Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
File:                     uU8woHaUohE5ZIclom6zTOSha6s.mft (raw, json)
Hash identifier:          gg2Yjd1etrP0Cw9vXpqclWIu8XX/vnmEbELYuYAERmI=
Subject key identifier:   A6:0E:03:19:58:C2:4F:FB:7B:B8:1C:9A:35:D6:98:EB:85:1B:9A:4B
Authority key identifier: B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB
Certificate issuer:       /CN=b94f30a07694a21139648725a26eb34ce4a16bab
Certificate serial:       0197B96A933BBA828CF61771510C37264167
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
Manifest number:          024A
Signing time:             Sun 29 Jun 2025 02:00:58 +0000
Manifest this update:     Sun 29 Jun 2025 02:00:58 +0000
Manifest next update:     Mon 30 Jun 2025 02:00:58 +0000
Files and hashes:         1: uU8woHaUohE5ZIclom6zTOSha6s.crl (hash: hQBWljuqrwAGELhcCwzj1bMRZ4TIe9sPLYAqj3SJ/eE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:6a:93:3b:ba:82:8c:f6:17:71:51:0c:37:26:41:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b94f30a07694a21139648725a26eb34ce4a16bab
        Validity
            Not Before: Jun 29 02:00:58 2025 GMT
            Not After : Jun 30 02:00:58 2025 GMT
        Subject: CN=a60e031958c24ffb7bb81c9a35d698eb851b9a4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:15:63:5b:97:6c:65:ff:43:34:0e:80:f6:42:
                    cd:1e:06:40:b1:0a:89:61:f2:69:47:2e:86:c4:14:
                    6a:d7:ad:ef:37:6c:35:13:06:19:3a:74:61:3c:ba:
                    34:fd:90:19:b7:2d:60:08:88:92:a7:75:65:b2:b8:
                    04:c5:31:72:cf:a5:62:85:8a:e2:63:87:55:08:06:
                    5c:00:7b:3c:c5:fd:88:b4:7d:db:be:6d:fd:82:9a:
                    6a:27:a2:de:41:80:11:e6:a0:28:87:b1:cc:f9:05:
                    ad:e3:3e:e9:b0:1a:34:6f:eb:17:01:a9:72:91:46:
                    ee:f7:cc:2a:f3:53:20:b5:e6:0c:f8:dc:b6:b1:cc:
                    fd:13:57:c1:66:7f:02:21:3b:b7:8b:b6:9b:10:ae:
                    1c:df:b4:4e:3e:d1:d4:81:24:2d:17:65:bc:62:df:
                    51:8f:a2:05:1c:b3:52:b9:25:75:ef:1c:f6:1c:17:
                    0d:1a:04:2b:f8:e7:cd:a0:f9:b8:76:f1:ca:14:88:
                    e2:df:20:e5:89:f9:30:8b:64:a6:0a:51:91:f7:c0:
                    26:59:2d:45:57:b0:79:75:9f:3c:4d:03:e4:9e:56:
                    45:4c:eb:50:d7:b3:09:58:49:2d:d9:93:1a:82:ec:
                    07:3a:d4:cf:93:82:d8:d1:2d:c5:7c:48:45:e7:87:
                    a0:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:0E:03:19:58:C2:4F:FB:7B:B8:1C:9A:35:D6:98:EB:85:1B:9A:4B
            X509v3 Authority Key Identifier:
                keyid:B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:a1:49:d8:16:ab:9d:f3:e1:87:9d:af:22:11:b0:a7:e3:36:
         a2:76:d0:6e:05:0d:24:72:4e:07:a4:90:05:ac:e8:44:5a:f6:
         61:3e:c5:a0:f5:18:9b:f3:01:54:db:03:45:b5:e8:e3:7b:a5:
         8e:31:d3:f5:62:64:35:12:a3:74:a9:c6:28:0d:e8:ef:4f:12:
         9e:83:87:5f:f7:a6:1c:87:ac:30:69:66:e0:96:2e:06:2d:3d:
         e6:78:d7:1c:b5:3f:f9:9e:42:b0:90:a4:32:87:33:13:e4:fe:
         8a:bf:15:d1:34:7b:16:c7:00:d4:5f:06:87:69:c5:9f:69:4b:
         25:7f:71:25:25:e7:ce:3f:fb:6b:29:8b:24:b3:2f:af:f3:de:
         1f:47:e2:f6:06:e3:80:46:3b:c6:7a:bc:02:77:81:5a:da:26:
         23:83:6b:31:9b:5c:7b:ea:d7:56:7c:51:23:76:72:6e:89:78:
         a4:ef:ab:f4:5f:56:2a:e7:d3:a8:53:71:4d:e5:ad:f1:6b:71:
         49:42:88:ee:24:9d:95:ec:67:aa:71:37:ba:ed:55:d0:61:3f:
         f7:92:ac:e9:fa:7b:94:98:e5:04:9f:ce:81:bd:88:73:39:e3:
         95:65:e3:88:aa:ef:08:6a:22:f0:d9:9c:f1:60:d7:f7:8b:9f:
         94:50:27:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5apM7uoKM9hdxUQw3JkFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NGYzMGEwNzY5NGEyMTEzOTY0ODcyNWEyNmViMzRjZTRh
MTZiYWIwHhcNMjUwNjI5MDIwMDU4WhcNMjUwNjMwMDIwMDU4WjAzMTEwLwYDVQQD
EyhhNjBlMDMxOTU4YzI0ZmZiN2JiODFjOWEzNWQ2OThlYjg1MWI5YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhVjW5dsZf9DNA6A9kLNHgZAsQqJ
YfJpRy6GxBRq163vN2w1EwYZOnRhPLo0/ZAZty1gCIiSp3VlsrgExTFyz6VihYri
Y4dVCAZcAHs8xf2ItH3bvm39gppqJ6LeQYAR5qAoh7HM+QWt4z7psBo0b+sXAaly
kUbu98wq81MgteYM+Ny2scz9E1fBZn8CITu3i7abEK4c37ROPtHUgSQtF2W8Yt9R
j6IFHLNSuSV17xz2HBcNGgQr+OfNoPm4dvHKFIji3yDlifkwi2SmClGR98AmWS1F
V7B5dZ88TQPknlZFTOtQ17MJWEkt2ZMaguwHOtTPk4LY0S3FfEhF54egaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYOAxlYwk/7e7gcmjXWmOuFG5pLMB8GA1UdIwQY
MBaAFLlPMKB2lKIROWSHJaJus0zkoWurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDIt
NzdhMzgzNWQ0ZmJiLzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDItNzdhMzgzNWQ0ZmJi
LzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACaFJ2Bar
nfPhh52vIhGwp+M2onbQbgUNJHJOB6SQBazoRFr2YT7FoPUYm/MBVNsDRbXo43ul
jjHT9WJkNRKjdKnGKA3o708SnoOHX/emHIesMGlm4JYuBi095njXHLU/+Z5CsJCk
MoczE+T+ir8V0TR7FscA1F8Gh2nFn2lLJX9xJSXnzj/7aymLJLMvr/PeH0fi9gbj
gEY7xnq8AneBWtomI4NrMZtce+rXVnxRI3Zybol4pO+r9F9WKufTqFNxTeWt8Wtx
SUKI7iSdlexnqnE3uu1V0GE/95Ks6fp7lJjlBJ/Ogb2IcznjlWXjiKrvCGoi8Nmc
8WDX94uflFAn6g==
-----END CERTIFICATE-----