Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
File:                     U1zc9HjqgOsXXEwwd-efy3DF0jA.mft (raw, json)
Hash identifier:          ZlJ9U4kqPbbY57qS07HgS++Lgs4VS4IQB6wNpPC/nzk=
Subject key identifier:   80:96:0E:27:80:92:2C:DB:B3:EE:48:29:29:AB:0B:82:77:C8:72:F4
Authority key identifier: 53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30
Certificate issuer:       /CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
Certificate serial:       0196DC665BE7B0A3C4D487AEF88FBF0C32E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
Manifest number:          099B
Signing time:             Sat 17 May 2025 04:00:17 +0000
Manifest this update:     Sat 17 May 2025 04:00:17 +0000
Manifest next update:     Sun 18 May 2025 04:00:17 +0000
Files and hashes:         1: U1zc9HjqgOsXXEwwd-efy3DF0jA.crl (hash: AcitioSjmoHwXBD3LSqwagcLGrULC1REIBc/2p05R1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 18 May 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:dc:66:5b:e7:b0:a3:c4:d4:87:ae:f8:8f:bf:0c:32:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
        Validity
            Not Before: May 17 04:00:17 2025 GMT
            Not After : May 18 04:00:17 2025 GMT
        Subject: CN=80960e2780922cdbb3ee482929ab0b8277c872f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:8d:ca:48:d4:76:6d:bc:9f:1e:3f:06:48:6e:
                    92:69:b5:cf:d9:d6:ee:bd:99:82:dd:26:66:dd:33:
                    17:b8:d5:22:0e:5b:4a:53:ae:95:1f:69:ef:c9:a8:
                    18:a9:22:2f:6f:e2:bd:79:db:fc:50:4e:75:1c:ee:
                    d8:2e:86:22:39:dd:97:7e:c7:15:9b:fd:13:26:77:
                    c9:35:04:eb:bf:b2:78:6a:e5:bb:2d:69:07:bb:82:
                    80:67:29:26:c2:ea:48:8f:97:a0:91:8c:e2:17:d7:
                    56:0b:d7:30:94:5a:ba:12:4e:b4:06:51:88:16:a4:
                    3e:fc:bb:f7:e8:49:ab:11:48:eb:52:a6:38:19:af:
                    18:1b:82:bb:bd:75:f3:ab:8f:2b:85:66:b9:ee:b3:
                    99:77:0b:6c:2f:43:4d:d6:13:79:7d:21:55:7f:2e:
                    ee:a1:b0:cc:f5:73:ab:14:ba:09:2e:50:a6:63:24:
                    e1:fc:39:49:f2:fe:aa:3a:d5:e1:75:37:4d:15:c6:
                    72:ae:d8:cd:4d:dc:e3:b7:fd:91:7e:e7:bd:b4:b0:
                    13:4a:73:7c:21:cd:28:cd:29:8e:be:89:31:6d:6c:
                    74:16:2e:fe:87:be:f6:af:5d:b8:30:ee:53:22:3a:
                    e4:d0:4d:ca:4b:da:65:8d:ad:52:07:a8:0d:8f:9c:
                    ea:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:96:0E:27:80:92:2C:DB:B3:EE:48:29:29:AB:0B:82:77:C8:72:F4
            X509v3 Authority Key Identifier:
                keyid:53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:c1:b1:68:5b:85:57:a5:91:9c:35:fe:9e:f6:fb:55:b4:0e:
         a2:27:ad:65:f6:8c:b5:37:7b:b4:af:45:72:95:6b:e6:fc:7d:
         77:84:87:a5:23:1c:c9:9f:12:3f:85:4e:10:2e:eb:45:ea:ff:
         f3:01:9c:43:be:c4:66:7e:ad:79:af:76:6e:05:68:6f:d8:a0:
         23:e0:a0:05:97:9b:56:99:9b:ad:f2:71:a2:05:89:ac:31:0b:
         50:33:4c:47:a5:09:ec:b6:03:41:be:65:32:cb:e1:d8:36:17:
         57:4b:fd:35:a3:de:47:f5:10:df:71:6f:c1:60:06:b5:f8:47:
         00:52:07:29:4a:02:9a:e4:72:74:83:cb:92:ef:49:d0:b7:e9:
         bd:d4:1c:48:7b:92:7a:e2:ea:6e:fe:dc:f3:26:f8:41:48:de:
         93:ec:72:a3:84:9e:4b:e2:d0:3e:5b:55:d2:61:b6:fe:2a:8a:
         c0:aa:49:da:a1:52:a6:eb:3f:de:ba:74:68:2a:0f:eb:11:c1:
         cf:df:52:15:bc:fa:e5:8d:03:71:39:a0:42:f9:44:46:5d:bd:
         62:4a:66:e6:7d:23:c1:31:be:ba:3e:7b:7c:34:64:27:f3:5b:
         fc:53:44:fd:96:82:25:82:a0:b5:59:e4:30:23:f8:10:2c:e7:
         b9:9c:96:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbcZlvnsKPE1Ieu+I+/DDLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWNkY2Y0NzhlYTgwZWIxNzVjNGMzMDc3ZTc5ZmNiNzBj
NWQyMzAwHhcNMjUwNTE3MDQwMDE3WhcNMjUwNTE4MDQwMDE3WjAzMTEwLwYDVQQD
Eyg4MDk2MGUyNzgwOTIyY2RiYjNlZTQ4MjkyOWFiMGI4Mjc3Yzg3MmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn43KSNR2bbyfHj8GSG6SabXP2dbu
vZmC3SZm3TMXuNUiDltKU66VH2nvyagYqSIvb+K9edv8UE51HO7YLoYiOd2XfscV
m/0TJnfJNQTrv7J4auW7LWkHu4KAZykmwupIj5egkYziF9dWC9cwlFq6Ek60BlGI
FqQ+/Lv36EmrEUjrUqY4Ga8YG4K7vXXzq48rhWa57rOZdwtsL0NN1hN5fSFVfy7u
obDM9XOrFLoJLlCmYyTh/DlJ8v6qOtXhdTdNFcZyrtjNTdzjt/2Rfue9tLATSnN8
Ic0ozSmOvokxbWx0Fi7+h772r124MO5TIjrk0E3KS9plja1SB6gNj5zqewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICWDieAkizbs+5IKSmrC4J3yHL0MB8GA1UdIwQY
MBaAFFNc3PR46oDrF1xMMHfnn8twxdIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAt
OTg5ZjUzYjJjYWUwLzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAtOTg5ZjUzYjJjYWUw
LzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAecGxaFuF
V6WRnDX+nvb7VbQOoietZfaMtTd7tK9FcpVr5vx9d4SHpSMcyZ8SP4VOEC7rRer/
8wGcQ77EZn6tea92bgVob9igI+CgBZebVpmbrfJxogWJrDELUDNMR6UJ7LYDQb5l
Msvh2DYXV0v9NaPeR/UQ33FvwWAGtfhHAFIHKUoCmuRydIPLku9J0LfpvdQcSHuS
euLqbv7c8yb4QUjek+xyo4SeS+LQPltV0mG2/iqKwKpJ2qFSpus/3rp0aCoP6xHB
z99SFbz65Y0DcTmgQvlERl29Ykpm5n0jwTG+uj57fDRkJ/Nb/FNE/ZaCJYKgtVnk
MCP4ECznuZyW6A==
-----END CERTIFICATE-----