Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
File:                     U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft (raw, json)
Hash identifier:          NgOeckPyM19JTz/3OMw9exbiFXQ9LDp/09bqiyXMur0=
Subject key identifier:   F9:6D:90:5A:EE:96:63:05:20:C5:47:FD:B0:05:1B:E1:72:15:86:B4
Authority key identifier: 53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6
Certificate issuer:       /CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
Certificate serial:       0196A31BE4D432C65E8A177D8D00BBFC1DF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
Manifest number:          1249
Signing time:             Tue 06 May 2025 01:00:36 +0000
Manifest this update:     Tue 06 May 2025 01:00:36 +0000
Manifest next update:     Wed 07 May 2025 01:00:36 +0000
Files and hashes:         1: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl (hash: ARvnAnJniqUiMrBJTwTdwIbsmaYdG1BECVfzpZXGXow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 01:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a3:1b:e4:d4:32:c6:5e:8a:17:7d:8d:00:bb:fc:1d:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
        Validity
            Not Before: May  6 01:00:36 2025 GMT
            Not After : May  7 01:00:36 2025 GMT
        Subject: CN=f96d905aee96630520c547fdb0051be1721586b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:4b:2b:e9:73:16:6b:f9:52:48:13:c4:a8:7e:
                    c1:af:35:c5:49:97:7c:be:f7:5e:23:58:d7:1f:18:
                    8f:ea:4e:4e:d5:fd:29:77:ad:06:6e:12:8c:69:20:
                    b5:f2:2a:d5:65:98:05:26:35:27:8e:3f:f0:36:33:
                    dd:3b:c0:d8:c9:cb:ec:ec:a7:1a:63:88:72:5d:ab:
                    07:c6:a7:98:ae:d6:97:7e:99:b7:c9:c4:81:9e:aa:
                    a9:5f:4f:bc:7e:e7:bc:9b:1b:31:03:b1:69:49:a9:
                    32:3d:7a:c6:9b:e4:d3:67:80:f3:56:55:af:d7:91:
                    36:fd:b5:e3:89:c1:df:0f:5d:d7:23:e4:37:fd:9e:
                    48:12:32:96:f7:c9:04:c7:94:03:3c:e4:4e:be:42:
                    49:14:7f:99:50:9d:c1:b6:15:9e:0b:5f:2c:6d:54:
                    25:c1:61:7e:b8:da:22:13:ac:61:f6:4f:fd:11:62:
                    fe:1b:7c:01:dc:69:d3:37:6f:f7:7c:86:32:d2:d8:
                    c7:c1:70:46:c5:58:fd:f9:95:d4:6b:88:23:8c:d8:
                    26:0a:ba:6a:8d:25:97:6c:8a:fb:99:df:fe:ec:bf:
                    17:34:e9:83:cc:6b:14:21:db:20:37:c0:68:04:f4:
                    a8:e4:1f:d3:f5:74:fd:48:a6:a4:cd:3d:38:e2:a3:
                    c3:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:6D:90:5A:EE:96:63:05:20:C5:47:FD:B0:05:1B:E1:72:15:86:B4
            X509v3 Authority Key Identifier:
                keyid:53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:41:9a:06:9a:8b:81:be:9a:3f:88:1b:78:a5:6d:72:6c:57:
         76:bd:c3:26:63:86:5d:84:11:93:39:4f:59:67:ef:69:fa:8f:
         4e:90:8b:7e:b5:a6:c3:db:50:c5:17:17:81:8b:84:1b:ba:e2:
         7f:15:76:52:d8:90:44:82:67:69:c8:d3:50:9f:49:94:cc:5d:
         af:60:ba:ae:95:67:04:c1:a7:71:bc:b7:10:ec:61:97:8b:2e:
         4a:2b:c1:20:d9:bd:92:f6:ab:b5:10:52:98:e1:ba:ef:fc:c5:
         55:ce:db:97:98:a2:bb:30:29:a9:7d:0a:46:ad:5c:1a:5e:8d:
         a1:86:5f:5f:b3:55:63:60:2f:49:31:fd:b0:5a:43:8b:2a:cb:
         83:b2:f6:74:65:10:bf:4d:b1:8e:8b:1a:fa:9a:18:52:5b:49:
         ac:cc:84:72:75:e9:6e:d8:4a:3e:39:29:a8:51:cb:81:e4:36:
         ff:92:99:54:23:ee:09:e3:03:8f:2a:60:15:3e:0f:30:37:14:
         42:0e:22:b9:8b:e4:43:a4:1a:e2:8f:ce:b3:d3:73:bc:c8:bb:
         41:8b:61:95:01:31:d8:a6:b1:2a:10:9a:2a:08:ef:4a:03:91:
         7f:7d:c9:4d:39:af:02:c4:52:76:d3:bf:ac:d9:04:d0:6c:0b:
         6f:a0:36:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZajG+TUMsZeihd9jQC7/B35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYTNjNGVlNjcwZGNlYTY4YjRkNzllYTZjMzE4NWZlMDI5
ZDk3YjYwHhcNMjUwNTA2MDEwMDM2WhcNMjUwNTA3MDEwMDM2WjAzMTEwLwYDVQQD
EyhmOTZkOTA1YWVlOTY2MzA1MjBjNTQ3ZmRiMDA1MWJlMTcyMTU4NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Usr6XMWa/lSSBPEqH7BrzXFSZd8
vvdeI1jXHxiP6k5O1f0pd60GbhKMaSC18irVZZgFJjUnjj/wNjPdO8DYycvs7Kca
Y4hyXasHxqeYrtaXfpm3ycSBnqqpX0+8fue8mxsxA7FpSakyPXrGm+TTZ4DzVlWv
15E2/bXjicHfD13XI+Q3/Z5IEjKW98kEx5QDPOROvkJJFH+ZUJ3BthWeC18sbVQl
wWF+uNoiE6xh9k/9EWL+G3wB3GnTN2/3fIYy0tjHwXBGxVj9+ZXUa4gjjNgmCrpq
jSWXbIr7md/+7L8XNOmDzGsUIdsgN8BoBPSo5B/T9XT9SKakzT044qPDNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPltkFrulmMFIMVH/bAFG+FyFYa0MB8GA1UdIwQY
MBaAFFOjxO5nDc6mi0156mwxhf4CnZe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjIt
MDQ0YzMyNTMxYWQzLzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjItMDQ0YzMyNTMxYWQz
LzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYkGaBpqL
gb6aP4gbeKVtcmxXdr3DJmOGXYQRkzlPWWfvafqPTpCLfrWmw9tQxRcXgYuEG7ri
fxV2UtiQRIJnacjTUJ9JlMxdr2C6rpVnBMGncby3EOxhl4suSivBINm9kvartRBS
mOG67/zFVc7bl5iiuzApqX0KRq1cGl6NoYZfX7NVY2AvSTH9sFpDiyrLg7L2dGUQ
v02xjosa+poYUltJrMyEcnXpbthKPjkpqFHLgeQ2/5KZVCPuCeMDjypgFT4PMDcU
Qg4iuYvkQ6Qa4o/Os9NzvMi7QYthlQEx2KaxKhCaKgjvSgORf33JTTmvAsRSdtO/
rNkE0GwLb6A2yA==
-----END CERTIFICATE-----