Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
File:                     UDCmlphoVt51uCLWrpX-ATE4IK8.mft (raw, json)
Hash identifier:          bCkiqk1za9Tjg9sTZ/iWQf1wHLNlibG4l/cPOUXwE68=
Subject key identifier:   AF:2F:54:7D:BF:69:C4:87:41:F2:D7:C7:85:36:C5:6A:2E:CC:01:71
Authority key identifier: 50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF
Certificate issuer:       /CN=5030a696986856de75b822d6ae95fe01313820af
Certificate serial:       0196C4956F039A393C84B695ED8B73C4BBC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
Manifest number:          0F30
Signing time:             Mon 12 May 2025 13:00:49 +0000
Manifest this update:     Mon 12 May 2025 13:00:49 +0000
Manifest next update:     Tue 13 May 2025 13:00:49 +0000
Files and hashes:         1: UDCmlphoVt51uCLWrpX-ATE4IK8.crl (hash: zoA0zKSYDuHbAimhCy0A3do3I0cx6KRpo1zxZk43uCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c4:95:6f:03:9a:39:3c:84:b6:95:ed:8b:73:c4:bb:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5030a696986856de75b822d6ae95fe01313820af
        Validity
            Not Before: May 12 13:00:49 2025 GMT
            Not After : May 13 13:00:49 2025 GMT
        Subject: CN=af2f547dbf69c48741f2d7c78536c56a2ecc0171
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:70:68:dd:96:71:18:7e:06:24:39:e1:d6:e6:
                    5e:c5:39:63:aa:d2:fc:41:49:8a:4a:b8:cf:17:93:
                    30:95:d6:e9:45:18:77:fb:d8:b7:12:6b:91:01:e7:
                    d7:6d:4b:d6:60:b5:25:4b:02:d2:91:ef:13:fa:84:
                    e7:91:bc:30:03:5b:8c:52:02:7a:aa:fa:b8:50:df:
                    df:d2:e4:41:c2:d7:66:b9:bc:5e:b4:4e:6e:94:cc:
                    13:ed:b6:04:9a:0c:79:da:b9:c5:65:16:aa:59:29:
                    1b:bc:28:34:f7:99:96:0d:2b:6d:58:a6:69:e4:11:
                    8e:1b:dd:1a:0f:b0:66:0c:70:d9:e9:a0:85:d4:2f:
                    a7:45:0d:27:ab:cf:fd:3c:73:41:a1:12:65:e6:48:
                    d8:15:2b:27:f4:0e:e6:14:c2:ea:6a:63:27:bc:29:
                    36:95:a6:82:f1:28:ae:33:85:7f:3a:3c:5c:7e:de:
                    f1:19:5c:ce:8c:a1:91:34:bd:71:94:f0:47:4e:f3:
                    ba:24:48:58:98:5b:4a:39:db:e1:43:31:c6:90:3b:
                    87:54:e9:ac:8c:a0:71:e8:9c:ff:96:2a:01:60:89:
                    8d:a6:c4:4a:ab:d4:04:68:ad:c3:d3:fa:1e:2a:07:
                    20:11:3a:44:60:8b:ae:fa:ff:c8:3c:44:96:e0:82:
                    37:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:2F:54:7D:BF:69:C4:87:41:F2:D7:C7:85:36:C5:6A:2E:CC:01:71
            X509v3 Authority Key Identifier:
                keyid:50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:70:c0:a4:cb:c0:66:a2:5d:73:d0:61:0f:fc:5b:75:54:98:
         67:36:73:a5:f2:7c:05:c6:71:80:a2:31:c4:0a:32:64:a6:02:
         99:1d:bd:d8:f3:49:da:67:43:95:a7:d5:64:47:00:4e:3e:a5:
         f9:ac:eb:76:01:1a:07:e7:a4:75:ad:41:2b:f0:9b:90:ce:8c:
         fc:d8:72:9f:79:b9:74:c0:57:f8:21:df:8a:0a:5c:10:3b:14:
         24:8f:49:e8:11:89:99:e2:a0:23:ed:5d:c8:f7:22:18:9d:aa:
         41:46:d6:f6:ca:32:f0:3a:b3:40:fb:6c:e3:1d:f2:e3:43:85:
         07:22:bd:e3:a0:59:f1:10:db:01:78:4e:95:d8:db:82:dc:3d:
         cf:f0:30:96:be:fc:01:f6:92:cf:29:f8:02:4a:1e:92:d6:58:
         09:3b:09:80:49:78:dd:ed:6c:a9:d1:d6:55:f2:b5:fc:9a:24:
         c9:08:fe:ad:8c:87:84:3c:5a:e7:98:c5:7f:be:58:60:e3:7e:
         25:79:65:13:3f:ec:1a:fa:06:f4:c1:ed:36:f2:d1:2e:72:b8:
         f0:46:b5:53:db:58:63:95:0d:72:93:e2:c5:36:0a:58:c3:fa:
         73:ff:38:8f:71:be:3a:92:ca:5e:aa:0f:b5:3b:ae:2c:3e:8b:
         03:9b:b9:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbElW8Dmjk8hLaV7YtzxLvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMzBhNjk2OTg2ODU2ZGU3NWI4MjJkNmFlOTVmZTAxMzEz
ODIwYWYwHhcNMjUwNTEyMTMwMDQ5WhcNMjUwNTEzMTMwMDQ5WjAzMTEwLwYDVQQD
EyhhZjJmNTQ3ZGJmNjljNDg3NDFmMmQ3Yzc4NTM2YzU2YTJlY2MwMTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnBo3ZZxGH4GJDnh1uZexTljqtL8
QUmKSrjPF5MwldbpRRh3+9i3EmuRAefXbUvWYLUlSwLSke8T+oTnkbwwA1uMUgJ6
qvq4UN/f0uRBwtdmubxetE5ulMwT7bYEmgx52rnFZRaqWSkbvCg095mWDSttWKZp
5BGOG90aD7BmDHDZ6aCF1C+nRQ0nq8/9PHNBoRJl5kjYFSsn9A7mFMLqamMnvCk2
laaC8SiuM4V/Ojxcft7xGVzOjKGRNL1xlPBHTvO6JEhYmFtKOdvhQzHGkDuHVOms
jKBx6Jz/lioBYImNpsRKq9QEaK3D0/oeKgcgETpEYIuu+v/IPESW4II3oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8vVH2/acSHQfLXx4U2xWouzAFxMB8GA1UdIwQY
MBaAFFAwppaYaFbedbgi1q6V/gExOCCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUt
ZTUyNTI1ZGIxMmRiLzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUtZTUyNTI1ZGIxMmRi
LzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnHDApMvA
ZqJdc9BhD/xbdVSYZzZzpfJ8BcZxgKIxxAoyZKYCmR292PNJ2mdDlafVZEcATj6l
+azrdgEaB+ekda1BK/CbkM6M/Nhyn3m5dMBX+CHfigpcEDsUJI9J6BGJmeKgI+1d
yPciGJ2qQUbW9soy8DqzQPts4x3y40OFByK946BZ8RDbAXhOldjbgtw9z/Awlr78
AfaSzyn4AkoektZYCTsJgEl43e1sqdHWVfK1/JokyQj+rYyHhDxa55jFf75YYON+
JXllEz/sGvoG9MHtNvLRLnK48Ea1U9tYY5UNcpPixTYKWMP6c/84j3G+OpLKXqoP
tTuuLD6LA5u5gg==
-----END CERTIFICATE-----