Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
File:                     U9L19sohYsiL85oPnekm9CPlMQQ.mft (raw, json)
Hash identifier:          RqevN/yqyT7jArhsIUuxab5c6FVdIX3fsxdNIzWD1UI=
Subject key identifier:   E2:81:78:95:F3:F8:7B:C1:48:2D:D7:98:FF:AB:33:91:FF:E2:AA:77
Authority key identifier: 53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04
Certificate issuer:       /CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
Certificate serial:       0196AA3136700AA8CF885CFFFA2B384040D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
Manifest number:          0E91
Signing time:             Wed 07 May 2025 10:01:13 +0000
Manifest this update:     Wed 07 May 2025 10:01:13 +0000
Manifest next update:     Thu 08 May 2025 10:01:13 +0000
Files and hashes:         1: U9L19sohYsiL85oPnekm9CPlMQQ.crl (hash: ye84Cb64PUXHzDwcAYl5MDU4GMRpxhCkiOXiVR2x/Vo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 10:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:31:36:70:0a:a8:cf:88:5c:ff:fa:2b:38:40:40:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
        Validity
            Not Before: May  7 10:01:13 2025 GMT
            Not After : May  8 10:01:13 2025 GMT
        Subject: CN=e2817895f3f87bc1482dd798ffab3391ffe2aa77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:80:09:41:e0:c6:a5:ae:8f:c5:4d:77:60:f7:
                    8f:84:32:82:03:dd:77:c9:3d:d4:fa:08:d3:b4:08:
                    cd:06:6e:c5:6e:d3:a4:ba:15:89:66:d4:5b:3f:e0:
                    84:bd:d2:c6:dd:e9:24:a5:ff:9f:87:45:b8:1c:5f:
                    54:6f:df:a4:4b:97:c9:ef:8f:fd:56:5f:32:be:c3:
                    5f:94:e5:14:0d:69:1f:b6:59:26:e1:af:30:ee:9e:
                    84:e8:42:a3:29:05:b2:77:00:9f:47:5a:9f:25:51:
                    e2:51:17:c0:b8:c2:74:1b:f1:44:8c:17:59:b2:99:
                    a6:3e:a9:53:7e:25:24:b4:86:56:64:ed:c2:56:69:
                    9e:9c:6b:d2:5b:be:3e:0f:a6:90:e8:b1:59:12:9f:
                    1d:dd:e7:5e:ca:69:0d:74:c0:3b:d8:31:c2:ce:dc:
                    f9:95:5b:12:a8:2c:8b:1c:59:9b:3b:12:62:16:0a:
                    58:c6:6c:d6:c1:51:b9:97:66:d2:5e:06:18:b9:91:
                    67:19:a6:e9:01:35:71:fa:47:9d:d2:95:f2:0f:aa:
                    ce:82:8e:d9:a1:70:d3:0d:ad:d7:69:9f:6a:97:26:
                    df:a0:f1:80:7f:01:69:c1:b8:66:03:1a:fe:71:31:
                    6e:fc:ea:36:1a:1b:8c:2e:4d:b4:e5:21:8c:7a:a4:
                    09:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:81:78:95:F3:F8:7B:C1:48:2D:D7:98:FF:AB:33:91:FF:E2:AA:77
            X509v3 Authority Key Identifier:
                keyid:53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:c6:fc:33:57:a6:8c:85:da:8d:11:98:33:cb:c6:7c:04:72:
         61:6a:b8:44:c4:03:56:53:f9:59:e8:50:ec:49:be:2a:4f:db:
         af:69:8c:ad:9d:6e:c7:32:9f:25:1e:6b:a6:68:7c:cf:9f:73:
         7d:a4:d3:d6:51:fc:87:ca:8c:d3:7b:1d:cc:47:7b:8b:f4:d0:
         6a:08:f6:2f:13:7a:c0:d0:10:29:14:a6:1f:cf:0e:8d:70:28:
         2e:bb:98:8e:07:8e:ed:58:7b:bf:f5:fc:e8:ac:d5:15:b2:34:
         30:0f:5f:b7:23:39:35:56:31:86:a4:2b:25:63:cb:75:5e:0f:
         3f:0a:d7:f9:99:ce:fa:6d:63:9e:ce:29:dd:97:12:43:7d:82:
         e3:5b:ea:05:05:53:97:13:61:8d:29:cf:2e:53:89:e9:df:27:
         d6:b7:0d:f9:e6:b6:fd:64:8c:bd:ed:20:d3:bb:b8:75:17:7c:
         ff:5a:a0:1e:f1:b1:33:23:4e:87:c1:d2:dd:e7:16:f7:0c:35:
         c7:fd:76:95:f7:57:9b:48:c0:bc:fb:cf:0d:18:3e:52:8b:8b:
         c0:ae:e3:41:07:5c:23:fc:8c:51:c7:da:39:26:33:b8:50:8c:
         4d:75:6e:d8:4c:20:f4:fe:ad:0c:07:bb:73:06:cb:76:47:ca:
         2d:c8:c2:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqMTZwCqjPiFz/+is4QEDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDJmNWY2Y2EyMTYyYzg4YmYzOWEwZjlkZTkyNmY0MjNl
NTMxMDQwHhcNMjUwNTA3MTAwMTEzWhcNMjUwNTA4MTAwMTEzWjAzMTEwLwYDVQQD
EyhlMjgxNzg5NWYzZjg3YmMxNDgyZGQ3OThmZmFiMzM5MWZmZTJhYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIAJQeDGpa6PxU13YPePhDKCA913
yT3U+gjTtAjNBm7FbtOkuhWJZtRbP+CEvdLG3ekkpf+fh0W4HF9Ub9+kS5fJ74/9
Vl8yvsNflOUUDWkftlkm4a8w7p6E6EKjKQWydwCfR1qfJVHiURfAuMJ0G/FEjBdZ
spmmPqlTfiUktIZWZO3CVmmenGvSW74+D6aQ6LFZEp8d3edeymkNdMA72DHCztz5
lVsSqCyLHFmbOxJiFgpYxmzWwVG5l2bSXgYYuZFnGabpATVx+ked0pXyD6rOgo7Z
oXDTDa3XaZ9qlybfoPGAfwFpwbhmAxr+cTFu/Oo2GhuMLk205SGMeqQJ+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOKBeJXz+HvBSC3XmP+rM5H/4qp3MB8GA1UdIwQY
MBaAFFPS9fbKIWLIi/OaD53pJvQj5TEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYt
YTZmY2FkMTlhZWYyLzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYtYTZmY2FkMTlhZWYy
LzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIMb8M1em
jIXajRGYM8vGfARyYWq4RMQDVlP5WehQ7Em+Kk/br2mMrZ1uxzKfJR5rpmh8z59z
faTT1lH8h8qM03sdzEd7i/TQagj2LxN6wNAQKRSmH88OjXAoLruYjgeO7Vh7v/X8
6KzVFbI0MA9ftyM5NVYxhqQrJWPLdV4PPwrX+ZnO+m1jns4p3ZcSQ32C41vqBQVT
lxNhjSnPLlOJ6d8n1rcN+ea2/WSMve0g07u4dRd8/1qgHvGxMyNOh8HS3ecW9ww1
x/12lfdXm0jAvPvPDRg+UouLwK7jQQdcI/yMUcfaOSYzuFCMTXVu2Ewg9P6tDAe7
cwbLdkfKLcjC7A==
-----END CERTIFICATE-----