Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft
File:                     uXhT3Vdz8qawcYefW567Dm9Ofao.mft (raw, json)
Hash identifier:          K07J5RZS2ya+ADKiruKvFwlZsrOSMWNTu/iaZwYUCoc=
Subject key identifier:   02:03:23:83:69:A2:C4:77:E6:08:9E:61:1A:CE:97:82:7F:5E:A9:08
Authority key identifier: B9:78:53:DD:57:73:F2:A6:B0:71:87:9F:5B:9E:BB:0E:6F:4E:7D:AA
Certificate issuer:       /CN=b97853dd5773f2a6b071879f5b9ebb0e6f4e7daa
Certificate serial:       0197C681707A78F2A8C96733D669A69C1FFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uXhT3Vdz8qawcYefW567Dm9Ofao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft
Manifest number:          154F
Signing time:             Tue 01 Jul 2025 15:01:01 +0000
Manifest this update:     Tue 01 Jul 2025 15:01:01 +0000
Manifest next update:     Wed 02 Jul 2025 15:01:01 +0000
Files and hashes:         1: uXhT3Vdz8qawcYefW567Dm9Ofao.crl (hash: SpBIwDJBWVdBMnDDQwIoxkh7LPAa+5ZP6IkceLXyito=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uXhT3Vdz8qawcYefW567Dm9Ofao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 15:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:81:70:7a:78:f2:a8:c9:67:33:d6:69:a6:9c:1f:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b97853dd5773f2a6b071879f5b9ebb0e6f4e7daa
        Validity
            Not Before: Jul  1 15:01:01 2025 GMT
            Not After : Jul  2 15:01:01 2025 GMT
        Subject: CN=0203238369a2c477e6089e611ace97827f5ea908
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9a:b8:de:01:1a:e7:78:e0:a9:5d:c5:5c:3c:
                    f0:ad:93:d2:2b:eb:80:f4:b2:f3:6e:24:40:22:6b:
                    b5:f1:a1:97:a1:a2:52:06:7b:68:95:da:3c:6f:26:
                    ee:10:01:98:81:4c:83:83:ee:ea:1e:95:16:64:40:
                    11:ab:ba:24:44:f0:15:bc:60:41:53:1a:fb:ab:b9:
                    01:f8:99:6b:76:9e:a5:d3:78:bf:47:af:25:e7:56:
                    79:e1:f3:af:cd:69:ae:aa:8a:d3:f9:2a:10:67:1f:
                    36:09:7f:d4:0b:f9:8f:c6:a0:7a:9a:ea:a4:6f:a6:
                    d5:9c:3b:0b:64:dd:ce:c9:25:f0:c1:68:c4:5e:ea:
                    1d:93:5e:26:12:d1:c2:04:f6:e7:2c:3a:30:87:46:
                    0d:9b:74:dc:03:6f:28:f0:9f:4a:fe:b1:e0:bc:4e:
                    ef:7f:5c:53:27:d3:71:bf:55:41:29:9c:62:c7:38:
                    b4:6d:2e:40:a4:7e:14:bd:43:ba:92:2a:10:0c:fa:
                    02:fa:98:dc:47:9b:4d:fc:cd:0f:8e:1d:99:e4:e2:
                    b7:d7:94:93:db:91:aa:47:d8:a9:a5:07:fc:f1:02:
                    86:80:58:9c:bd:a6:f6:88:2f:c3:a9:4a:e2:ee:e5:
                    97:f3:84:6e:de:8a:7b:64:96:7d:20:2d:22:6a:db:
                    84:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:03:23:83:69:A2:C4:77:E6:08:9E:61:1A:CE:97:82:7F:5E:A9:08
