Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
File:                     uVZnsVy6fKp0FSdIRHOE--A7iTo.mft (raw, json)
Hash identifier:          rN6F83+3sP2CF/6TD2yZ1N8cZa9iFko5ybP+BhAYj0c=
Subject key identifier:   70:C7:A0:1F:77:48:3D:06:08:7F:A4:69:91:2D:AF:12:ED:08:E4:9E
Authority key identifier: B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A
Certificate issuer:       /CN=b95667b15cba7caa74152748447384fbe03b893a
Certificate serial:       0196B1EA09D1C9A07276210BC01A165436D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
Manifest number:          07DF
Signing time:             Thu 08 May 2025 22:00:27 +0000
Manifest this update:     Thu 08 May 2025 22:00:27 +0000
Manifest next update:     Fri 09 May 2025 22:00:27 +0000
Files and hashes:         1: uVZnsVy6fKp0FSdIRHOE--A7iTo.crl (hash: rq1G6AyaXw+f7NWbwIn39x1duu0QBu2LSX+heZR/vdM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:ea:09:d1:c9:a0:72:76:21:0b:c0:1a:16:54:36:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b95667b15cba7caa74152748447384fbe03b893a
        Validity
            Not Before: May  8 22:00:27 2025 GMT
            Not After : May  9 22:00:27 2025 GMT
        Subject: CN=70c7a01f77483d06087fa469912daf12ed08e49e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:1a:1a:51:11:b2:00:77:71:02:83:c2:90:75:
                    6f:de:74:54:e0:d3:25:cd:b0:9e:12:56:a7:c5:6e:
                    aa:fe:64:24:10:24:10:c2:14:5d:d7:35:64:ef:2e:
                    60:86:ce:5b:21:48:33:9f:93:e4:38:28:0e:18:05:
                    d9:db:80:79:a2:d9:70:47:2c:5b:86:14:98:5f:92:
                    39:c2:20:ef:36:a4:40:14:e6:ab:5d:e3:52:dd:bd:
                    13:58:e2:b2:b6:5f:1c:69:b0:ff:fb:74:d6:2d:5f:
                    a5:54:f4:6c:be:72:42:08:03:00:4e:6d:04:cb:22:
                    a1:47:6c:37:c9:09:72:c8:ee:a3:85:5a:39:78:a6:
                    59:31:82:01:39:85:be:5c:5f:04:3c:88:db:ee:20:
                    d4:96:63:ee:b9:eb:1e:6c:00:f2:48:c7:ca:f6:44:
                    fe:d1:ec:c6:9e:4e:a3:23:e0:e8:0f:92:b3:a1:40:
                    d5:2b:1b:1a:2f:02:b7:77:8b:e0:9b:ea:1c:f0:d4:
                    e5:f1:b8:a3:a9:f1:77:90:69:c2:ce:ce:2c:ce:08:
                    da:cf:3c:d9:e6:bf:54:82:ca:5e:c2:26:c5:c6:85:
                    94:80:99:4a:c5:2a:60:5c:fc:04:ec:56:b6:8d:5d:
                    16:78:71:65:f1:c3:03:21:92:e4:3e:32:06:eb:d5:
                    6f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:C7:A0:1F:77:48:3D:06:08:7F:A4:69:91:2D:AF:12:ED:08:E4:9E
            X509v3 Authority Key Identifier:
                keyid:B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:57:96:fc:29:c2:ca:90:ab:03:7c:37:a7:ac:a9:9e:78:be:
         27:62:09:b4:41:f8:fa:26:7c:66:0f:6a:f9:5f:ef:03:83:d2:
         a5:24:32:31:6d:55:d4:14:79:32:c0:62:7b:e9:c5:a8:a5:f6:
         a2:ce:99:e9:40:63:42:a4:fb:75:b8:e7:43:18:f6:f6:93:b2:
         30:c6:eb:23:ce:4e:e7:d3:34:fc:f7:68:0d:34:43:7d:0f:db:
         e7:5d:86:68:dd:07:d3:e0:98:2e:c9:3d:fc:35:44:66:c0:e3:
         26:5b:7d:17:77:27:61:2a:0b:e1:2f:72:7a:ca:93:1e:55:d5:
         4b:20:a3:b1:aa:59:ef:fb:aa:9d:37:e0:0e:fe:8b:f5:c7:ee:
         24:37:94:5a:4c:53:a4:49:82:a9:6f:d1:e5:f6:b9:12:34:b2:
         0d:88:11:4c:e3:bc:97:16:a4:00:42:09:90:50:c9:bb:e1:5b:
         83:cd:37:2b:34:a2:67:f8:bf:33:49:9f:c1:30:25:af:71:b6:
         e0:13:06:75:63:bc:c2:54:ba:9c:a4:85:b2:52:b1:d1:25:fd:
         2f:2d:9a:c0:b5:81:04:6c:c5:0b:f3:ce:d3:18:f0:94:9b:5e:
         8a:f5:ce:18:0e:1c:de:5f:14:37:f0:30:9f:8f:3a:d3:7e:29:
         23:d6:a4:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZax6gnRyaBydiELwBoWVDbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NTY2N2IxNWNiYTdjYWE3NDE1Mjc0ODQ0NzM4NGZiZTAz
Yjg5M2EwHhcNMjUwNTA4MjIwMDI3WhcNMjUwNTA5MjIwMDI3WjAzMTEwLwYDVQQD
Eyg3MGM3YTAxZjc3NDgzZDA2MDg3ZmE0Njk5MTJkYWYxMmVkMDhlNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RoaURGyAHdxAoPCkHVv3nRU4NMl
zbCeElanxW6q/mQkECQQwhRd1zVk7y5ghs5bIUgzn5PkOCgOGAXZ24B5otlwRyxb
hhSYX5I5wiDvNqRAFOarXeNS3b0TWOKytl8cabD/+3TWLV+lVPRsvnJCCAMATm0E
yyKhR2w3yQlyyO6jhVo5eKZZMYIBOYW+XF8EPIjb7iDUlmPuuesebADySMfK9kT+
0ezGnk6jI+DoD5KzoUDVKxsaLwK3d4vgm+oc8NTl8bijqfF3kGnCzs4szgjazzzZ
5r9UgspewibFxoWUgJlKxSpgXPwE7Fa2jV0WeHFl8cMDIZLkPjIG69VvcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDHoB93SD0GCH+kaZEtrxLtCOSeMB8GA1UdIwQY
MBaAFLlWZ7FcunyqdBUnSERzhPvgO4k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEt
NzQ0ZGNkMDE0ZmE0LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEtNzQ0ZGNkMDE0ZmE0
LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYVeW/CnC
ypCrA3w3p6ypnni+J2IJtEH4+iZ8Zg9q+V/vA4PSpSQyMW1V1BR5MsBie+nFqKX2
os6Z6UBjQqT7dbjnQxj29pOyMMbrI85O59M0/PdoDTRDfQ/b512GaN0H0+CYLsk9
/DVEZsDjJlt9F3cnYSoL4S9yesqTHlXVSyCjsapZ7/uqnTfgDv6L9cfuJDeUWkxT
pEmCqW/R5fa5EjSyDYgRTOO8lxakAEIJkFDJu+Fbg803KzSiZ/i/M0mfwTAlr3G2
4BMGdWO8wlS6nKSFslKx0SX9Ly2awLWBBGzFC/PO0xjwlJteivXOGA4c3l8UN/Aw
n486034pI9akXg==
-----END CERTIFICATE-----