Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
File:                     UdspKXLBDGn5fs0k8vtptPZ3beg.mft (raw, json)
Hash identifier:          xJ6MjMLF6WSXwnEJLowhStSaG/Y9DehuMdX4iLN1LhE=
Subject key identifier:   2F:53:C4:57:5C:A7:63:2B:D2:6F:2E:11:62:68:F6:A1:45:7A:2F:3E
Authority key identifier: 51:DB:29:29:72:C1:0C:69:F9:7E:CD:24:F2:FB:69:B4:F6:77:6D:E8
Certificate issuer:       /CN=51db292972c10c69f97ecd24f2fb69b4f6776de8
Certificate serial:       0197B6A1961F10E23F112FC4A71C7D86974E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:02:12 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:12 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:12 +0000
Files and hashes:         1: UdspKXLBDGn5fs0k8vtptPZ3beg.crl (hash: u1PdqJgt+9LsHIXWCbEtjduGMki0QO8ZLFHlnIF841o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:96:1f:10:e2:3f:11:2f:c4:a7:1c:7d:86:97:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51db292972c10c69f97ecd24f2fb69b4f6776de8
        Validity
            Not Before: Jun 28 13:02:12 2025 GMT
            Not After : Jun 29 13:02:12 2025 GMT
        Subject: CN=2f53c4575ca7632bd26f2e116268f6a1457a2f3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:8b:e8:d2:d9:93:da:fd:d9:2f:89:5c:d2:1c:
                    0e:be:f9:f7:a7:8b:5b:28:3b:a3:e6:57:70:9c:bb:
                    63:4b:93:90:a9:4f:ac:3d:ac:71:a2:40:fa:77:b8:
                    c0:9a:e1:76:9b:30:c7:9c:3f:9b:ad:a3:43:dc:d7:
                    43:60:38:07:ea:34:3f:56:dc:e8:b0:61:3a:d9:94:
                    c4:f9:e3:c4:85:bb:a3:32:db:e6:c0:ff:23:8d:6d:
                    27:8f:ec:d9:1d:4b:3c:f4:32:bf:c5:d4:1b:3d:f2:
                    26:ab:a5:85:d1:36:8a:98:27:1a:6a:50:50:31:fb:
                    89:3a:87:21:84:3f:a5:37:75:f3:52:0d:ca:fe:d4:
                    ea:cd:80:87:cc:4d:4f:70:29:d9:90:09:d8:f6:ff:
                    6e:8f:1d:e0:eb:6b:fb:32:97:75:74:fb:bf:59:4d:
                    20:fb:93:68:c0:13:a0:d3:8d:4e:47:5b:99:3e:2a:
                    c5:65:b3:65:f4:c8:6a:01:4b:23:52:51:ac:94:1b:
                    ec:98:40:5d:4b:98:3a:1a:15:e5:23:be:e1:e2:51:
                    82:84:b7:72:1c:aa:58:a8:d9:8d:3d:6f:df:49:d2:
                    d5:f1:ea:92:84:e9:bd:32:d8:d9:f3:cd:61:cf:34:
                    82:1e:53:1b:4e:44:c7:88:05:77:d2:52:77:89:26:
                    d0:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:53:C4:57:5C:A7:63:2B:D2:6F:2E:11:62:68:F6:A1:45:7A:2F:3E
            X509v3 Authority Key Identifier:
