Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
File:                     udCVzONbOja-8QjvdipiGvRmJiE.mft (raw, json)
Hash identifier:          fEqtj9n9N3NvTDyQx0pEOtSB07AigaOeMgsDcP3jLKI=
Subject key identifier:   75:E9:6B:5D:D6:63:84:B7:8D:00:65:CB:68:73:AE:0C:81:7B:F4:73
Authority key identifier: B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21
Certificate issuer:       /CN=b9d095cce35b3a36bef108ef762a621af4662621
Certificate serial:       0197BA0F6B1283B0F91D83E6F7E8C5323EA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
Manifest number:          030B
Signing time:             Sun 29 Jun 2025 05:01:01 +0000
Manifest this update:     Sun 29 Jun 2025 05:01:01 +0000
Manifest next update:     Mon 30 Jun 2025 05:01:01 +0000
Files and hashes:         1: udCVzONbOja-8QjvdipiGvRmJiE.crl (hash: ZC5hxOHZY1xUdyTmBRpN1Bxo6UjseSQI5Lh/1mdCJyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:0f:6b:12:83:b0:f9:1d:83:e6:f7:e8:c5:32:3e:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d095cce35b3a36bef108ef762a621af4662621
        Validity
            Not Before: Jun 29 05:01:01 2025 GMT
            Not After : Jun 30 05:01:01 2025 GMT
        Subject: CN=75e96b5dd66384b78d0065cb6873ae0c817bf473
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a7:17:8b:40:a8:aa:59:ee:a8:c8:1d:4d:94:
                    ca:b0:69:85:dc:36:3a:cd:d6:f4:bd:49:3f:7f:78:
                    db:c9:fe:49:51:05:be:3d:39:6e:6a:e1:b9:c8:78:
                    13:ea:7a:c6:4b:a5:2e:fa:18:dd:72:25:74:c8:63:
                    d2:3f:64:d9:dd:48:f1:47:01:ba:8a:38:6b:cf:0d:
                    31:4b:da:51:70:f5:d7:8e:a0:52:cb:a1:52:4a:21:
                    bc:82:59:84:74:cf:61:c6:13:b1:be:f0:22:df:6c:
                    d5:a2:03:87:c6:f1:4a:7b:8e:4b:b4:2e:81:23:7e:
                    e0:e3:dd:fb:ca:dd:2e:42:d8:45:89:7b:cb:8b:0b:
                    8c:2c:b8:92:29:47:f1:f8:ed:4a:0f:77:c6:4a:9d:
                    43:9e:5a:e2:f0:a3:f2:4e:89:ae:db:37:bb:79:a6:
                    a3:60:31:ef:c1:2c:b1:7e:34:30:a8:e8:58:9b:73:
                    5a:61:05:1e:2f:24:6c:9a:50:da:51:78:26:82:ff:
                    74:bb:26:29:19:24:bc:b2:dd:16:ae:46:f6:5a:9b:
                    82:3e:b2:80:89:de:b2:ad:4d:03:e7:b7:f1:f3:ca:
                    80:8b:e4:0f:fc:36:23:fd:ff:ae:e5:86:6f:2c:4c:
                    5b:1b:c2:a9:46:96:04:bc:3c:74:7a:a5:b3:b0:d5:
                    e6:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:E9:6B:5D:D6:63:84:B7:8D:00:65:CB:68:73:AE:0C:81:7B:F4:73
            X509v3 Authority Key Identifier:
                keyid:B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:53:82:52:cf:12:96:2b:06:b3:ab:1a:00:5c:e0:47:58:3f:
         6b:8d:9c:c7:6f:04:75:6a:6c:f8:6e:2e:43:72:0e:de:ce:19:
         7b:79:b6:54:7d:d7:a7:0f:49:d1:a9:7e:8d:5c:8e:c4:6d:53:
         19:98:6a:71:bf:f8:ac:e8:02:58:78:81:c0:e4:4c:04:04:c5:
         e0:de:17:fc:d4:d5:49:05:0c:9e:84:4d:7e:99:68:bb:74:39:
         0c:c5:c1:18:7a:f5:66:89:b0:c2:39:80:da:60:96:01:fd:3f:
         01:83:d0:37:ba:cd:4c:56:12:a7:59:13:ea:ca:60:5a:ab:7f:
         bd:ad:6c:75:15:4d:8e:be:32:3f:2a:bb:d2:4d:9f:a8:28:31:
         5e:6c:67:50:20:9b:c8:03:53:9e:73:a4:9e:d6:ba:31:9e:51:
         df:d0:c8:a7:24:6a:a8:31:5a:7a:6b:5c:4a:48:ae:eb:8e:f1:
         a3:29:8b:fd:0e:99:d9:9f:16:14:83:b7:58:e0:fd:f4:83:4a:
         cc:a8:d1:51:d5:11:92:8b:5c:31:69:29:24:43:27:67:2f:6a:
         2f:31:1f:04:a1:c8:a6:2f:42:b7:3b:ef:a4:73:c8:f3:a9:87:
         a3:ac:ca:da:c9:ed:21:9b:bc:fd:1a:c1:57:b3:1f:e8:32:20:
         5b:99:51:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6D2sSg7D5HYPm9+jFMj6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDA5NWNjZTM1YjNhMzZiZWYxMDhlZjc2MmE2MjFhZjQ2
NjI2MjEwHhcNMjUwNjI5MDUwMTAxWhcNMjUwNjMwMDUwMTAxWjAzMTEwLwYDVQQD
Eyg3NWU5NmI1ZGQ2NjM4NGI3OGQwMDY1Y2I2ODczYWUwYzgxN2JmNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwacXi0CoqlnuqMgdTZTKsGmF3DY6
zdb0vUk/f3jbyf5JUQW+PTluauG5yHgT6nrGS6Uu+hjdciV0yGPSP2TZ3UjxRwG6
ijhrzw0xS9pRcPXXjqBSy6FSSiG8glmEdM9hxhOxvvAi32zVogOHxvFKe45LtC6B
I37g4937yt0uQthFiXvLiwuMLLiSKUfx+O1KD3fGSp1Dnlri8KPyTomu2ze7eaaj
YDHvwSyxfjQwqOhYm3NaYQUeLyRsmlDaUXgmgv90uyYpGSS8st0Wrkb2WpuCPrKA
id6yrU0D57fx88qAi+QP/DYj/f+u5YZvLExbG8KpRpYEvDx0eqWzsNXm3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXpa13WY4S3jQBly2hzrgyBe/RzMB8GA1UdIwQY
MBaAFLnQlczjWzo2vvEI73YqYhr0ZiYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUt
OGM3MGJjODQ3YmM1LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUtOGM3MGJjODQ3YmM1
LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASFOCUs8S
lisGs6saAFzgR1g/a42cx28EdWps+G4uQ3IO3s4Ze3m2VH3Xpw9J0al+jVyOxG1T
GZhqcb/4rOgCWHiBwORMBATF4N4X/NTVSQUMnoRNfplou3Q5DMXBGHr1ZomwwjmA
2mCWAf0/AYPQN7rNTFYSp1kT6spgWqt/va1sdRVNjr4yPyq70k2fqCgxXmxnUCCb
yANTnnOknta6MZ5R39DIpyRqqDFaemtcSkiu647xoymL/Q6Z2Z8WFIO3WOD99INK
zKjRUdURkotcMWkpJEMnZy9qLzEfBKHIpi9CtzvvpHPI86mHo6zK2sntIZu8/RrB
V7Mf6DIgW5lRAA==
-----END CERTIFICATE-----