Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
File:                     UDCmlphoVt51uCLWrpX-ATE4IK8.mft (raw, json)
Hash identifier:          QlcWgFuo+C4IXcZL/28lxIc4sXu68GIhwk4cMONLy5U=
Subject key identifier:   71:52:00:E5:D3:8B:3C:0C:24:30:03:C5:77:57:D1:25:84:15:4A:1B
Authority key identifier: 50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF
Certificate issuer:       /CN=5030a696986856de75b822d6ae95fe01313820af
Certificate serial:       0197B7EA54BEB7B8A9E0FEF5D2D49A163C49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
Manifest number:          0FAE
Signing time:             Sat 28 Jun 2025 19:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:16 +0000
Files and hashes:         1: UDCmlphoVt51uCLWrpX-ATE4IK8.crl (hash: WlomriSA1gpf3fzHpQyDU9akfwesAcyXvVu1kSyeZMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:54:be:b7:b8:a9:e0:fe:f5:d2:d4:9a:16:3c:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5030a696986856de75b822d6ae95fe01313820af
        Validity
            Not Before: Jun 28 19:01:16 2025 GMT
            Not After : Jun 29 19:01:16 2025 GMT
        Subject: CN=715200e5d38b3c0c243003c57757d12584154a1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:05:d6:05:83:da:75:74:61:41:1f:f4:f8:1b:
                    c5:20:94:32:90:ce:a4:21:2d:fc:56:1e:0f:41:e6:
                    f8:ef:7a:b7:c2:3a:96:aa:8a:13:9b:9c:6c:f9:fa:
                    ed:45:13:bc:0a:76:2c:98:74:6a:5c:c4:e5:29:08:
                    61:0f:d4:fc:ab:38:f2:a9:10:fa:65:60:3c:ef:7b:
                    95:a8:31:e5:48:67:b7:d2:aa:d1:bf:8d:60:8f:f0:
                    c5:f1:a8:92:39:76:e4:ed:a3:40:05:f1:48:47:01:
                    50:bc:71:4f:d3:5b:92:f5:85:89:3e:31:90:16:76:
                    a3:b6:30:f4:06:df:26:56:8c:10:6f:e3:55:52:dd:
                    12:82:6c:14:e9:43:33:20:40:f7:27:b7:64:9b:46:
                    7d:f8:b3:b0:cb:b1:26:fe:7d:6b:a8:a6:0d:24:6a:
                    f8:47:da:00:0c:4e:37:fa:52:a6:3a:c9:12:2f:04:
                    5e:9c:2c:1d:dd:28:77:54:2d:5b:f6:ca:52:1a:02:
                    35:31:96:71:59:54:a9:1b:c6:cf:07:ef:56:6e:a0:
                    d8:1d:f2:9f:0f:e2:0f:65:86:cf:3a:7b:b9:60:2c:
                    dd:18:52:68:53:8a:01:b5:c5:76:df:6c:9c:8e:9e:
                    e3:a1:6c:8d:50:71:21:c0:8b:13:9d:9f:b4:95:1d:
                    bc:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:52:00:E5:D3:8B:3C:0C:24:30:03:C5:77:57:D1:25:84:15:4A:1B
            X509v3 Authority Key Identifier:
                keyid:50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:56:02:15:f4:84:22:d7:3f:97:13:86:bc:f4:57:ce:c9:00:
         8d:5b:9a:8b:e8:63:a3:e4:73:25:bb:e1:8e:e5:36:0f:71:be:
         6a:b5:0d:e2:93:3a:38:25:2b:8f:3a:c2:7d:52:2d:06:7f:e8:
         0c:96:2d:a7:f4:d0:ed:34:62:e7:fe:cc:eb:61:84:01:40:c2:
         ec:0d:a5:b5:1e:02:16:f8:4f:de:aa:3e:e6:41:ed:3c:89:a8:
         20:cc:f7:79:4d:51:f7:ea:57:f5:f1:30:64:06:87:53:d6:a4:
         d5:22:36:3b:5d:f7:85:cd:18:c8:31:05:fb:3f:99:1f:76:af:
         4c:1a:2a:37:5d:c6:7b:cf:92:18:03:fc:9d:93:a7:28:4d:81:
         b2:2a:87:d1:a7:2f:3b:00:e3:de:45:5e:90:9b:7a:99:61:5e:
         e6:55:97:8c:60:29:50:df:bd:b3:2d:b4:c7:16:a3:9b:ab:44:
         7a:a0:24:e1:ba:bd:8e:c8:a7:89:eb:71:70:57:88:6d:6b:f2:
         07:8f:ca:a2:bd:4a:9e:98:ac:de:00:41:59:75:dc:48:b8:bf:
         62:42:cb:1f:3c:ef:8e:a3:f3:ac:59:d4:b3:d1:bb:46:95:7c:
         ab:bd:f6:db:55:bf:6f:64:02:3c:88:e3:0e:76:dc:46:bb:74:
         f3:30:3f:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36lS+t7ip4P710tSaFjxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMzBhNjk2OTg2ODU2ZGU3NWI4MjJkNmFlOTVmZTAxMzEz
ODIwYWYwHhcNMjUwNjI4MTkwMTE2WhcNMjUwNjI5MTkwMTE2WjAzMTEwLwYDVQQD
Eyg3MTUyMDBlNWQzOGIzYzBjMjQzMDAzYzU3NzU3ZDEyNTg0MTU0YTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogXWBYPadXRhQR/0+BvFIJQykM6k
IS38Vh4PQeb473q3wjqWqooTm5xs+frtRRO8CnYsmHRqXMTlKQhhD9T8qzjyqRD6
ZWA873uVqDHlSGe30qrRv41gj/DF8aiSOXbk7aNABfFIRwFQvHFP01uS9YWJPjGQ
FnajtjD0Bt8mVowQb+NVUt0SgmwU6UMzIED3J7dkm0Z9+LOwy7Em/n1rqKYNJGr4
R9oADE43+lKmOskSLwRenCwd3Sh3VC1b9spSGgI1MZZxWVSpG8bPB+9WbqDYHfKf
D+IPZYbPOnu5YCzdGFJoU4oBtcV232ycjp7joWyNUHEhwIsTnZ+0lR281wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFSAOXTizwMJDADxXdX0SWEFUobMB8GA1UdIwQY
MBaAFFAwppaYaFbedbgi1q6V/gExOCCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUt
ZTUyNTI1ZGIxMmRiLzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUtZTUyNTI1ZGIxMmRi
LzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJVYCFfSE
Itc/lxOGvPRXzskAjVuai+hjo+RzJbvhjuU2D3G+arUN4pM6OCUrjzrCfVItBn/o
DJYtp/TQ7TRi5/7M62GEAUDC7A2ltR4CFvhP3qo+5kHtPImoIMz3eU1R9+pX9fEw
ZAaHU9ak1SI2O133hc0YyDEF+z+ZH3avTBoqN13Ge8+SGAP8nZOnKE2BsiqH0acv
OwDj3kVekJt6mWFe5lWXjGApUN+9sy20xxajm6tEeqAk4bq9jsinietxcFeIbWvy
B4/Kor1Knpis3gBBWXXcSLi/YkLLHzzvjqPzrFnUs9G7RpV8q73221W/b2QCPIjj
DnbcRrt08zA/3Q==
-----END CERTIFICATE-----