Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
File:                     ucN059N57ajbliAKTu_lvBwok58.mft (raw, json)
Hash identifier:          VloC8s6RHhgqUP8FrNtsCWla9ojirPIeXkYPzq0guUo=
Subject key identifier:   31:D8:76:1C:0E:7D:4D:5B:31:36:BF:6F:D9:2E:08:8B:85:C8:20:A0
Authority key identifier: B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F
Certificate issuer:       /CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
Certificate serial:       0197B88F44A122360AD1B5FE6F462C746853
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
Manifest number:          0C6D
Signing time:             Sat 28 Jun 2025 22:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:26 +0000
Files and hashes:         1: ucN059N57ajbliAKTu_lvBwok58.crl (hash: U+rp/ld6Rpas2SgTcqG118cbVe5aMBDzDpMOJ1/tsYI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:44:a1:22:36:0a:d1:b5:fe:6f:46:2c:74:68:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
        Validity
            Not Before: Jun 28 22:01:26 2025 GMT
            Not After : Jun 29 22:01:26 2025 GMT
        Subject: CN=31d8761c0e7d4d5b3136bf6fd92e088b85c820a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:31:28:7a:1d:0d:57:3e:a1:cb:6c:ee:80:ea:
                    80:cc:9b:61:61:d4:88:81:f3:82:94:2e:7f:11:f5:
                    c9:5f:3a:32:9a:ac:82:09:01:1d:96:a8:28:b4:ee:
                    33:8f:d1:d3:d3:97:51:09:4b:36:cc:07:d0:b0:f5:
                    25:b2:f7:a4:6b:44:3c:86:df:9a:7c:ef:dd:47:ae:
                    ee:dd:6f:47:d4:cf:11:9e:ff:03:ca:17:e0:0c:94:
                    21:9b:05:05:96:28:72:7c:9d:45:c2:aa:a3:dc:b3:
                    5b:da:6f:18:d5:22:31:c9:16:68:bb:2a:42:db:66:
                    51:b3:77:4c:f2:0b:c1:5e:b1:55:63:ca:87:06:97:
                    51:46:28:ff:17:46:62:5c:7e:6b:21:b0:98:f2:6e:
                    bb:26:fa:d6:b4:ae:3a:6e:5f:e1:db:a9:59:95:66:
                    14:24:5f:58:d5:51:e0:3e:6b:9a:1b:b1:77:3c:e1:
                    32:00:6d:cb:17:c2:5e:46:56:14:3b:6e:d8:5c:4e:
                    0c:04:24:74:64:98:36:86:90:ff:a7:16:a1:cf:8b:
                    2e:5c:29:fb:c9:bb:ec:1c:09:e4:7d:17:f7:8e:93:
                    4c:c0:fa:3a:b3:1c:e8:44:68:e5:79:38:ec:6e:e3:
                    32:7a:db:14:16:4a:5f:12:e9:9d:ee:71:c9:f5:df:
                    ab:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:D8:76:1C:0E:7D:4D:5B:31:36:BF:6F:D9:2E:08:8B:85:C8:20:A0
            X509v3 Authority Key Identifier:
                keyid:B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:0b:ba:03:08:9f:82:db:54:8a:c5:eb:f9:5a:1b:38:57:1a:
         24:93:2a:6e:dd:3c:1a:53:5c:1e:8f:bd:c9:19:1f:da:fb:80:
         c0:b5:77:0f:c4:9b:84:10:67:c4:48:b2:53:34:38:84:70:e3:
         31:9c:26:64:63:79:8f:f9:dc:5c:25:98:49:27:7e:19:e3:0c:
         8f:a3:d2:08:03:e7:c8:6e:b3:7b:4a:b5:d2:fa:75:7c:17:28:
         b3:98:aa:28:a8:b2:a4:c6:2f:5b:80:45:17:c9:c2:ea:02:8c:
         35:58:40:b3:f0:0a:e8:6d:23:28:ad:c1:44:06:51:79:74:de:
         12:0c:20:f7:d5:65:b1:8f:10:f4:75:b4:1b:0d:c0:1d:08:02:
         c4:17:29:e0:eb:88:df:9c:04:b6:ce:cc:f9:04:38:c0:1e:48:
         7d:7f:d4:a0:c2:e2:32:b4:24:b3:c9:e2:99:21:da:9a:3e:df:
         d1:c2:4e:d6:a8:f4:9a:54:00:9e:b5:71:8d:13:e0:18:3e:5b:
         12:21:2a:8e:4c:64:c2:93:7d:9b:b9:aa:0d:40:09:d6:ca:98:
         8c:8a:db:d3:9e:aa:7d:06:a5:61:32:2f:22:62:79:72:ab:60:
         fa:5c:76:ce:d7:32:94:c9:fd:fd:9a:0c:fd:8f:7b:60:45:e7:
         3a:df:e5:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j0ShIjYK0bX+b0YsdGhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM3NGU3ZDM3OWVkYThkYjk2MjAwYTRlZWZlNWJjMWMy
ODkzOWYwHhcNMjUwNjI4MjIwMTI2WhcNMjUwNjI5MjIwMTI2WjAzMTEwLwYDVQQD
EygzMWQ4NzYxYzBlN2Q0ZDViMzEzNmJmNmZkOTJlMDg4Yjg1YzgyMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DEoeh0NVz6hy2zugOqAzJthYdSI
gfOClC5/EfXJXzoymqyCCQEdlqgotO4zj9HT05dRCUs2zAfQsPUlsveka0Q8ht+a
fO/dR67u3W9H1M8Rnv8DyhfgDJQhmwUFlihyfJ1Fwqqj3LNb2m8Y1SIxyRZouypC
22ZRs3dM8gvBXrFVY8qHBpdRRij/F0ZiXH5rIbCY8m67JvrWtK46bl/h26lZlWYU
JF9Y1VHgPmuaG7F3POEyAG3LF8JeRlYUO27YXE4MBCR0ZJg2hpD/pxahz4suXCn7
ybvsHAnkfRf3jpNMwPo6sxzoRGjleTjsbuMyetsUFkpfEumd7nHJ9d+rwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHYdhwOfU1bMTa/b9kuCIuFyCCgMB8GA1UdIwQY
MBaAFLnDdOfTee2o25YgCk7v5bwcKJOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgt
YjMyYWRmNjFhYjQ3LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgtYjMyYWRmNjFhYjQ3
LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQgu6Awif
gttUisXr+VobOFcaJJMqbt08GlNcHo+9yRkf2vuAwLV3D8SbhBBnxEiyUzQ4hHDj
MZwmZGN5j/ncXCWYSSd+GeMMj6PSCAPnyG6ze0q10vp1fBcos5iqKKiypMYvW4BF
F8nC6gKMNVhAs/AK6G0jKK3BRAZReXTeEgwg99VlsY8Q9HW0Gw3AHQgCxBcp4OuI
35wEts7M+QQ4wB5IfX/UoMLiMrQks8nimSHamj7f0cJO1qj0mlQAnrVxjRPgGD5b
EiEqjkxkwpN9m7mqDUAJ1sqYjIrb056qfQalYTIvImJ5cqtg+lx2ztcylMn9/ZoM
/Y97YEXnOt/lyA==
-----END CERTIFICATE-----