Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
File:                     uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft (raw, json)
Hash identifier:          s7D6FQ0ctNS5LypuJIsNGTMKtvpfkjrIEyD2sdek+SY=
Subject key identifier:   F6:50:50:17:3F:3F:8D:59:32:34:C4:B3:A7:20:2E:7F:71:E8:D3:9F
Authority key identifier: B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA
Certificate issuer:       /CN=b88177a9a3469db3acf10a98f6c03931e35515fa
Certificate serial:       0196B822D498B1C50B8F0A0318FEFD546A9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
Manifest number:          04CA
Signing time:             Sat 10 May 2025 03:00:12 +0000
Manifest this update:     Sat 10 May 2025 03:00:12 +0000
Manifest next update:     Sun 11 May 2025 03:00:12 +0000
Files and hashes:         1: uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl (hash: Ejoy6gauME9jSGc9FeUiJF40aXFQaQTLxMVnb3N9XK8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 03:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:22:d4:98:b1:c5:0b:8f:0a:03:18:fe:fd:54:6a:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88177a9a3469db3acf10a98f6c03931e35515fa
        Validity
            Not Before: May 10 03:00:12 2025 GMT
            Not After : May 11 03:00:12 2025 GMT
        Subject: CN=f65050173f3f8d593234c4b3a7202e7f71e8d39f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:0d:62:07:57:e2:76:01:6d:c7:3c:71:6d:2a:
                    a2:b3:7e:e4:8e:d9:b6:13:e5:c0:6b:18:e6:5d:f9:
                    09:71:c4:20:1d:7d:39:af:f4:75:63:cf:f8:74:7a:
                    2d:c4:4a:93:76:fa:6a:b7:e6:1a:79:5d:6a:23:53:
                    0a:3a:da:b7:72:85:4e:b6:9a:84:56:98:dd:a2:5f:
                    d6:f4:e1:90:8d:85:7f:d4:c8:04:2d:a9:f1:6d:bf:
                    5c:31:64:e2:dc:57:cf:b6:f1:bb:e4:45:f0:49:b7:
                    48:78:fd:da:27:3e:04:83:14:c0:7c:1d:a7:f5:cd:
                    3c:e5:b0:36:97:2b:79:e0:31:dc:52:7a:2f:56:ef:
                    a7:d6:34:3e:70:94:e3:7c:a0:51:59:45:82:97:e3:
                    b1:96:71:e1:ae:bb:5f:4a:17:14:4a:64:ed:b2:86:
                    f5:da:27:14:4e:dc:4f:d4:0d:55:07:73:7e:5a:51:
                    5a:98:2b:07:ce:be:c2:42:05:6b:76:08:48:d2:61:
                    3e:e4:46:84:b7:cb:62:63:2b:10:6e:ce:10:a6:45:
                    33:0d:35:c0:91:06:35:8c:9f:3e:14:6a:0d:9a:0e:
                    f1:ee:7c:52:56:e8:1e:1b:37:02:df:b9:d7:ef:94:
                    72:0a:b8:3a:b2:93:37:86:0b:8d:a6:16:b4:03:aa:
                    ae:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:50:50:17:3F:3F:8D:59:32:34:C4:B3:A7:20:2E:7F:71:E8:D3:9F
            X509v3 Authority Key Identifier:
                keyid:B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:42:4a:7f:c5:55:e8:dd:ec:73:77:74:d0:5a:f2:cd:e8:95:
         c7:d6:2a:8b:c2:69:b5:1f:56:e7:7d:6e:67:b0:30:99:65:80:
         f6:67:f9:e2:ce:e6:32:e8:3c:93:aa:7f:d7:2d:01:e8:be:0f:
         b6:ef:dd:64:d5:13:52:e4:6f:9c:c4:36:e3:30:9e:f5:7d:b1:
         02:a3:93:db:7f:f8:f7:24:8b:4a:ab:2d:35:26:32:d7:11:9c:
         d3:3d:6d:6f:86:97:5c:3b:b9:2f:33:2e:5d:a7:b3:09:d4:23:
         0e:54:de:29:3e:c5:f8:f6:6e:fc:4c:72:35:f0:7b:3b:6c:3d:
         86:b8:b9:a1:25:c4:05:32:5f:32:13:da:ba:95:4f:4f:c0:ec:
         9e:8f:40:1e:13:73:77:61:d3:05:b3:9d:38:06:8f:1b:fa:6e:
         78:23:49:66:9f:f1:cb:df:32:3c:9e:d6:67:c7:44:8f:f5:07:
         15:b3:3c:36:aa:b8:41:60:59:4a:ee:60:81:74:60:fb:30:b9:
         66:79:cf:c4:d2:ab:2f:99:2b:aa:eb:03:f0:0a:56:c2:89:7f:
         f6:07:c0:de:cd:39:75:8f:25:0b:0f:3a:95:db:0b:27:fe:23:
         79:8e:54:c4:44:37:fb:dd:b1:4c:cc:a0:ac:04:81:13:e2:55:
         83:5d:82:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4ItSYscULjwoDGP79VGqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ODE3N2E5YTM0NjlkYjNhY2YxMGE5OGY2YzAzOTMxZTM1
NTE1ZmEwHhcNMjUwNTEwMDMwMDEyWhcNMjUwNTExMDMwMDEyWjAzMTEwLwYDVQQD
EyhmNjUwNTAxNzNmM2Y4ZDU5MzIzNGM0YjNhNzIwMmU3ZjcxZThkMzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4w1iB1fidgFtxzxxbSqis37kjtm2
E+XAaxjmXfkJccQgHX05r/R1Y8/4dHotxEqTdvpqt+YaeV1qI1MKOtq3coVOtpqE
Vpjdol/W9OGQjYV/1MgELanxbb9cMWTi3FfPtvG75EXwSbdIeP3aJz4EgxTAfB2n
9c085bA2lyt54DHcUnovVu+n1jQ+cJTjfKBRWUWCl+OxlnHhrrtfShcUSmTtsob1
2icUTtxP1A1VB3N+WlFamCsHzr7CQgVrdghI0mE+5EaEt8tiYysQbs4QpkUzDTXA
kQY1jJ8+FGoNmg7x7nxSVugeGzcC37nX75RyCrg6spM3hguNpha0A6qu/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZQUBc/P41ZMjTEs6cgLn9x6NOfMB8GA1UdIwQY
MBaAFLiBd6mjRp2zrPEKmPbAOTHjVRX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTct
ZWIwODg1YjkwMDNlLzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTctZWIwODg1YjkwMDNl
LzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWEJKf8VV
6N3sc3d00FryzeiVx9Yqi8JptR9W531uZ7AwmWWA9mf54s7mMug8k6p/1y0B6L4P
tu/dZNUTUuRvnMQ24zCe9X2xAqOT23/49ySLSqstNSYy1xGc0z1tb4aXXDu5LzMu
XaezCdQjDlTeKT7F+PZu/ExyNfB7O2w9hri5oSXEBTJfMhPaupVPT8Dsno9AHhNz
d2HTBbOdOAaPG/pueCNJZp/xy98yPJ7WZ8dEj/UHFbM8Nqq4QWBZSu5ggXRg+zC5
ZnnPxNKrL5krqusD8ApWwol/9gfA3s05dY8lCw86ldsLJ/4jeY5UxEQ3+92xTMyg
rASBE+JVg12C1g==
-----END CERTIFICATE-----