            X509v3 Authority Key Identifier:
                keyid:B9:78:53:DD:57:73:F2:A6:B0:71:87:9F:5B:9E:BB:0E:6F:4E:7D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXhT3Vdz8qawcYefW567Dm9Ofao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:de:4d:4f:17:bc:b9:a2:81:54:65:55:18:69:2a:97:1a:0a:
         70:60:31:98:7d:11:f4:e6:8f:57:94:3b:c9:40:b9:f8:c6:ed:
         23:14:78:ce:51:cc:18:6d:e7:9c:14:fd:06:6b:82:5c:80:f4:
         24:6c:0e:a9:a1:c9:28:6e:31:ad:7c:1c:d1:e8:0e:25:1d:c0:
         e9:78:ae:5d:03:49:9c:a4:c2:31:9b:d9:d7:ae:7d:5d:6f:47:
         3d:f6:dc:9f:e0:8e:24:c1:e6:e7:7a:46:7c:c8:e6:08:2d:8c:
         d9:b4:f5:f0:34:b5:bb:d6:f9:cc:3e:bd:3c:13:57:c3:7c:81:
         88:66:13:b5:f9:8e:cb:ad:a7:a5:56:f3:80:0b:0b:1a:f7:96:
         db:12:3a:0f:df:70:47:57:d7:31:67:ba:e1:32:24:fc:16:81:
         3d:13:04:ef:b8:fd:46:a3:e5:ea:52:7c:26:92:4c:6c:53:99:
         3c:1f:6f:7a:84:5b:cf:c0:d0:34:74:74:f5:d1:c0:58:9b:3a:
         9b:1e:49:2f:d3:35:46:db:f8:c5:38:7d:e7:67:85:5a:b9:e1:
         2d:63:85:98:4a:d4:39:13:73:b8:6f:96:23:21:36:55:44:24:
         a3:87:7a:bc:30:ad:ce:38:06:a3:02:1e:83:4d:90:db:8c:4a:
         7f:48:00:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGgXB6ePKoyWcz1mmmnB/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Nzg1M2RkNTc3M2YyYTZiMDcxODc5ZjViOWViYjBlNmY0
ZTdkYWEwHhcNMjUwNzAxMTUwMTAxWhcNMjUwNzAyMTUwMTAxWjAzMTEwLwYDVQQD
EygwMjAzMjM4MzY5YTJjNDc3ZTYwODllNjExYWNlOTc4MjdmNWVhOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJq43gEa53jgqV3FXDzwrZPSK+uA
9LLzbiRAImu18aGXoaJSBntoldo8bybuEAGYgUyDg+7qHpUWZEARq7okRPAVvGBB
Uxr7q7kB+Jlrdp6l03i/R68l51Z54fOvzWmuqorT+SoQZx82CX/UC/mPxqB6muqk
b6bVnDsLZN3OySXwwWjEXuodk14mEtHCBPbnLDowh0YNm3TcA28o8J9K/rHgvE7v
f1xTJ9Nxv1VBKZxixzi0bS5ApH4UvUO6kioQDPoC+pjcR5tN/M0Pjh2Z5OK315ST
25GqR9ippQf88QKGgFicvab2iC/DqUri7uWX84Ru3op7ZJZ9IC0iatuElwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIDI4NposR35gieYRrOl4J/XqkIMB8GA1UdIwQY
MBaAFLl4U91Xc/KmsHGHn1ueuw5vTn2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhoVDNWZHo4cWF3Y1llZlc1NjdEbTlPZmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTNiNjYtYWYzNS00OWQxLWJkNzgt
N2ZmODQ0M2Q5YzIxLzEvdVhoVDNWZHo4cWF3Y1llZlc1NjdEbTlPZmFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTNiNjYtYWYzNS00OWQxLWJkNzgtN2ZmODQ0M2Q5YzIx
LzEvdVhoVDNWZHo4cWF3Y1llZlc1NjdEbTlPZmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQd5NTxe8
uaKBVGVVGGkqlxoKcGAxmH0R9OaPV5Q7yUC5+MbtIxR4zlHMGG3nnBT9BmuCXID0
JGwOqaHJKG4xrXwc0egOJR3A6XiuXQNJnKTCMZvZ1659XW9HPfbcn+COJMHm53pG
fMjmCC2M2bT18DS1u9b5zD69PBNXw3yBiGYTtfmOy62npVbzgAsLGveW2xI6D99w
R1fXMWe64TIk/BaBPRME77j9RqPl6lJ8JpJMbFOZPB9veoRbz8DQNHR09dHAWJs6
mx5JL9M1Rtv4xTh952eFWrnhLWOFmErUORNzuG+WIyE2VUQko4d6vDCtzjgGowIe
g02Q24xKf0gAsA==
-----END CERTIFICATE-----