Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
File:                     uvzQImt58j3kemr95RRLGynii1w.mft (raw, json)
Hash identifier:          BULbd5mDgeSsSd2XtkakvlV8zM7/EcAFE6HzC73G+4M=
Subject key identifier:   86:68:97:DE:F3:D5:C6:C5:3D:D2:E5:91:65:95:26:66:8E:01:27:AB
Authority key identifier: BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C
Certificate issuer:       /CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
Certificate serial:       0196CBA9BEEC5A960AC08873EBFC506D7A37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
Manifest number:          0712
Signing time:             Tue 13 May 2025 22:00:21 +0000
Manifest this update:     Tue 13 May 2025 22:00:21 +0000
Manifest next update:     Wed 14 May 2025 22:00:21 +0000
Files and hashes:         1: uvzQImt58j3kemr95RRLGynii1w.crl (hash: hOVh86AmyL0wtaCW++q5wNCOvVsmSODVQ+movwpCbrA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 22:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:a9:be:ec:5a:96:0a:c0:88:73:eb:fc:50:6d:7a:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
        Validity
            Not Before: May 13 22:00:21 2025 GMT
            Not After : May 14 22:00:21 2025 GMT
        Subject: CN=866897def3d5c6c53dd2e591659526668e0127ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:58:34:8e:07:3b:fc:45:bc:03:35:30:ed:1c:
                    5e:84:fc:4e:75:01:dc:c1:09:68:49:ec:8b:47:58:
                    0c:56:eb:a6:7b:f3:93:f1:a6:40:81:4d:25:38:52:
                    57:6f:87:91:3a:e2:53:cb:e7:80:c1:35:93:24:dd:
                    ff:e5:4d:fa:da:b9:25:12:29:48:00:51:29:ca:87:
                    f6:ff:a1:ac:9e:e7:20:12:96:94:0d:27:6e:6b:4d:
                    61:4a:fa:1d:1b:13:7f:b4:b5:8a:da:14:78:36:82:
                    b9:19:d0:d5:33:cb:f3:ae:8f:6e:9f:0c:08:f7:ca:
                    64:2e:07:ac:53:42:ef:e3:56:3c:f7:0b:fd:22:7b:
                    44:ca:ed:ed:66:47:29:4f:a6:d1:f0:29:ae:65:7b:
                    e7:8f:ac:54:b2:0c:72:53:32:e3:3d:05:f3:d9:11:
                    5e:21:88:1d:eb:f3:54:47:c2:17:a7:87:02:9e:23:
                    da:7c:af:e7:fa:f5:14:11:ec:67:67:64:ca:f1:f5:
                    07:fc:26:80:20:72:90:5d:8b:f1:86:76:33:a6:7a:
                    e3:c4:bc:fa:74:89:cd:16:f6:2b:8f:61:49:13:d0:
                    73:70:7f:de:27:a2:86:30:9e:96:50:be:e8:5c:8c:
                    60:2b:c4:db:c6:15:ce:65:10:02:f1:ac:32:76:c0:
                    a4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:68:97:DE:F3:D5:C6:C5:3D:D2:E5:91:65:95:26:66:8E:01:27:AB
            X509v3 Authority Key Identifier:
                keyid:BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:20:8c:62:1f:67:08:aa:b1:ff:39:6f:e1:c4:f1:bd:26:f9:
         87:94:6a:43:7f:36:bb:56:a2:ee:d9:ec:c9:c2:f0:29:a1:0f:
         d8:21:be:b0:c2:c8:e7:3c:b0:ea:0d:a4:e6:9c:9f:81:0c:24:
         d7:46:33:7d:00:08:63:6c:2f:31:bc:f6:80:28:34:32:cd:bb:
         ff:24:5a:f2:4b:1b:e0:f6:99:15:7a:08:10:6b:28:a2:1f:ef:
         01:aa:42:f6:55:e8:42:ab:44:ce:5e:05:f1:10:c2:49:7d:f8:
         1e:21:2f:42:43:04:31:b2:ac:47:9b:4b:8e:90:bf:d2:40:00:
         2a:dd:6e:2f:bc:58:1b:95:ae:95:4c:04:3e:3d:4a:03:c3:f8:
         0f:e3:8d:bc:e4:61:b7:0e:28:2d:17:64:9d:ba:20:32:59:65:
         8f:a7:f8:4d:a0:e4:ef:19:fd:49:12:8f:b4:dd:e6:b0:c3:e6:
         13:45:bc:f7:b7:8f:47:57:f3:9e:c6:ad:31:1b:2d:af:63:03:
         67:8d:2a:90:df:77:c9:ff:8c:7d:4c:d1:6f:b3:50:4a:30:92:
         ee:1f:61:61:dc:76:1b:54:a7:84:81:93:45:61:a3:cd:78:9d:
         30:67:5d:ba:9e:e1:3f:12:47:e7:4a:87:6e:89:20:67:01:c3:
         cc:69:31:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLqb7sWpYKwIhz6/xQbXo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhZmNkMDIyNmI3OWYyM2RlNDdhNmFmZGU1MTQ0YjFiMjll
MjhiNWMwHhcNMjUwNTEzMjIwMDIxWhcNMjUwNTE0MjIwMDIxWjAzMTEwLwYDVQQD
Eyg4NjY4OTdkZWYzZDVjNmM1M2RkMmU1OTE2NTk1MjY2NjhlMDEyN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylg0jgc7/EW8AzUw7RxehPxOdQHc
wQloSeyLR1gMVuume/OT8aZAgU0lOFJXb4eROuJTy+eAwTWTJN3/5U362rklEilI
AFEpyof2/6GsnucgEpaUDSdua01hSvodGxN/tLWK2hR4NoK5GdDVM8vzro9unwwI
98pkLgesU0Lv41Y89wv9IntEyu3tZkcpT6bR8CmuZXvnj6xUsgxyUzLjPQXz2RFe
IYgd6/NUR8IXp4cCniPafK/n+vUUEexnZ2TK8fUH/CaAIHKQXYvxhnYzpnrjxLz6
dInNFvYrj2FJE9BzcH/eJ6KGMJ6WUL7oXIxgK8TbxhXOZRAC8awydsCkzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZol97z1cbFPdLlkWWVJmaOASerMB8GA1UdIwQY
MBaAFLr80CJrefI95Hpq/eUUSxsp4otcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82YTEyY2UtYWZiYy00NTgzLTk3NzMt
YzE4MTM5NDdlMjMzLzEvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82YTEyY2UtYWZiYy00NTgzLTk3NzMtYzE4MTM5NDdlMjMz
LzEvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdyCMYh9n
CKqx/zlv4cTxvSb5h5RqQ382u1ai7tnsycLwKaEP2CG+sMLI5zyw6g2k5pyfgQwk
10YzfQAIY2wvMbz2gCg0Ms27/yRa8ksb4PaZFXoIEGsooh/vAapC9lXoQqtEzl4F
8RDCSX34HiEvQkMEMbKsR5tLjpC/0kAAKt1uL7xYG5WulUwEPj1KA8P4D+ONvORh
tw4oLRdknbogMlllj6f4TaDk7xn9SRKPtN3msMPmE0W897ePR1fznsatMRstr2MD
Z40qkN93yf+MfUzRb7NQSjCS7h9hYdx2G1SnhIGTRWGjzXidMGddup7hPxJH50qH
bokgZwHDzGkxSw==
-----END CERTIFICATE-----