Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
File:                     U9L19sohYsiL85oPnekm9CPlMQQ.mft (raw, json)
Hash identifier:          UGE1Dwkskldgoe8++9zuvwous0Pz5s9GPeXIR2R3yK4=
Subject key identifier:   C6:5E:C0:0D:62:B0:BD:C7:A7:33:9F:0C:C9:9F:75:2B:3C:14:33:73
Authority key identifier: 53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04
Certificate issuer:       /CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
Certificate serial:       0197B6A1321A84EE4762059F195E74F334B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
Manifest number:          0F1C
Signing time:             Sat 28 Jun 2025 13:01:46 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:46 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:46 +0000
Files and hashes:         1: U9L19sohYsiL85oPnekm9CPlMQQ.crl (hash: pwBVVf8kZWGApPCvRKTriwGPVz96S2Dz7zoRSoTLFNU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:32:1a:84:ee:47:62:05:9f:19:5e:74:f3:34:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
        Validity
            Not Before: Jun 28 13:01:46 2025 GMT
            Not After : Jun 29 13:01:46 2025 GMT
        Subject: CN=c65ec00d62b0bdc7a7339f0cc99f752b3c143373
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:43:2e:13:2f:38:d1:37:1f:80:a0:3f:41:43:
                    a6:20:68:15:24:af:74:0f:92:e1:11:3d:57:ae:69:
                    64:5b:a1:8b:8b:56:3a:be:81:d7:ba:35:47:ef:34:
                    7c:31:a9:03:d6:56:60:b3:6a:0a:1c:be:fc:3e:7f:
                    57:ec:88:5b:3d:d8:f2:75:c1:5f:6d:2b:1b:ba:52:
                    c1:65:d8:fa:68:50:71:55:ca:27:5d:92:9a:b6:16:
                    12:a9:37:aa:c7:53:f8:62:3a:4e:bb:8f:be:c5:32:
                    2d:88:c5:0c:b1:12:15:cf:63:9e:e0:8f:24:61:79:
                    c2:d4:0d:c1:19:fe:86:97:74:50:ea:cc:ca:77:4a:
                    11:c1:a2:c5:2d:f0:82:81:a5:34:a5:44:ff:9e:dc:
                    5c:43:5a:fd:15:ce:18:85:79:e0:dc:ac:27:9e:f4:
                    c3:71:17:39:7f:c5:78:bf:a3:77:ad:19:1a:72:60:
                    d8:34:83:ee:86:f1:a3:67:fb:1c:de:ea:b3:49:af:
                    3a:82:d7:a4:2e:64:b7:a6:74:88:61:70:6a:c6:88:
                    bc:de:a9:f3:3f:33:fb:d7:74:ac:8e:91:3e:36:8a:
                    3e:a5:b2:35:c9:ed:3a:fa:26:e9:e0:14:9e:55:d7:
                    97:f7:ee:fe:a7:dc:ab:f5:8e:ce:45:ac:c0:d7:d0:
                    53:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:5E:C0:0D:62:B0:BD:C7:A7:33:9F:0C:C9:9F:75:2B:3C:14:33:73
            X509v3 Authority Key Identifier:
                keyid:53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:94:91:56:d8:84:50:da:b3:e1:a9:c7:8e:96:ae:cc:a4:f6:
         06:f1:db:5d:7c:b5:86:20:6f:b8:5e:3c:47:02:65:38:ac:f8:
         4f:5f:5f:20:f4:4d:8a:51:45:98:57:88:37:47:cb:47:cd:a8:
         fc:ba:31:9b:0d:a4:88:b7:a8:80:42:0c:88:69:84:46:ed:4e:
         a9:63:6e:8e:73:cf:5a:c6:89:22:dc:06:96:55:5c:9c:10:7c:
         7f:15:50:ca:55:06:38:47:be:26:57:0f:8e:db:41:5c:59:ae:
         a5:ed:89:dc:0e:e8:bc:ad:31:30:3e:c3:a3:c4:5d:42:6c:e7:
         63:3b:e8:e9:10:3d:ed:77:3d:d3:f5:a2:f3:4e:c7:12:47:66:
         47:69:c5:96:c2:87:70:fe:2a:aa:54:18:45:ac:38:07:ee:16:
         01:d8:28:c2:20:f9:38:11:5f:fb:51:05:70:6a:ec:23:06:24:
         bc:eb:c9:81:38:c3:da:a0:75:15:43:96:4a:f8:98:e8:49:ed:
         c9:34:bc:96:f0:e3:29:db:9c:63:63:5a:61:6c:5b:63:76:55:
         9c:9d:c6:02:6c:c8:9d:47:b5:cd:2d:97:21:57:03:ea:5e:52:
         0d:8e:3c:fa:73:a4:7f:66:57:7a:18:d0:41:8c:1d:a2:59:7f:
         34:a6:54:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oTIahO5HYgWfGV508zS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDJmNWY2Y2EyMTYyYzg4YmYzOWEwZjlkZTkyNmY0MjNl
NTMxMDQwHhcNMjUwNjI4MTMwMTQ2WhcNMjUwNjI5MTMwMTQ2WjAzMTEwLwYDVQQD
EyhjNjVlYzAwZDYyYjBiZGM3YTczMzlmMGNjOTlmNzUyYjNjMTQzMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20MuEy840TcfgKA/QUOmIGgVJK90
D5LhET1XrmlkW6GLi1Y6voHXujVH7zR8MakD1lZgs2oKHL78Pn9X7IhbPdjydcFf
bSsbulLBZdj6aFBxVconXZKathYSqTeqx1P4YjpOu4++xTItiMUMsRIVz2Oe4I8k
YXnC1A3BGf6Gl3RQ6szKd0oRwaLFLfCCgaU0pUT/ntxcQ1r9Fc4YhXng3KwnnvTD
cRc5f8V4v6N3rRkacmDYNIPuhvGjZ/sc3uqzSa86gtekLmS3pnSIYXBqxoi83qnz
PzP713SsjpE+Noo+pbI1ye06+ibp4BSeVdeX9+7+p9yr9Y7ORazA19BTpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZewA1isL3HpzOfDMmfdSs8FDNzMB8GA1UdIwQY
MBaAFFPS9fbKIWLIi/OaD53pJvQj5TEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYt
YTZmY2FkMTlhZWYyLzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYtYTZmY2FkMTlhZWYy
LzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkJSRVtiE
UNqz4anHjpauzKT2BvHbXXy1hiBvuF48RwJlOKz4T19fIPRNilFFmFeIN0fLR82o
/Loxmw2kiLeogEIMiGmERu1OqWNujnPPWsaJItwGllVcnBB8fxVQylUGOEe+JlcP
jttBXFmupe2J3A7ovK0xMD7Do8RdQmznYzvo6RA97Xc90/Wi807HEkdmR2nFlsKH
cP4qqlQYRaw4B+4WAdgowiD5OBFf+1EFcGrsIwYkvOvJgTjD2qB1FUOWSviY6Ent
yTS8lvDjKducY2NaYWxbY3ZVnJ3GAmzInUe1zS2XIVcD6l5SDY48+nOkf2ZXehjQ
QYwdoll/NKZULA==
-----END CERTIFICATE-----