Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft
File:                     U1wJpqvN8dobR6tK8_-O_KWBRF0.mft (raw, json)
Hash identifier:          roQyxiv6OcIHO4dx2x4kFXNgAUfcyJhdmaL9YBnWb44=
Subject key identifier:   E9:3D:A4:2F:E0:53:71:83:0E:8F:58:45:4C:E5:E1:16:3F:AE:42:14
Authority key identifier: 53:5C:09:A6:AB:CD:F1:DA:1B:47:AB:4A:F3:FF:8E:FC:A5:81:44:5D
Certificate issuer:       /CN=535c09a6abcdf1da1b47ab4af3ff8efca581445d
Certificate serial:       0196BF6E954294FA8EAA6AEDE2D19C95A39E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1wJpqvN8dobR6tK8_-O_KWBRF0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft
Manifest number:          0499
Signing time:             Sun 11 May 2025 13:00:17 +0000
Manifest this update:     Sun 11 May 2025 13:00:17 +0000
Manifest next update:     Mon 12 May 2025 13:00:17 +0000
Files and hashes:         1: U1wJpqvN8dobR6tK8_-O_KWBRF0.crl (hash: 3k+YXJSh2T2p4ikKDuLpxHsHFGQ4vYrJ+R7qHBvEY5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1wJpqvN8dobR6tK8_-O_KWBRF0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 13:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6e:95:42:94:fa:8e:aa:6a:ed:e2:d1:9c:95:a3:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535c09a6abcdf1da1b47ab4af3ff8efca581445d
        Validity
            Not Before: May 11 13:00:17 2025 GMT
            Not After : May 12 13:00:17 2025 GMT
        Subject: CN=e93da42fe05371830e8f58454ce5e1163fae4214
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f1:d7:e5:fb:18:52:08:43:0c:5b:e8:c4:25:
                    9b:e3:26:19:a1:d8:62:62:b0:9d:6e:b6:44:36:84:
                    7e:0c:7c:28:7c:3b:3f:db:02:31:85:3e:a7:2b:16:
                    1f:93:cc:0c:39:f2:d3:ea:e9:0b:ff:1f:07:25:f8:
                    e5:07:f9:d0:57:c3:63:1a:3b:06:b7:f0:9f:89:6c:
                    e5:3b:2a:f5:59:98:d2:d0:ab:c9:91:1b:8b:75:27:
                    4f:77:b7:59:e0:72:05:c9:12:ed:e0:75:5b:cc:74:
                    41:8b:a6:43:65:36:5a:08:bc:a8:b5:31:b6:29:00:
                    a4:c5:d4:b0:dc:68:a2:2d:64:2d:c9:1e:44:25:bd:
                    19:13:2f:06:c7:1f:c6:06:f2:66:c7:69:27:22:ec:
                    eb:53:3b:21:18:5c:fd:77:b7:a7:d4:f6:c4:4f:2d:
                    4d:c9:92:be:d0:49:b2:56:9b:a4:fd:28:d3:8c:76:
                    98:03:b1:79:19:2d:6a:cf:67:9c:ce:6d:96:d2:3b:
                    6b:3e:a5:82:d4:68:22:b7:c6:5e:ff:39:c9:d7:f1:
                    64:65:5d:92:11:1d:6e:78:5f:3b:72:8a:c1:bc:b0:
                    9a:e2:94:44:12:d9:92:8a:87:14:ed:30:e3:56:f4:
                    54:a7:17:4b:83:05:3f:16:7b:a2:4b:64:1c:21:49:
                    ca:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:3D:A4:2F:E0:53:71:83:0E:8F:58:45:4C:E5:E1:16:3F:AE:42:14
