Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
File:                     uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json)
Hash identifier:          gDR8x5Mj4i37nim4/ARijtFRLXqvhtlmu+vIus3IpMk=
Subject key identifier:   6E:04:BF:D5:53:7E:B9:5F:04:DC:8A:85:0A:14:78:D8:4E:80:6E:69
Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E
Certificate issuer:       /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
Certificate serial:       0197BF6CE401698B0FCAA01037839AD838F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
Manifest number:          053B
Signing time:             Mon 30 Jun 2025 06:01:13 +0000
Manifest this update:     Mon 30 Jun 2025 06:01:13 +0000
Manifest next update:     Tue 01 Jul 2025 06:01:13 +0000
Files and hashes:         1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: B72JyeDuXhE7nuifNmNFDmo+JytWWoNmvs+xso4Z1mk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 06:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:bf:6c:e4:01:69:8b:0f:ca:a0:10:37:83:9a:d8:38:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
        Validity
            Not Before: Jun 30 06:01:13 2025 GMT
            Not After : Jul  1 06:01:13 2025 GMT
        Subject: CN=6e04bfd5537eb95f04dc8a850a1478d84e806e69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d3:69:f8:0a:c7:78:eb:8b:e3:26:fe:d5:53:
                    0d:26:7b:e5:73:ec:74:30:25:8a:fb:25:bd:7c:a5:
                    b1:03:58:c9:c7:09:67:c9:75:11:0d:8e:e0:8e:16:
                    11:9f:f2:80:78:ba:df:8c:02:33:49:7c:83:f1:c1:
                    5f:68:09:0c:41:7b:f6:66:df:d5:b5:35:5f:14:a2:
                    64:c5:96:a6:37:96:67:00:6c:42:43:49:8f:1b:a8:
                    6d:ee:ab:23:36:b3:3d:fd:dc:e5:97:35:da:a4:35:
                    80:46:b2:81:d4:d7:a9:3d:64:ac:e3:8b:97:58:67:
                    5c:76:52:08:3a:05:9d:12:ef:3c:e6:f9:c3:5c:62:
                    1b:47:75:50:9f:6b:8e:79:49:17:dd:ac:a8:99:d3:
                    9a:b7:96:45:98:85:44:62:5d:89:d7:95:47:6c:b7:
                    62:7d:34:34:5f:8c:e9:ee:db:0a:52:15:91:95:85:
                    c9:97:2e:f2:9b:e2:f7:22:3e:71:6c:c5:c5:c1:2a:
                    80:7f:a0:f9:fe:16:bb:8a:4a:b7:dd:ee:9d:c9:7f:
                    54:b9:40:82:9f:fe:b1:72:a4:b7:61:22:56:b1:ba:
                    40:30:f5:1b:4b:5c:ea:b2:84:8a:ec:05:2a:c0:d6:
                    bc:00:db:64:d4:c5:80:08:5b:63:07:12:83:ad:72:
                    f2:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:04:BF:D5:53:7E:B9:5F:04:DC:8A:85:0A:14:78:D8:4E:80:6E:69
            X509v3 Authority Key Identifier:
                keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:44:bb:de:70:d3:3f:92:a8:3e:25:03:ac:ca:74:48:e9:d4:
         45:1e:fe:56:d7:5a:d6:2f:f3:52:61:28:64:d2:a7:69:46:ee:
         97:9d:6a:8c:4e:01:e2:cf:99:ea:73:b7:34:83:e0:f8:59:01:
         64:eb:4c:aa:3b:32:9a:a6:62:1c:c2:a5:03:18:6a:05:c8:8d:
         52:76:38:4d:f8:da:ac:c1:d3:3f:1b:9d:05:04:50:3d:ec:8e:
         cc:b8:26:1c:3e:64:2c:3f:20:39:75:b7:28:88:38:a0:88:ed:
         8f:fe:5a:5b:63:f4:87:9a:bd:0c:2b:39:53:de:96:9d:3c:a4:
         8c:e5:98:26:00:24:27:16:d7:54:79:60:5f:93:6b:a6:21:77:
         51:6c:a8:7f:b6:6e:7f:6e:68:35:d6:44:34:8a:37:d5:77:6e:
         07:57:03:83:03:ce:1d:cd:b8:23:72:ca:11:37:05:40:ae:4f:
         ee:c3:c3:51:54:2d:2a:f7:a5:76:72:62:52:40:ed:19:42:88:
         ff:f3:bc:91:37:a9:d7:01:22:b7:c8:36:58:39:bd:89:4e:eb:
         21:27:3b:7d:9e:bf:58:67:32:84:11:c4:25:e8:db:32:4c:33:
         01:a5:e0:4a:75:54:f0:5e:e1:9a:72:4c:18:5a:f9:bc:77:6d:
         e9:cd:c2:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe/bOQBaYsPyqAQN4Oa2Dj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2
ODExOGUwHhcNMjUwNjMwMDYwMTEzWhcNMjUwNzAxMDYwMTEzWjAzMTEwLwYDVQQD
Eyg2ZTA0YmZkNTUzN2ViOTVmMDRkYzhhODUwYTE0NzhkODRlODA2ZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdNp+ArHeOuL4yb+1VMNJnvlc+x0
MCWK+yW9fKWxA1jJxwlnyXURDY7gjhYRn/KAeLrfjAIzSXyD8cFfaAkMQXv2Zt/V
tTVfFKJkxZamN5ZnAGxCQ0mPG6ht7qsjNrM9/dzllzXapDWARrKB1NepPWSs44uX
WGdcdlIIOgWdEu885vnDXGIbR3VQn2uOeUkX3ayomdOat5ZFmIVEYl2J15VHbLdi
fTQ0X4zp7tsKUhWRlYXJly7ym+L3Ij5xbMXFwSqAf6D5/ha7ikq33e6dyX9UuUCC
n/6xcqS3YSJWsbpAMPUbS1zqsoSK7AUqwNa8ANtk1MWACFtjBxKDrXLySQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG4Ev9VTfrlfBNyKhQoUeNhOgG5pMB8GA1UdIwQY
MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt
YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj
LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUES73nDT
P5KoPiUDrMp0SOnURR7+Vtda1i/zUmEoZNKnaUbul51qjE4B4s+Z6nO3NIPg+FkB
ZOtMqjsymqZiHMKlAxhqBciNUnY4TfjarMHTPxudBQRQPeyOzLgmHD5kLD8gOXW3
KIg4oIjtj/5aW2P0h5q9DCs5U96WnTykjOWYJgAkJxbXVHlgX5NrpiF3UWyof7Zu
f25oNdZENIo31XduB1cDgwPOHc24I3LKETcFQK5P7sPDUVQtKveldnJiUkDtGUKI
//O8kTep1wEit8g2WDm9iU7rISc7fZ6/WGcyhBHEJejbMkwzAaXgSnVU8F7hmnJM
GFr5vHdt6c3CJg==
-----END CERTIFICATE-----