Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
File:                     ucN059N57ajbliAKTu_lvBwok58.mft (raw, json)
Hash identifier:          js7SswzL6Qng6BQrutsMGxNkWz2AFagNIr2DUcXVP0w=
Subject key identifier:   4D:23:33:3C:D6:19:2A:86:61:D0:F0:85:E9:5F:A1:8B:19:D2:D1:66
Authority key identifier: B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F
Certificate issuer:       /CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
Certificate serial:       0196BF6F825664633648239D4CC760AE3BC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
Manifest number:          0BEC
Signing time:             Sun 11 May 2025 13:01:18 +0000
Manifest this update:     Sun 11 May 2025 13:01:18 +0000
Manifest next update:     Mon 12 May 2025 13:01:18 +0000
Files and hashes:         1: ucN059N57ajbliAKTu_lvBwok58.crl (hash: acXfjK8+VozQER8jD01kBEDJLSzX++m7mH02eMjLm1c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6f:82:56:64:63:36:48:23:9d:4c:c7:60:ae:3b:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
        Validity
            Not Before: May 11 13:01:18 2025 GMT
            Not After : May 12 13:01:18 2025 GMT
        Subject: CN=4d23333cd6192a8661d0f085e95fa18b19d2d166
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:41:e0:ea:ea:42:00:05:65:a1:4d:76:bf:0a:
                    b0:96:7e:b4:2e:1e:1f:21:cb:94:fc:1e:5c:63:72:
                    34:a5:94:9b:56:b4:56:5d:38:a4:e1:2b:fe:83:6d:
                    92:fa:e2:ef:ed:50:5f:bd:5f:ec:7c:09:08:37:af:
                    27:2a:4d:f2:ad:06:ca:6c:fe:fc:80:6f:d2:ef:b6:
                    76:1d:fd:37:c8:ba:a8:25:fc:44:82:c4:ad:80:71:
                    96:d0:03:a2:12:33:fb:46:88:79:8f:c6:55:c8:40:
                    cf:79:fa:57:8a:e2:88:c0:f9:2d:61:4a:73:a3:ce:
                    e0:2b:f9:6f:e0:05:12:dd:e2:1a:3b:c6:5a:e4:cc:
                    7e:21:a3:a5:70:29:6d:4f:b7:5d:b9:2a:a0:96:45:
                    78:e7:fc:0c:13:a6:61:7f:2c:f4:bc:bb:b8:61:7b:
                    1b:8e:4f:3c:ce:9e:a3:77:7b:75:54:1b:62:ea:e6:
                    d8:a9:d7:18:4c:d1:87:ca:a5:ab:86:e7:f6:70:d7:
                    90:10:c9:14:47:26:a4:39:74:47:9d:24:3a:7a:4c:
                    d8:f5:eb:53:d5:81:2d:e3:e3:13:47:ac:cb:69:f3:
                    7f:13:5e:f2:61:8b:e1:d4:ea:5e:2c:4d:9f:5c:0c:
                    73:f4:68:f5:e8:4d:12:b9:d0:ec:ea:31:6a:82:cf:
                    29:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:23:33:3C:D6:19:2A:86:61:D0:F0:85:E9:5F:A1:8B:19:D2:D1:66
            X509v3 Authority Key Identifier:
                keyid:B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:4f:9a:21:2f:dd:d4:43:35:97:ad:fe:15:38:d0:d1:8e:36:
         82:4f:fa:df:fb:ab:cb:8f:12:c6:1b:89:ec:4a:de:86:14:3e:
         2d:46:68:bd:12:95:b5:8e:9e:6d:34:e7:07:2c:44:93:74:10:
         1d:a8:4c:3c:70:ba:2d:61:7b:5f:e2:66:cc:74:20:40:04:7b:
         3a:ee:42:53:49:0b:b2:84:97:96:f7:e8:d9:24:c3:9c:12:e7:
         a6:a4:e2:91:69:bc:0d:81:f4:6a:54:01:b9:99:c1:78:98:02:
         18:4c:6a:97:b9:fa:9c:ec:9c:de:b9:d9:ad:f7:8e:6a:8e:91:
         62:7a:00:8d:96:11:67:df:aa:f3:2c:36:97:cb:b2:9a:7e:a1:
         1b:a5:a1:6f:54:e4:9f:f2:dd:77:80:1b:04:cd:38:6f:ee:b0:
         be:d6:f9:5c:71:12:05:07:91:9e:0a:e9:b5:ec:6b:e2:88:5f:
         8c:67:8a:e1:bf:53:49:c0:f5:72:2a:bf:41:00:04:f5:2d:1e:
         5c:16:e3:b2:93:c2:f9:4e:7a:53:50:f6:be:26:62:cc:63:94:
         ac:99:45:a8:84:74:96:14:cb:38:bc:d2:40:8e:65:fa:8a:ff:
         b8:b2:5a:8b:33:d2:a3:bb:92:8c:8f:ae:6d:70:f3:95:5a:7f:
         c0:c0:a2:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/b4JWZGM2SCOdTMdgrjvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM3NGU3ZDM3OWVkYThkYjk2MjAwYTRlZWZlNWJjMWMy
ODkzOWYwHhcNMjUwNTExMTMwMTE4WhcNMjUwNTEyMTMwMTE4WjAzMTEwLwYDVQQD
Eyg0ZDIzMzMzY2Q2MTkyYTg2NjFkMGYwODVlOTVmYTE4YjE5ZDJkMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkHg6upCAAVloU12vwqwln60Lh4f
IcuU/B5cY3I0pZSbVrRWXTik4Sv+g22S+uLv7VBfvV/sfAkIN68nKk3yrQbKbP78
gG/S77Z2Hf03yLqoJfxEgsStgHGW0AOiEjP7Roh5j8ZVyEDPefpXiuKIwPktYUpz
o87gK/lv4AUS3eIaO8Za5Mx+IaOlcCltT7dduSqglkV45/wME6Zhfyz0vLu4YXsb
jk88zp6jd3t1VBti6ubYqdcYTNGHyqWrhuf2cNeQEMkURyakOXRHnSQ6ekzY9etT
1YEt4+MTR6zLafN/E17yYYvh1OpeLE2fXAxz9Gj16E0SudDs6jFqgs8p+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0jMzzWGSqGYdDwhelfoYsZ0tFmMB8GA1UdIwQY
MBaAFLnDdOfTee2o25YgCk7v5bwcKJOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgt
YjMyYWRmNjFhYjQ3LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgtYjMyYWRmNjFhYjQ3
LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKE+aIS/d
1EM1l63+FTjQ0Y42gk/63/ury48SxhuJ7ErehhQ+LUZovRKVtY6ebTTnByxEk3QQ
HahMPHC6LWF7X+JmzHQgQAR7Ou5CU0kLsoSXlvfo2STDnBLnpqTikWm8DYH0alQB
uZnBeJgCGExql7n6nOyc3rnZrfeOao6RYnoAjZYRZ9+q8yw2l8uymn6hG6Whb1Tk
n/Ldd4AbBM04b+6wvtb5XHESBQeRngrptexr4ohfjGeK4b9TScD1ciq/QQAE9S0e
XBbjspPC+U56U1D2viZizGOUrJlFqIR0lhTLOLzSQI5l+or/uLJaizPSo7uSjI+u
bXDzlVp/wMCiAg==
-----END CERTIFICATE-----