQkOrCuo1S1pBQ94G18akILexlDnXRKhKX3rs
wfZl1mBOGKNmE2TXV7eMW1dkdawL8hg2jjdP5mxP4cUPN0d5I/9SYbW1YvL8jDbn
jM6m7jwXsNQhIFpDsI/q0QfSFlqD37T1O88bFw1yS89NhCNN9v0NFuzO6gxj4LLE
93IBlErZTcCaUw==
-----END CERTIFICATE-----