Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
File:                     UNorr8N6OYjdKUyROuUiDgONuWQ.mft (raw, json)
Hash identifier:          UdYXZSen968aVIa2ZtAiJKAWxNdFuD0wrrXg/344rWw=
Subject key identifier:   DC:8C:1E:53:71:DB:E6:A6:E3:E5:AF:7F:A7:26:33:90:B5:05:F0:D6
Authority key identifier: 50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64
Certificate issuer:       /CN=50da2bafc37a3988dd294c913ae5220e038db964
Certificate serial:       0197B7EA873880F0DE68C8719682CAD3D0A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
Manifest number:          1502
Signing time:             Sat 28 Jun 2025 19:01:29 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:29 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:29 +0000
Files and hashes:         1: UNorr8N6OYjdKUyROuUiDgONuWQ.crl (hash: kk3zrwuKBB3Re0mi4iPdWZ5pqbfxLmvE+9MhchYE11k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:87:38:80:f0:de:68:c8:71:96:82:ca:d3:d0:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50da2bafc37a3988dd294c913ae5220e038db964
        Validity
            Not Before: Jun 28 19:01:29 2025 GMT
            Not After : Jun 29 19:01:29 2025 GMT
        Subject: CN=dc8c1e5371dbe6a6e3e5af7fa7263390b505f0d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:ef:85:50:90:69:a3:e6:94:4a:9b:e1:35:8a:
                    49:09:69:86:95:a3:d6:4e:7e:31:a7:17:59:29:3c:
                    90:82:c3:ba:c7:78:e0:81:1c:28:1a:79:f8:35:21:
                    4b:01:ed:3d:31:d9:0b:51:a8:76:90:55:3c:05:e9:
                    ed:70:20:d7:c2:ac:be:40:e5:34:8b:fc:dc:e9:25:
                    7d:ad:ce:cc:79:3a:fa:dd:31:d4:ab:af:3e:d9:55:
                    82:cf:fc:b3:9a:15:95:92:46:b4:00:fd:b3:91:73:
                    2c:49:21:c3:78:cf:92:16:75:f0:2f:ee:c0:de:c6:
                    58:89:85:0d:9e:62:f1:0a:2a:4c:ef:c3:39:c4:b2:
                    9d:9e:26:c3:08:c6:36:40:aa:04:64:2d:77:d8:37:
                    a2:04:28:32:7b:34:d9:ae:88:91:9a:8d:2f:52:e4:
                    88:70:78:a8:fb:be:09:8c:2b:2c:6d:e7:2f:8d:49:
                    e7:f3:9c:30:46:56:b5:4c:fd:8e:9b:05:22:1b:39:
                    58:ce:ae:d1:f1:79:f5:b7:29:07:84:db:b2:39:15:
                    f3:18:d0:4c:7e:ec:c4:c4:09:bd:74:d8:91:0c:34:
                    0e:96:75:95:60:33:9c:25:59:9e:b6:d6:76:95:85:
                    64:6f:09:f5:2a:8d:20:99:08:5c:8f:14:d8:5d:aa:
                    5a:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:8C:1E:53:71:DB:E6:A6:E3:E5:AF:7F:A7:26:33:90:B5:05:F0:D6
            X509v3 Authority Key Identifier:
                keyid:50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:5b:ed:d9:97:e9:23:30:60:ca:4a:fc:84:d0:e5:32:df:7e:
         db:0c:ae:53:2f:66:ed:8d:e6:52:a9:dc:f5:b1:c2:86:16:5b:
         55:03:87:62:3c:db:71:4d:eb:40:fb:ba:45:80:74:a2:86:dd:
         c3:a7:c4:99:a8:f1:d1:17:2b:0a:92:c5:2c:61:e7:1f:36:16:
         dd:f0:99:a3:75:8e:d4:5b:a0:ca:46:1a:b9:59:30:b1:6c:a3:
         7b:dd:40:ba:84:41:13:52:92:dc:ed:be:1b:d4:47:37:d4:3a:
         11:39:00:46:88:d5:db:2a:fc:0e:49:a6:85:84:79:42:72:1b:
         41:a4:02:75:21:e4:e0:3d:56:3c:07:6b:ca:d2:37:37:4d:41:
         14:2f:d2:e1:c5:4c:bd:80:fe:95:77:f8:8b:27:d9:32:d9:c5:
         58:81:68:fc:4c:c6:0c:f2:67:6a:bd:84:f8:29:57:14:3a:b4:
         11:b6:fd:d0:a0:6d:40:b0:86:46:bf:d0:f7:28:b9:40:25:7f:
         01:91:99:49:b8:20:a1:9d:14:92:aa:c4:ea:2e:87:65:37:03:
         e1:fd:ee:6b:3c:f3:83:51:cc:8c:fd:77:20:af:d9:d6:5f:5c:
         13:bc:c9:35:e8:63:f5:89:7a:f9:44:f5:43:ef:01:b9:0a:fb:
         1c:c4:e1:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36oc4gPDeaMhxloLK09CoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZGEyYmFmYzM3YTM5ODhkZDI5NGM5MTNhZTUyMjBlMDM4
ZGI5NjQwHhcNMjUwNjI4MTkwMTI5WhcNMjUwNjI5MTkwMTI5WjAzMTEwLwYDVQQD
EyhkYzhjMWU1MzcxZGJlNmE2ZTNlNWFmN2ZhNzI2MzM5MGI1MDVmMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3O+FUJBpo+aUSpvhNYpJCWmGlaPW
Tn4xpxdZKTyQgsO6x3jggRwoGnn4NSFLAe09MdkLUah2kFU8BentcCDXwqy+QOU0
i/zc6SV9rc7MeTr63THUq68+2VWCz/yzmhWVkka0AP2zkXMsSSHDeM+SFnXwL+7A
3sZYiYUNnmLxCipM78M5xLKdnibDCMY2QKoEZC132DeiBCgyezTZroiRmo0vUuSI
cHio+74JjCssbecvjUnn85wwRla1TP2OmwUiGzlYzq7R8Xn1tykHhNuyORXzGNBM
fuzExAm9dNiRDDQOlnWVYDOcJVmettZ2lYVkbwn1Ko0gmQhcjxTYXaparQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyMHlNx2+am4+Wvf6cmM5C1BfDWMB8GA1UdIwQY
MBaAFFDaK6/DejmI3SlMkTrlIg4DjblkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1Nzct
YmRkNTc3NTFjNjczLzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1NzctYmRkNTc3NTFjNjcz
LzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiVvt2Zfp
IzBgykr8hNDlMt9+2wyuUy9m7Y3mUqnc9bHChhZbVQOHYjzbcU3rQPu6RYB0oobd
w6fEmajx0RcrCpLFLGHnHzYW3fCZo3WO1FugykYauVkwsWyje91AuoRBE1KS3O2+
G9RHN9Q6ETkARojV2yr8DkmmhYR5QnIbQaQCdSHk4D1WPAdrytI3N01BFC/S4cVM
vYD+lXf4iyfZMtnFWIFo/EzGDPJnar2E+ClXFDq0Ebb90KBtQLCGRr/Q9yi5QCV/
AZGZSbggoZ0UkqrE6i6HZTcD4f3uazzzg1HMjP13IK/Z1l9cE7zJNehj9Yl6+UT1
Q+8BuQr7HMThHg==
-----END CERTIFICATE-----