            X509v3 Authority Key Identifier:
                keyid:53:5C:09:A6:AB:CD:F1:DA:1B:47:AB:4A:F3:FF:8E:FC:A5:81:44:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1wJpqvN8dobR6tK8_-O_KWBRF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:79:10:2a:da:a5:40:78:92:b9:e0:7d:d0:1b:78:b7:5f:2b:
         ce:50:80:f3:86:4d:f3:17:55:80:91:07:01:9b:2e:d4:7e:67:
         01:16:23:9e:9b:ce:15:9b:94:b1:44:16:15:b2:fd:10:34:a2:
         e5:62:01:9f:1e:1d:2a:75:0e:e4:fe:33:79:e5:c4:3e:63:92:
         b1:6c:80:6d:23:ff:01:be:5a:51:79:35:ca:83:f5:88:c6:a2:
         ca:33:d1:7d:02:b1:97:7c:11:de:62:71:1c:c2:f4:85:48:65:
         6c:0e:1a:4e:23:b0:1b:b5:94:89:30:df:71:41:fc:37:2d:b1:
         9f:7a:75:b7:a3:8f:66:a2:1c:6a:a8:8e:2e:29:7d:b1:91:82:
         6f:5a:45:80:6b:55:ff:f6:27:d8:cf:dd:6d:59:2c:90:5f:2b:
         85:24:40:53:c5:fa:18:31:65:24:9f:5b:36:1f:de:50:46:33:
         c0:a0:5b:b1:41:b1:38:87:aa:27:49:d5:72:c8:b9:74:75:9b:
         bf:83:8e:9f:27:50:bb:f7:71:34:4e:70:b9:55:17:70:57:70:
         7f:23:07:29:04:02:09:84:51:45:53:69:12:4f:88:e4:04:df:
         c9:ec:00:c5:ba:8f:df:7f:72:e5:4e:50:50:e4:71:f5:51:4f:
         80:9c:c3:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/bpVClPqOqmrt4tGclaOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWMwOWE2YWJjZGYxZGExYjQ3YWI0YWYzZmY4ZWZjYTU4
MTQ0NWQwHhcNMjUwNTExMTMwMDE3WhcNMjUwNTEyMTMwMDE3WjAzMTEwLwYDVQQD
EyhlOTNkYTQyZmUwNTM3MTgzMGU4ZjU4NDU0Y2U1ZTExNjNmYWU0MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPHX5fsYUghDDFvoxCWb4yYZodhi
YrCdbrZENoR+DHwofDs/2wIxhT6nKxYfk8wMOfLT6ukL/x8HJfjlB/nQV8NjGjsG
t/CfiWzlOyr1WZjS0KvJkRuLdSdPd7dZ4HIFyRLt4HVbzHRBi6ZDZTZaCLyotTG2
KQCkxdSw3GiiLWQtyR5EJb0ZEy8Gxx/GBvJmx2knIuzrUzshGFz9d7en1PbETy1N
yZK+0EmyVpuk/SjTjHaYA7F5GS1qz2eczm2W0jtrPqWC1Ggit8Ze/znJ1/FkZV2S
ER1ueF87corBvLCa4pREEtmSiocU7TDjVvRUpxdLgwU/FnuiS2QcIUnKiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOk9pC/gU3GDDo9YRUzl4RY/rkIUMB8GA1UdIwQY
MBaAFFNcCaarzfHaG0erSvP/jvylgURdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF3SnBxdk44ZG9iUjZ0SzhfLU9fS1dCUkYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82MzYyMmYtYjQ2NC00MDdkLWJjZmQt
Yzk0OTFiNGRmZDc2LzEvVTF3SnBxdk44ZG9iUjZ0SzhfLU9fS1dCUkYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82MzYyMmYtYjQ2NC00MDdkLWJjZmQtYzk0OTFiNGRmZDc2
LzEvVTF3SnBxdk44ZG9iUjZ0SzhfLU9fS1dCUkYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbnkQKtql
QHiSueB90Bt4t18rzlCA84ZN8xdVgJEHAZsu1H5nARYjnpvOFZuUsUQWFbL9EDSi
5WIBnx4dKnUO5P4zeeXEPmOSsWyAbSP/Ab5aUXk1yoP1iMaiyjPRfQKxl3wR3mJx
HML0hUhlbA4aTiOwG7WUiTDfcUH8Ny2xn3p1t6OPZqIcaqiOLil9sZGCb1pFgGtV
//Yn2M/dbVkskF8rhSRAU8X6GDFlJJ9bNh/eUEYzwKBbsUGxOIeqJ0nVcsi5dHWb
v4OOnydQu/dxNE5wuVUXcFdwfyMHKQQCCYRRRVNpEk+I5ATfyewAxbqP339y5U5Q
UORx9VFPgJzDPA==
-----END CERTIFICATE-----