                keyid:51:DB:29:29:72:C1:0C:69:F9:7E:CD:24:F2:FB:69:B4:F6:77:6D:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:ff:11:fd:8f:55:72:a6:e8:67:6f:c0:0d:59:98:4c:06:66:
         49:89:f7:0e:bd:bc:01:15:69:9a:c7:94:fd:dd:63:9b:e1:26:
         07:10:c5:1e:16:85:2b:5e:ac:42:76:30:17:5d:f2:4d:03:42:
         67:82:cf:d0:62:9e:f3:4f:0f:17:d4:a4:3c:b7:9a:24:0c:72:
         ea:77:48:ba:a1:b5:a4:59:59:76:6a:c7:6b:39:c7:06:32:8f:
         16:7e:10:76:79:c6:6e:ae:29:cc:12:de:26:7a:62:fa:43:95:
         d0:a7:ad:c1:3f:89:df:9d:c0:f7:08:94:5e:59:95:f2:57:22:
         a9:e6:8e:60:a0:ea:db:2b:63:fd:e9:16:33:e0:0b:03:b3:73:
         c9:cf:e9:b6:9d:13:2b:15:09:67:a0:30:71:d6:a4:3a:71:5d:
         c4:1d:1c:86:a4:4a:b9:8d:85:32:87:54:b1:8c:2d:3c:32:39:
         d0:7f:ed:3d:06:70:33:2b:56:ae:e1:af:21:bd:b2:49:7e:37:
         a7:4b:9f:15:56:aa:5b:8b:2b:8b:5e:67:1c:e8:58:ef:bc:f5:
         a1:f4:43:fc:77:38:5a:c6:20:d8:14:1d:21:47:12:65:ec:6b:
         7d:1e:ca:a0:22:ad:c7:8f:73:d4:cc:2f:7f:fe:d9:fa:96:09:
         44:11:a3:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZYfEOI/ES/Epxx9hpdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZGIyOTI5NzJjMTBjNjlmOTdlY2QyNGYyZmI2OWI0ZjY3
NzZkZTgwHhcNMjUwNjI4MTMwMjEyWhcNMjUwNjI5MTMwMjEyWjAzMTEwLwYDVQQD
EygyZjUzYzQ1NzVjYTc2MzJiZDI2ZjJlMTE2MjY4ZjZhMTQ1N2EyZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIvo0tmT2v3ZL4lc0hwOvvn3p4tb
KDuj5ldwnLtjS5OQqU+sPaxxokD6d7jAmuF2mzDHnD+braND3NdDYDgH6jQ/Vtzo
sGE62ZTE+ePEhbujMtvmwP8jjW0nj+zZHUs89DK/xdQbPfImq6WF0TaKmCcaalBQ
MfuJOochhD+lN3XzUg3K/tTqzYCHzE1PcCnZkAnY9v9ujx3g62v7Mpd1dPu/WU0g
+5NowBOg041OR1uZPirFZbNl9MhqAUsjUlGslBvsmEBdS5g6GhXlI77h4lGChLdy
HKpYqNmNPW/fSdLV8eqShOm9MtjZ881hzzSCHlMbTkTHiAV30lJ3iSbQFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9TxFdcp2Mr0m8uEWJo9qFFei8+MB8GA1UdIwQY
MBaAFFHbKSlywQxp+X7NJPL7abT2d23oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8wYmM5NTUtMjVkZS00Nzk4LWIzY2Ut
NmVhZjlkYWJhZTBmLzEvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8wYmM5NTUtMjVkZS00Nzk4LWIzY2UtNmVhZjlkYWJhZTBm
LzEvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANf8R/Y9V
cqboZ2/ADVmYTAZmSYn3Dr28ARVpmseU/d1jm+EmBxDFHhaFK16sQnYwF13yTQNC
Z4LP0GKe808PF9SkPLeaJAxy6ndIuqG1pFlZdmrHaznHBjKPFn4QdnnGbq4pzBLe
Jnpi+kOV0KetwT+J353A9wiUXlmV8lciqeaOYKDq2ytj/ekWM+ALA7Nzyc/ptp0T
KxUJZ6AwcdakOnFdxB0chqRKuY2FModUsYwtPDI50H/tPQZwMytWruGvIb2ySX43
p0ufFVaqW4sri15nHOhY77z1ofRD/Hc4WsYg2BQdIUcSZexrfR7KoCKtx49z1Mwv
f/7Z+pYJRBGjjQ==
-----END CERTIFICATE-----