Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
File:                     UJFp9pOVg8wdvmUtulwMglBAoBI.mft (raw, json)
Hash identifier:          9cjpJT2ecGp98M6C7AAtrKlLGeDFDsC/20EVZXBjRSQ=
Subject key identifier:   31:F4:4F:6B:82:04:0B:5F:A6:F8:D6:E6:32:26:B0:E5:DA:16:51:54
Authority key identifier: 50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12
Certificate issuer:       /CN=509169f6939583cc1dbe652dba5c0c825040a012
Certificate serial:       0197B6A1DC1404CBCAE93D2B2C84B02FD10D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
Manifest number:          0259
Signing time:             Sat 28 Jun 2025 13:02:30 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:30 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:30 +0000
Files and hashes:         1: UJFp9pOVg8wdvmUtulwMglBAoBI.crl (hash: uTJAAJUwWHWB2uW66SkwSPSyJnKvFuPpZPsFt6P24fs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:dc:14:04:cb:ca:e9:3d:2b:2c:84:b0:2f:d1:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509169f6939583cc1dbe652dba5c0c825040a012
        Validity
            Not Before: Jun 28 13:02:30 2025 GMT
            Not After : Jun 29 13:02:30 2025 GMT
        Subject: CN=31f44f6b82040b5fa6f8d6e63226b0e5da165154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:34:47:44:bc:c3:f2:4e:47:23:c3:b6:02:52:
                    f3:89:79:de:0e:80:dd:5c:c6:0b:3b:70:de:b5:5a:
                    b8:6f:e6:f4:7b:ba:ba:19:db:69:62:20:a5:d7:77:
                    10:69:13:d8:c6:b0:49:74:27:1f:12:2b:03:9c:7b:
                    5f:f7:cd:37:8a:65:5a:f7:8a:ff:bb:f9:00:fc:c4:
                    9b:6b:aa:b1:6f:dc:5e:22:a0:04:ee:00:cb:d2:a5:
                    be:02:6f:a4:7b:9c:a9:05:c0:6a:58:7f:46:90:81:
                    ac:ab:e8:71:80:3a:52:11:6d:5b:91:24:70:7b:82:
                    1b:d7:7f:90:76:22:f9:69:c5:db:9c:e8:d1:8f:3a:
                    20:76:16:14:a9:48:49:d3:92:28:a7:2b:79:1a:1e:
                    ba:ac:87:c1:08:63:08:bc:ce:5f:a3:92:21:db:60:
                    42:47:09:db:e5:66:ad:59:e3:c3:06:24:aa:4d:c3:
                    c4:89:2c:9d:70:a1:98:04:99:e6:64:98:c8:8d:63:
                    2b:bc:05:78:d3:cc:08:07:6b:7e:aa:c1:96:b0:d8:
                    10:aa:24:fe:28:f6:3f:25:9e:d1:19:3c:29:71:fd:
                    0c:f1:c3:7e:c6:3d:50:75:20:ed:19:14:46:7e:d9:
                    46:d6:6f:5f:af:c3:dd:93:35:f7:0a:ef:58:f1:91:
                    c6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:F4:4F:6B:82:04:0B:5F:A6:F8:D6:E6:32:26:B0:E5:DA:16:51:54
            X509v3 Authority Key Identifier:
                keyid:50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:39:06:f2:d1:ab:0a:60:d4:18:93:08:05:0a:81:d1:a8:82:
         e9:5d:75:50:b7:7e:59:c8:6a:7d:2a:ae:66:51:9b:24:95:a1:
         db:66:b8:f5:cb:70:86:a7:e2:ed:6e:36:13:64:71:7f:3f:44:
         f5:ce:70:e3:7e:91:83:55:8b:23:3d:5f:2b:99:d8:ce:61:08:
         02:8e:a8:6f:17:56:c6:e9:f5:f5:e3:35:15:d8:dc:22:cc:be:
         66:06:b8:a7:dc:dc:ec:0f:b6:1a:c9:c7:d3:0e:47:6f:e3:f0:
         47:56:79:79:9a:30:fd:52:2b:02:22:7c:a3:c7:1f:cb:43:5d:
         54:d4:ac:36:11:de:7e:a3:17:34:b1:5a:e0:68:95:db:0d:54:
         25:09:d7:e9:99:78:c1:93:3a:36:d0:16:88:ca:64:87:e0:97:
         17:7d:d3:64:d2:c3:2b:02:bc:cb:b9:62:56:37:ce:ae:43:f5:
         be:21:96:f6:3f:9b:cc:6e:70:15:1c:42:9b:e0:73:e1:5c:e7:
         8e:4e:7e:85:9a:2a:4c:86:29:bb:b1:58:52:16:46:df:50:e7:
         8d:75:66:8d:33:66:89:70:1f:40:36:6c:3f:fc:50:8a:99:b1:
         c4:24:25:d0:12:99:a0:5f:5e:55:a7:29:ce:57:fc:e6:27:11:
         8a:cc:53:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2odwUBMvK6T0rLISwL9ENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTE2OWY2OTM5NTgzY2MxZGJlNjUyZGJhNWMwYzgyNTA0
MGEwMTIwHhcNMjUwNjI4MTMwMjMwWhcNMjUwNjI5MTMwMjMwWjAzMTEwLwYDVQQD
EygzMWY0NGY2YjgyMDQwYjVmYTZmOGQ2ZTYzMjI2YjBlNWRhMTY1MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jRHRLzD8k5HI8O2AlLziXneDoDd
XMYLO3DetVq4b+b0e7q6GdtpYiCl13cQaRPYxrBJdCcfEisDnHtf9803imVa94r/
u/kA/MSba6qxb9xeIqAE7gDL0qW+Am+ke5ypBcBqWH9GkIGsq+hxgDpSEW1bkSRw
e4Ib13+QdiL5acXbnOjRjzogdhYUqUhJ05Iopyt5Gh66rIfBCGMIvM5fo5Ih22BC
Rwnb5WatWePDBiSqTcPEiSydcKGYBJnmZJjIjWMrvAV408wIB2t+qsGWsNgQqiT+
KPY/JZ7RGTwpcf0M8cN+xj1QdSDtGRRGftlG1m9fr8PdkzX3Cu9Y8ZHGIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDH0T2uCBAtfpvjW5jImsOXaFlFUMB8GA1UdIwQY
MBaAFFCRafaTlYPMHb5lLbpcDIJQQKASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQt
NzU0NDEzYjk4ZGIyLzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQtNzU0NDEzYjk4ZGIy
LzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAljkG8tGr
CmDUGJMIBQqB0aiC6V11ULd+WchqfSquZlGbJJWh22a49ctwhqfi7W42E2Rxfz9E
9c5w436Rg1WLIz1fK5nYzmEIAo6obxdWxun19eM1FdjcIsy+Zga4p9zc7A+2GsnH
0w5Hb+PwR1Z5eZow/VIrAiJ8o8cfy0NdVNSsNhHefqMXNLFa4GiV2w1UJQnX6Zl4
wZM6NtAWiMpkh+CXF33TZNLDKwK8y7liVjfOrkP1viGW9j+bzG5wFRxCm+Bz4Vzn
jk5+hZoqTIYpu7FYUhZG31DnjXVmjTNmiXAfQDZsP/xQipmxxCQl0BKZoF9eVacp
zlf85icRisxTLA==
-----END CERTIFICATE-----