Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
File:                     UJFp9pOVg8wdvmUtulwMglBAoBI.mft (raw, json)
Hash identifier:          8ZOu67F/7mhYWsUaCIM/LsmmLeKocXI5z/ax6G18kvI=
Subject key identifier:   62:24:F6:7C:7A:E0:3F:EF:60:06:E1:CF:C0:1C:78:DA:83:2B:54:EE
Authority key identifier: 50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12
Certificate issuer:       /CN=509169f6939583cc1dbe652dba5c0c825040a012
Certificate serial:       0196BB5B21B26581E16FFCDB393BBA13ECDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
Manifest number:          01D7
Signing time:             Sat 10 May 2025 18:00:33 +0000
Manifest this update:     Sat 10 May 2025 18:00:33 +0000
Manifest next update:     Sun 11 May 2025 18:00:33 +0000
Files and hashes:         1: UJFp9pOVg8wdvmUtulwMglBAoBI.crl (hash: DM+IZpAKzyTnoSI45qpSDoGzJQw4a6UqBCFIsg05oPc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 18:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:5b:21:b2:65:81:e1:6f:fc:db:39:3b:ba:13:ec:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509169f6939583cc1dbe652dba5c0c825040a012
        Validity
            Not Before: May 10 18:00:33 2025 GMT
            Not After : May 11 18:00:33 2025 GMT
        Subject: CN=6224f67c7ae03fef6006e1cfc01c78da832b54ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:9d:45:83:95:63:ec:95:90:ce:19:dd:9b:28:
                    dc:43:46:c4:1b:83:6e:06:c0:cd:32:ce:14:26:78:
                    b2:c4:b6:ed:cd:77:69:f9:9b:a4:2f:75:62:6d:09:
                    01:71:f8:f8:1b:4c:35:2c:be:b4:1b:28:42:5e:b0:
                    36:ab:de:0b:21:0f:8a:94:f4:6d:93:d1:88:80:d2:
                    49:aa:f7:96:c3:a1:a3:1a:ee:78:62:15:61:75:5f:
                    53:05:25:8a:c0:bb:13:5f:36:be:5b:35:bd:c8:e9:
                    b3:40:96:a9:df:20:13:b7:10:cc:fb:9f:b2:ca:cc:
                    60:59:51:53:35:50:5f:39:36:ff:66:fb:21:5e:db:
                    0f:06:77:c9:15:90:db:5a:c2:b8:53:31:77:fd:de:
                    32:90:dd:59:66:df:97:a7:4f:44:c9:02:78:c1:39:
                    c6:c1:8a:90:81:37:44:61:24:aa:66:6c:34:35:7e:
                    6b:f1:36:13:4c:64:4d:b1:a8:5e:af:b2:0f:c6:7c:
                    9d:38:23:e4:14:03:f1:08:1a:a5:b2:97:da:00:a1:
                    7c:2d:ca:8f:fe:c5:39:16:8c:90:b8:fd:0e:77:e3:
                    30:3e:2f:5a:07:ff:d2:aa:d0:cd:0c:41:2d:46:a2:
                    28:46:01:42:27:41:fb:f2:fa:f9:32:29:b9:6a:f3:
                    d2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:24:F6:7C:7A:E0:3F:EF:60:06:E1:CF:C0:1C:78:DA:83:2B:54:EE
            X509v3 Authority Key Identifier:
                keyid:50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:41:b0:37:d3:07:cf:b4:1b:57:1f:f9:00:58:dc:28:32:7f:
         a6:50:1d:92:3c:3a:04:65:c0:43:79:01:ec:b7:4e:42:94:54:
         54:20:65:43:70:d5:33:30:8a:15:10:20:c7:34:e1:57:94:54:
         70:e3:1e:25:3b:a6:df:de:2d:1e:e2:04:0b:42:42:60:2f:14:
         cf:65:15:5f:f6:5e:28:8d:2d:24:40:02:e0:c2:fb:ca:8f:4e:
         f2:13:6c:84:e6:f4:da:2b:38:d1:74:95:7d:fb:c6:b7:2b:ed:
         0b:42:2f:23:ca:b4:d0:fa:a6:74:14:25:26:9a:53:d1:ea:a6:
         5d:a7:b8:42:25:fd:7f:60:db:ff:ad:2f:9a:58:58:9e:86:6c:
         79:1f:3c:72:63:aa:d5:a9:ae:90:87:0b:77:8c:f1:b8:5e:85:
         50:75:18:36:66:b0:51:9b:fc:9a:c4:44:0e:74:c8:6a:2a:1c:
         1e:5f:46:34:36:58:4b:be:3d:7f:8b:b3:78:eb:b2:9f:02:73:
         19:02:b6:01:3e:b7:f9:14:92:d5:68:ae:7c:c1:9a:04:c6:30:
         f4:76:11:e9:34:37:82:dd:40:3f:98:0e:0f:81:73:75:40:ef:
         fc:3a:08:a6:87:8d:dd:f0:0d:ce:47:9f:f5:e8:f6:a0:f5:eb:
         df:6c:77:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7WyGyZYHhb/zbOTu6E+zdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTE2OWY2OTM5NTgzY2MxZGJlNjUyZGJhNWMwYzgyNTA0
MGEwMTIwHhcNMjUwNTEwMTgwMDMzWhcNMjUwNTExMTgwMDMzWjAzMTEwLwYDVQQD
Eyg2MjI0ZjY3YzdhZTAzZmVmNjAwNmUxY2ZjMDFjNzhkYTgzMmI1NGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA051Fg5Vj7JWQzhndmyjcQ0bEG4Nu
BsDNMs4UJniyxLbtzXdp+ZukL3VibQkBcfj4G0w1LL60GyhCXrA2q94LIQ+KlPRt
k9GIgNJJqveWw6GjGu54YhVhdV9TBSWKwLsTXza+WzW9yOmzQJap3yATtxDM+5+y
ysxgWVFTNVBfOTb/ZvshXtsPBnfJFZDbWsK4UzF3/d4ykN1ZZt+Xp09EyQJ4wTnG
wYqQgTdEYSSqZmw0NX5r8TYTTGRNsaher7IPxnydOCPkFAPxCBqlspfaAKF8LcqP
/sU5FoyQuP0Od+MwPi9aB//SqtDNDEEtRqIoRgFCJ0H78vr5Mim5avPSmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGIk9nx64D/vYAbhz8AceNqDK1TuMB8GA1UdIwQY
MBaAFFCRafaTlYPMHb5lLbpcDIJQQKASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQt
NzU0NDEzYjk4ZGIyLzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQtNzU0NDEzYjk4ZGIy
LzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEGwN9MH
z7QbVx/5AFjcKDJ/plAdkjw6BGXAQ3kB7LdOQpRUVCBlQ3DVMzCKFRAgxzThV5RU
cOMeJTum394tHuIEC0JCYC8Uz2UVX/ZeKI0tJEAC4ML7yo9O8hNshOb02is40XSV
ffvGtyvtC0IvI8q00PqmdBQlJppT0eqmXae4QiX9f2Db/60vmlhYnoZseR88cmOq
1amukIcLd4zxuF6FUHUYNmawUZv8msREDnTIaiocHl9GNDZYS749f4uzeOuynwJz
GQK2AT63+RSS1WiufMGaBMYw9HYR6TQ3gt1AP5gOD4FzdUDv/DoIpoeN3fANzkef
9ej2oPXr32x3sA==
-----END CERTIFICATE-----