Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
File:                     uVZnsVy6fKp0FSdIRHOE--A7iTo.mft (raw, json)
Hash identifier:          7+iaS+w6VDBPt70KK9Cx5XwvRt7C/gHDDBDemhDy7P0=
Subject key identifier:   C4:34:A3:D0:77:4F:06:DB:7F:10:E2:B2:02:7E:78:9B:50:18:F9:5F
Authority key identifier: B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A
Certificate issuer:       /CN=b95667b15cba7caa74152748447384fbe03b893a
Certificate serial:       0197B6A0AC875F7B3F7D7FDC829B666FA0F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
Manifest number:          0866
Signing time:             Sat 28 Jun 2025 13:01:12 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:12 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:12 +0000
Files and hashes:         1: uVZnsVy6fKp0FSdIRHOE--A7iTo.crl (hash: m855jAbBHibWuZza/VMVe9+4D4sun7ZyOUfJPYP+E5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:ac:87:5f:7b:3f:7d:7f:dc:82:9b:66:6f:a0:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b95667b15cba7caa74152748447384fbe03b893a
        Validity
            Not Before: Jun 28 13:01:12 2025 GMT
            Not After : Jun 29 13:01:12 2025 GMT
        Subject: CN=c434a3d0774f06db7f10e2b2027e789b5018f95f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a1:bd:b9:c1:fd:70:cb:ad:c5:8e:0e:6f:3c:
                    47:d3:9b:e6:ce:24:54:e9:17:77:74:de:76:9a:d4:
                    5b:cf:7d:d3:de:87:94:94:b5:6f:d1:d0:f9:5e:4c:
                    b2:a1:8b:80:1f:01:be:af:44:3a:b8:99:ef:7d:b3:
                    07:4b:13:e2:ea:c0:d8:c8:85:cc:c8:67:6c:55:93:
                    31:46:fa:50:df:55:d7:05:03:cd:1a:f4:c2:05:9f:
                    bd:16:5f:7d:05:3f:73:f4:9e:f7:eb:44:20:52:3f:
                    73:cd:9a:a5:0e:2b:ab:73:65:7e:2a:24:fc:5b:7b:
                    cb:13:a9:b5:af:08:4b:02:f4:00:5e:e6:dd:88:4d:
                    10:8b:3d:d3:24:8a:23:67:28:8c:0b:92:e2:ec:1f:
                    c4:a9:29:ee:06:b5:9e:7e:ff:46:f0:c5:6d:5e:56:
                    d1:89:c9:c7:5c:41:f9:dc:cf:0e:ad:6f:6f:51:34:
                    ae:24:f9:7f:19:d8:10:09:8f:c7:73:1a:f0:31:67:
                    51:90:a5:0f:63:9b:f3:fa:04:1a:8f:95:d5:7e:30:
                    6c:37:5c:ec:73:38:3d:7a:f1:19:6c:34:e5:40:3d:
                    fd:96:e0:ee:ab:95:94:aa:f2:fa:f1:5c:ab:5e:63:
                    81:b6:b0:13:d3:d1:65:7a:67:c3:bb:ae:05:cf:0c:
                    f1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:34:A3:D0:77:4F:06:DB:7F:10:E2:B2:02:7E:78:9B:50:18:F9:5F
            X509v3 Authority Key Identifier:
                keyid:B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:be:54:7c:db:b3:43:a2:01:ed:af:ae:a9:b8:75:81:b0:93:
         ab:30:35:96:e6:bd:bf:b3:1d:1c:88:4b:0f:1a:63:33:b7:56:
         12:19:3f:f1:ab:25:1d:26:28:00:f8:0a:5e:59:a6:e4:c7:d6:
         64:8d:24:4d:74:02:d1:b5:80:25:f8:ff:ea:a1:ac:1c:a6:0e:
         e2:21:71:3e:ae:ae:18:7e:07:63:9a:45:6b:17:69:2c:0c:3f:
         14:79:dd:3b:3b:2b:ff:71:ee:4c:ca:b7:4e:d8:51:47:a5:00:
         6f:0e:59:87:e8:55:b0:c6:fa:09:ae:42:9e:c5:de:2f:d4:d8:
         b7:6f:89:75:86:69:0f:60:17:f6:d6:70:d1:7a:ed:b9:1d:f1:
         12:9a:a8:f7:ef:1e:24:01:f3:ac:ef:fd:a6:05:f4:25:c7:af:
         39:51:f0:64:f1:61:5d:c9:71:ab:06:e3:db:47:d5:43:a6:b9:
         3d:2d:ef:2a:ba:8f:b2:ed:0b:f7:1d:39:58:88:00:58:7c:5c:
         d1:5a:7c:db:41:8f:84:b8:5c:ce:32:30:bc:9f:fa:52:10:2e:
         13:dd:70:b9:55:21:ba:cc:c9:2f:21:fc:b9:20:4f:71:4c:12:
         01:8e:4a:2f:ef:80:59:e5:ad:c8:e0:46:ed:78:c8:81:6c:9a:
         9c:ab:4b:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oKyHX3s/fX/cgptmb6D1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NTY2N2IxNWNiYTdjYWE3NDE1Mjc0ODQ0NzM4NGZiZTAz
Yjg5M2EwHhcNMjUwNjI4MTMwMTEyWhcNMjUwNjI5MTMwMTEyWjAzMTEwLwYDVQQD
EyhjNDM0YTNkMDc3NGYwNmRiN2YxMGUyYjIwMjdlNzg5YjUwMThmOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKG9ucH9cMutxY4ObzxH05vmziRU
6Rd3dN52mtRbz33T3oeUlLVv0dD5XkyyoYuAHwG+r0Q6uJnvfbMHSxPi6sDYyIXM
yGdsVZMxRvpQ31XXBQPNGvTCBZ+9Fl99BT9z9J7360QgUj9zzZqlDiurc2V+KiT8
W3vLE6m1rwhLAvQAXubdiE0Qiz3TJIojZyiMC5Li7B/EqSnuBrWefv9G8MVtXlbR
icnHXEH53M8OrW9vUTSuJPl/GdgQCY/HcxrwMWdRkKUPY5vz+gQaj5XVfjBsN1zs
czg9evEZbDTlQD39luDuq5WUqvL68VyrXmOBtrAT09FlemfDu64FzwzxLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMQ0o9B3TwbbfxDisgJ+eJtQGPlfMB8GA1UdIwQY
MBaAFLlWZ7FcunyqdBUnSERzhPvgO4k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEt
NzQ0ZGNkMDE0ZmE0LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEtNzQ0ZGNkMDE0ZmE0
LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj75UfNuz
Q6IB7a+uqbh1gbCTqzA1lua9v7MdHIhLDxpjM7dWEhk/8aslHSYoAPgKXlmm5MfW
ZI0kTXQC0bWAJfj/6qGsHKYO4iFxPq6uGH4HY5pFaxdpLAw/FHndOzsr/3HuTMq3
TthRR6UAbw5Zh+hVsMb6Ca5CnsXeL9TYt2+JdYZpD2AX9tZw0XrtuR3xEpqo9+8e
JAHzrO/9pgX0JcevOVHwZPFhXclxqwbj20fVQ6a5PS3vKrqPsu0L9x05WIgAWHxc
0Vp820GPhLhczjIwvJ/6UhAuE91wuVUhuszJLyH8uSBPcUwSAY5KL++AWeWtyOBG
7XjIgWyanKtLSQ==
-----END CERTIFICATE-----