Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          +20UUl10ICwqooPmtPI/NkVampjMWBSA/TLvorJmTGU=
Subject key identifier:   8C:19:61:69:67:4C:F2:05:C7:09:19:C1:2B:E7:4E:44:42:0C:B8:E1
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       0196C570FE1EB1A229BECC132F2FD20A8190
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          1538
Signing time:             Mon 12 May 2025 17:00:38 +0000
Manifest this update:     Mon 12 May 2025 17:00:38 +0000
Manifest next update:     Tue 13 May 2025 17:00:38 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: vMQMVlm6ujFPHEZtRMCEAYK+4rpchOnM4ocH3zd2Yco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:70:fe:1e:b1:a2:29:be:cc:13:2f:2f:d2:0a:81:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: May 12 17:00:38 2025 GMT
            Not After : May 13 17:00:38 2025 GMT
        Subject: CN=8c196169674cf205c70919c12be74e44420cb8e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:da:fc:6d:d9:f5:ca:bc:b1:34:bb:f7:cc:bf:
                    7e:97:a4:1d:e7:ff:a3:68:f1:04:e6:59:01:d1:20:
                    85:3b:71:04:b9:ef:fc:b6:61:60:50:ea:61:47:ee:
                    46:07:29:e4:ec:5e:14:e2:0a:c2:ff:24:fe:48:fa:
                    a6:c6:3e:b2:10:c5:f8:41:20:c8:a4:20:20:f4:8c:
                    89:d5:7b:63:9f:6e:39:d8:ce:79:8c:e1:c1:4c:27:
                    53:89:a5:63:38:02:3d:fe:04:fd:e8:43:f2:db:98:
                    00:0e:92:11:d2:15:de:36:d6:51:b0:34:62:e6:4f:
                    54:71:f6:e6:87:56:8b:de:bd:f8:f1:d7:fc:73:a3:
                    e3:8c:d4:7d:37:a9:80:cc:cf:bd:1a:bb:50:a3:52:
                    f1:56:c3:04:a7:3c:4f:54:2d:2e:43:36:9d:26:db:
                    26:0d:de:64:27:f4:77:2e:65:78:49:d3:f2:dc:8b:
                    e4:03:69:69:30:39:94:ed:82:36:bc:2a:ec:df:12:
                    ff:61:49:6e:65:3e:a8:b9:6b:29:0b:e5:2d:cb:0f:
                    4b:a0:98:e6:84:90:71:31:e0:88:16:2e:b4:c6:88:
                    ba:cc:1a:cf:29:be:44:2b:ff:72:d7:80:1f:67:05:
                    e8:29:73:8c:02:0f:b3:21:a0:b6:7b:db:3f:98:37:
                    bb:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:19:61:69:67:4C:F2:05:C7:09:19:C1:2B:E7:4E:44:42:0C:B8:E1
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:a8:c9:5d:b4:17:1c:d1:dc:10:33:05:94:a6:0f:25:a8:1c:
         85:ac:63:70:ff:74:23:01:e3:96:50:54:94:d0:08:8d:8a:d9:
         8f:6f:92:be:0f:52:62:09:17:13:89:68:78:70:29:73:d0:a6:
         b7:d2:14:c2:88:7e:79:bf:a4:c2:66:b1:f7:31:ca:54:e8:79:
         a2:15:6f:7a:eb:0f:fc:a9:ef:24:62:6f:c6:90:0f:2e:3d:93:
         03:28:89:c5:10:2c:56:11:e0:0c:3f:1d:07:39:11:46:8a:c3:
         82:81:27:05:ff:7c:76:b1:32:c4:bf:a5:d8:da:e6:c3:ab:34:
         c3:92:3b:dc:98:e5:36:49:25:c5:d4:64:6e:72:3e:ad:f1:c3:
         b6:46:47:af:52:08:22:c9:2f:66:af:bf:03:9f:b4:5c:4f:63:
         04:a7:af:6b:44:aa:49:d6:ec:59:84:22:3c:08:94:ca:65:7a:
         a8:2a:3c:a3:17:1e:0e:0f:ad:6a:e0:e3:de:ad:d0:a2:9b:eb:
         d8:8b:ca:64:5d:61:97:5d:3c:72:7f:22:ab:d3:1d:5d:89:cf:
         1d:03:2f:db:b9:50:04:f1:ca:b7:ff:b3:fe:ec:a6:5f:7f:47:
         89:13:57:f7:bc:0a:b4:82:ad:5f:04:4d:ef:15:b1:25:91:c5:
         2d:12:6c:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFcP4esaIpvswTLy/SCoGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUwNTEyMTcwMDM4WhcNMjUwNTEzMTcwMDM4WjAzMTEwLwYDVQQD
Eyg4YzE5NjE2OTY3NGNmMjA1YzcwOTE5YzEyYmU3NGU0NDQyMGNiOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNr8bdn1yryxNLv3zL9+l6Qd5/+j
aPEE5lkB0SCFO3EEue/8tmFgUOphR+5GBynk7F4U4grC/yT+SPqmxj6yEMX4QSDI
pCAg9IyJ1Xtjn2452M55jOHBTCdTiaVjOAI9/gT96EPy25gADpIR0hXeNtZRsDRi
5k9Ucfbmh1aL3r348df8c6PjjNR9N6mAzM+9GrtQo1LxVsMEpzxPVC0uQzadJtsm
Dd5kJ/R3LmV4SdPy3IvkA2lpMDmU7YI2vCrs3xL/YUluZT6ouWspC+Utyw9LoJjm
hJBxMeCIFi60xoi6zBrPKb5EK/9y14AfZwXoKXOMAg+zIaC2e9s/mDe76QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwZYWlnTPIFxwkZwSvnTkRCDLjhMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXqjJXbQX
HNHcEDMFlKYPJagchaxjcP90IwHjllBUlNAIjYrZj2+Svg9SYgkXE4loeHApc9Cm
t9IUwoh+eb+kwmax9zHKVOh5ohVveusP/KnvJGJvxpAPLj2TAyiJxRAsVhHgDD8d
BzkRRorDgoEnBf98drEyxL+l2Nrmw6s0w5I73JjlNkklxdRkbnI+rfHDtkZHr1II
IskvZq+/A5+0XE9jBKeva0SqSdbsWYQiPAiUymV6qCo8oxceDg+tauDj3q3Qopvr
2IvKZF1hl108cn8iq9MdXYnPHQMv27lQBPHKt/+z/uymX39HiRNX97wKtIKtXwRN
7xWxJZHFLRJsmw==
-----END CERTIFICATE-----