Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
File:                     udCVzONbOja-8QjvdipiGvRmJiE.mft (raw, json)
Hash identifier:          LykSGn1MZhbOcbEv0pkSRNg28VtNslJr8n1WOvNF6JI=
Subject key identifier:   BC:F1:B5:87:0B:42:25:F0:AC:86:FE:92:D6:B5:FC:E4:26:36:B0:63
Authority key identifier: B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21
Certificate issuer:       /CN=b9d095cce35b3a36bef108ef762a621af4662621
Certificate serial:       0196B17C55FE69163E7F344909CF0DE68BDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
Manifest number:          0282
Signing time:             Thu 08 May 2025 20:00:37 +0000
Manifest this update:     Thu 08 May 2025 20:00:37 +0000
Manifest next update:     Fri 09 May 2025 20:00:37 +0000
Files and hashes:         1: udCVzONbOja-8QjvdipiGvRmJiE.crl (hash: 1dxHZSWVsKclRyP7VYM/9rK2N786JUwk54MAAaHRJtQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 20:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:7c:55:fe:69:16:3e:7f:34:49:09:cf:0d:e6:8b:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d095cce35b3a36bef108ef762a621af4662621
        Validity
            Not Before: May  8 20:00:37 2025 GMT
            Not After : May  9 20:00:37 2025 GMT
        Subject: CN=bcf1b5870b4225f0ac86fe92d6b5fce42636b063
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:3e:8e:69:01:48:9d:78:2d:26:6f:6c:7b:6a:
                    9d:2b:7b:59:2d:b3:0f:f1:2f:0c:28:a7:8c:d1:da:
                    5d:c5:c0:e0:8f:5f:32:a0:76:ab:f7:cf:bc:53:c5:
                    40:da:ce:f6:1b:95:f3:d0:9d:5b:60:61:0b:91:54:
                    25:10:9d:17:08:be:e1:5c:bd:46:61:d8:95:c3:ee:
                    8b:ba:07:81:58:33:1d:b4:62:88:33:07:ba:d2:c5:
                    ec:f5:f7:8c:cc:7d:1e:1b:33:64:04:ec:d2:be:c2:
                    3c:91:9c:ab:29:b2:be:85:9f:4a:51:de:f3:b4:94:
                    79:66:1c:f5:df:ef:7a:6d:b4:86:2c:21:35:4a:3d:
                    b8:3f:23:41:44:1c:e8:ae:83:0f:bb:ad:c2:9e:87:
                    fc:77:af:c2:7b:30:76:b0:26:90:9b:48:3d:14:9b:
                    63:71:93:ab:87:38:d6:c3:c1:40:91:7b:b7:9e:cd:
                    e6:74:8f:9a:76:89:04:04:26:11:85:7b:19:62:ec:
                    9b:89:50:14:3b:69:c0:0c:7f:b7:72:26:8b:18:70:
                    bb:76:6f:d2:d8:bc:76:8d:f7:d8:47:7c:1d:34:38:
                    11:2a:26:fa:02:ab:2b:2c:44:65:5e:43:76:92:1e:
                    46:da:9c:2a:9a:e9:1a:d5:1a:6c:6e:65:4b:58:bc:
                    6c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:F1:B5:87:0B:42:25:F0:AC:86:FE:92:D6:B5:FC:E4:26:36:B0:63
            X509v3 Authority Key Identifier:
                keyid:B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:cc:4a:3f:af:5e:2f:e2:49:37:c0:1b:cd:84:ac:38:6e:dd:
         0d:1a:31:6d:c4:e6:29:38:b6:b6:d1:d7:35:ac:07:22:1a:f4:
         03:71:e2:d0:b2:ef:57:5f:99:86:2f:fe:ba:4a:4e:74:0d:b6:
         83:cc:6b:00:a9:83:81:14:33:82:cc:b0:02:e3:cc:d0:22:8c:
         fa:d8:8f:0e:59:c6:e7:a4:0b:d6:9f:62:9c:09:68:40:c9:74:
         bb:07:bc:15:25:f5:70:e4:24:d1:2c:a3:f5:c2:78:61:8f:05:
         b6:74:4f:7a:7e:e0:e9:39:9f:a2:4b:58:00:96:ab:97:45:6d:
         03:e4:7c:be:d6:4b:f6:ea:d4:cd:1f:fb:53:0d:1b:e5:4e:2d:
         e5:e5:3a:df:21:a8:f9:ff:4e:ef:7f:c2:4a:7c:db:08:f3:1c:
         2a:52:1a:1b:46:c8:31:92:8a:d7:70:d8:a2:d1:9f:78:3e:ca:
         93:c2:d3:e6:b6:59:6e:04:eb:7c:c8:56:e5:cc:01:fe:1e:36:
         b5:96:d2:79:20:55:e9:ae:9d:69:7b:1a:b6:f2:8b:f7:84:5d:
         d8:72:3c:3b:09:46:1e:a6:3c:b2:82:6a:2f:26:6e:ee:27:4a:
         e2:61:3e:fd:71:26:34:11:68:78:49:17:6f:ec:2e:ba:98:fb:
         cc:48:40:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaxfFX+aRY+fzRJCc8N5ovcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDA5NWNjZTM1YjNhMzZiZWYxMDhlZjc2MmE2MjFhZjQ2
NjI2MjEwHhcNMjUwNTA4MjAwMDM3WhcNMjUwNTA5MjAwMDM3WjAzMTEwLwYDVQQD
EyhiY2YxYjU4NzBiNDIyNWYwYWM4NmZlOTJkNmI1ZmNlNDI2MzZiMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj6OaQFInXgtJm9se2qdK3tZLbMP
8S8MKKeM0dpdxcDgj18yoHar98+8U8VA2s72G5Xz0J1bYGELkVQlEJ0XCL7hXL1G
YdiVw+6LugeBWDMdtGKIMwe60sXs9feMzH0eGzNkBOzSvsI8kZyrKbK+hZ9KUd7z
tJR5Zhz13+96bbSGLCE1Sj24PyNBRBzoroMPu63Cnof8d6/CezB2sCaQm0g9FJtj
cZOrhzjWw8FAkXu3ns3mdI+adokEBCYRhXsZYuybiVAUO2nADH+3ciaLGHC7dm/S
2Lx2jffYR3wdNDgRKib6AqsrLERlXkN2kh5G2pwqmuka1RpsbmVLWLxs/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzxtYcLQiXwrIb+kta1/OQmNrBjMB8GA1UdIwQY
MBaAFLnQlczjWzo2vvEI73YqYhr0ZiYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUt
OGM3MGJjODQ3YmM1LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUtOGM3MGJjODQ3YmM1
LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh8xKP69e
L+JJN8AbzYSsOG7dDRoxbcTmKTi2ttHXNawHIhr0A3Hi0LLvV1+Zhi/+ukpOdA22
g8xrAKmDgRQzgsywAuPM0CKM+tiPDlnG56QL1p9inAloQMl0uwe8FSX1cOQk0Syj
9cJ4YY8FtnRPen7g6TmfoktYAJarl0VtA+R8vtZL9urUzR/7Uw0b5U4t5eU63yGo
+f9O73/CSnzbCPMcKlIaG0bIMZKK13DYotGfeD7Kk8LT5rZZbgTrfMhW5cwB/h42
tZbSeSBV6a6daXsatvKL94Rd2HI8OwlGHqY8soJqLyZu7idK4mE+/XEmNBFoeEkX
b+wuupj7zEhArg==
-----END CERTIFICATE-----