Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          wv+jO/rpHo2na8f7NtyXIyTZw6cb8nyEs9wTRg1DWR4=
Subject key identifier:   D3:1E:CC:F5:7D:5C:48:AB:3C:04:63:88:EC:7B:6F:BB:56:30:23:F7
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       0196C270261C85BDF0C5BDAD835351DE9522
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          0263
Signing time:             Mon 12 May 2025 03:00:51 +0000
Manifest this update:     Mon 12 May 2025 03:00:51 +0000
Manifest next update:     Tue 13 May 2025 03:00:51 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: 7EHMjD65iZ9eAmdsZ0yaOPRA/55YQ+OnhOYSgI/xNSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:70:26:1c:85:bd:f0:c5:bd:ad:83:53:51:de:95:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: May 12 03:00:51 2025 GMT
            Not After : May 13 03:00:51 2025 GMT
        Subject: CN=d31eccf57d5c48ab3c046388ec7b6fbb563023f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f7:ac:f1:2d:7f:8c:4c:6f:30:05:2d:c5:82:
                    e3:74:8f:21:ee:fe:b4:93:1f:0a:7c:cf:21:95:9e:
                    b9:29:5e:ec:04:f3:3b:de:ed:ef:99:ee:c3:27:b7:
                    e1:d2:a2:2d:86:62:18:0d:fc:97:83:a6:6c:1f:c2:
                    c9:b7:cc:54:7f:8d:67:d5:af:11:16:73:66:3a:db:
                    be:68:e1:20:ab:10:7d:a5:d9:2c:e1:c8:2e:70:02:
                    e4:97:08:9a:29:ae:45:75:5f:07:35:9f:87:74:a7:
                    e4:1b:67:31:48:f0:16:6b:ce:18:de:28:bf:ce:88:
                    39:78:90:ff:9a:9d:64:71:50:7a:86:b2:72:9e:7a:
                    21:fd:1a:d6:cf:eb:0f:47:80:c5:e7:41:69:e8:70:
                    7f:b8:93:e9:01:7d:3c:b1:b0:11:bc:e8:b6:f9:d1:
                    b5:ee:72:9b:7e:6a:23:7f:46:5b:06:61:47:2e:5f:
                    03:87:2c:a2:45:28:6a:32:ea:2a:e1:29:62:cf:80:
                    87:fb:00:b0:28:d4:32:b6:79:c9:1f:99:99:e8:d4:
                    e8:ed:2a:6b:b6:4b:f7:0d:02:fe:5b:63:54:bd:4f:
                    31:cf:6b:37:5b:80:b9:96:08:5e:9a:12:4a:79:23:
                    33:e8:e3:16:22:39:b8:8f:91:01:a1:24:f2:38:5d:
                    8c:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:1E:CC:F5:7D:5C:48:AB:3C:04:63:88:EC:7B:6F:BB:56:30:23:F7
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:42:90:46:3d:37:68:dd:21:44:94:fe:e0:2b:c5:3e:1f:13:
         aa:42:05:ed:b7:4d:d2:33:77:4a:ca:f2:ac:4c:2b:d2:b3:7d:
         fa:3d:bc:e4:65:1a:8f:e7:fb:0a:ac:da:a2:23:1c:27:e2:79:
         c5:e5:09:58:dc:ae:e1:d6:68:b5:f1:c6:75:74:f6:e2:d5:f0:
         92:11:6c:da:b1:09:f4:55:df:f4:62:68:0e:fe:50:4a:f5:29:
         7b:cd:b1:3f:06:70:08:01:5a:1c:d3:7a:7d:3a:5d:53:93:7a:
         63:99:b9:53:c4:e7:b6:f6:f5:5a:86:4e:9e:3b:88:89:c6:55:
         4e:69:40:70:98:14:c0:b9:34:27:80:e3:c8:07:53:a6:40:c2:
         28:5d:15:27:8b:e3:74:4e:40:f2:73:3a:2f:d4:81:ae:05:7c:
         d5:42:ae:5f:4c:ce:c4:b9:0a:c4:f3:3c:b0:37:eb:aa:67:26:
         1a:e5:9b:cb:94:b8:c3:80:1a:00:d7:8d:61:75:21:63:b5:66:
         22:51:2d:8e:a3:54:fa:69:15:b7:37:74:88:14:1e:16:11:d8:
         78:ba:a1:65:cc:4f:f2:81:94:53:9b:48:4a:b4:b4:80:25:03:
         35:51:a3:c6:f6:32:b1:72:65:23:18:36:39:39:d6:93:14:37:
         5d:8a:50:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCcCYchb3wxb2tg1NR3pUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjUwNTEyMDMwMDUxWhcNMjUwNTEzMDMwMDUxWjAzMTEwLwYDVQQD
EyhkMzFlY2NmNTdkNWM0OGFiM2MwNDYzODhlYzdiNmZiYjU2MzAyM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPes8S1/jExvMAUtxYLjdI8h7v60
kx8KfM8hlZ65KV7sBPM73u3vme7DJ7fh0qIthmIYDfyXg6ZsH8LJt8xUf41n1a8R
FnNmOtu+aOEgqxB9pdks4cgucALklwiaKa5FdV8HNZ+HdKfkG2cxSPAWa84Y3ii/
zog5eJD/mp1kcVB6hrJynnoh/RrWz+sPR4DF50Fp6HB/uJPpAX08sbARvOi2+dG1
7nKbfmojf0ZbBmFHLl8DhyyiRShqMuoq4Sliz4CH+wCwKNQytnnJH5mZ6NTo7Spr
tkv3DQL+W2NUvU8xz2s3W4C5lghemhJKeSMz6OMWIjm4j5EBoSTyOF2MdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMezPV9XEirPARjiOx7b7tWMCP3MB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOUKQRj03
aN0hRJT+4CvFPh8TqkIF7bdN0jN3SsryrEwr0rN9+j285GUaj+f7CqzaoiMcJ+J5
xeUJWNyu4dZotfHGdXT24tXwkhFs2rEJ9FXf9GJoDv5QSvUpe82xPwZwCAFaHNN6
fTpdU5N6Y5m5U8Tntvb1WoZOnjuIicZVTmlAcJgUwLk0J4DjyAdTpkDCKF0VJ4vj
dE5A8nM6L9SBrgV81UKuX0zOxLkKxPM8sDfrqmcmGuWby5S4w4AaANeNYXUhY7Vm
IlEtjqNU+mkVtzd0iBQeFhHYeLqhZcxP8oGUU5tISrS0gCUDNVGjxvYysXJlIxg2
OTnWkxQ3XYpQlg==
-----END CERTIFICATE-----