Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft
File:                     uo1nmL3QsriAXUOzRV92c5uUbx0.mft (raw, json)
Hash identifier:          2hH12t0fvf4ca39jP9A4/Ub0c0ouyucRhlfC2T364Lo=
Subject key identifier:   A4:CD:B6:48:FD:38:83:95:6E:7F:DA:E4:3F:6A:0D:E9:91:92:37:97
Authority key identifier: BA:8D:67:98:BD:D0:B2:B8:80:5D:43:B3:45:5F:76:73:9B:94:6F:1D
Certificate issuer:       /CN=ba8d6798bdd0b2b8805d43b3455f76739b946f1d
Certificate serial:       01969E9B392F19C6FCAE12E2110148E10EAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uo1nmL3QsriAXUOzRV92c5uUbx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft
Manifest number:          14B3
Signing time:             Mon 05 May 2025 04:01:34 +0000
Manifest this update:     Mon 05 May 2025 04:01:34 +0000
Manifest next update:     Tue 06 May 2025 04:01:34 +0000
Files and hashes:         1: uo1nmL3QsriAXUOzRV92c5uUbx0.crl (hash: l4HhFgx20Jm5kM8jhGk951HnL6qy+FQhV8CsPRDX3DE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uo1nmL3QsriAXUOzRV92c5uUbx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9b:39:2f:19:c6:fc:ae:12:e2:11:01:48:e1:0e:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba8d6798bdd0b2b8805d43b3455f76739b946f1d
        Validity
            Not Before: May  5 04:01:34 2025 GMT
            Not After : May  6 04:01:34 2025 GMT
        Subject: CN=a4cdb648fd3883956e7fdae43f6a0de991923797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c5:f9:9b:1c:45:ff:3e:74:e2:b3:3e:0d:96:
                    6e:23:e1:6e:1e:5b:9b:cc:05:84:f8:a5:91:83:37:
                    52:ce:1d:e1:35:84:9a:36:20:d5:28:6e:7a:ec:04:
                    5a:a1:06:45:b2:aa:64:ec:94:b5:e1:f1:55:a8:67:
                    00:ee:04:9d:29:c5:e3:73:9c:48:7b:26:49:71:94:
                    87:07:d8:7e:64:ed:7e:12:4d:94:5d:c6:eb:89:fc:
                    4e:b0:c5:af:21:11:81:38:fa:be:b1:11:67:d8:9d:
                    bd:13:6e:a7:b3:b9:97:02:be:ee:4f:0b:a8:7f:c2:
                    b3:85:6b:79:37:4f:a4:42:4d:da:d1:77:7a:76:22:
                    32:cf:32:62:cf:99:62:c3:c3:dc:79:82:b2:a3:6b:
                    82:98:b3:15:66:18:46:66:73:f1:a3:a8:9f:40:3b:
                    cd:d4:f6:30:dd:4e:6c:0a:75:43:0b:ce:a4:ab:d2:
                    46:ee:f2:a3:5c:de:d7:3a:24:41:f8:5b:86:dd:ee:
                    dc:ca:e7:c7:f9:d0:60:09:80:ce:57:c9:e1:39:20:
                    01:0f:07:bf:f0:d7:8a:c7:69:c8:dc:86:1d:6b:91:
                    88:06:59:28:2b:36:90:97:45:03:e1:be:f1:36:96:
                    cf:3f:13:a4:ad:b0:84:06:2d:1f:82:45:da:eb:18:
                    ae:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:CD:B6:48:FD:38:83:95:6E:7F:DA:E4:3F:6A:0D:E9:91:92:37:97
            X509v3 Authority Key Identifier:
                keyid:BA:8D:67:98:BD:D0:B2:B8:80:5D:43:B3:45:5F:76:73:9B:94:6F:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uo1nmL3QsriAXUOzRV92c5uUbx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:9b:0c:7c:eb:5e:75:e4:a4:ee:f6:a3:a3:49:a5:71:fd:6a:
         96:35:80:9a:f5:76:67:55:76:6f:b3:5f:09:89:f3:49:e6:5b:
         18:7e:84:98:63:af:8b:03:fc:37:59:fe:b3:05:0a:77:3a:82:
         e4:9d:ad:56:15:7a:d9:30:4d:62:fc:25:3a:b3:80:82:30:32:
         e9:9d:94:71:88:df:ca:9b:03:70:ab:f0:fd:bc:da:f2:44:f9:
         fc:58:37:02:7c:7e:b0:de:27:07:bc:4d:bc:c3:df:aa:cb:74:
         ff:b3:3e:87:b3:b3:4e:36:37:88:fa:17:37:29:c6:1d:b3:c5:
         76:43:ee:30:45:79:83:84:74:ed:51:2b:be:4e:de:b6:ea:39:
         df:6e:21:3d:b9:6c:f5:32:6c:04:9b:27:f5:61:aa:05:dc:eb:
         e9:b7:21:59:ac:64:e8:19:7f:fd:97:f4:8c:83:40:77:73:57:
         62:6b:e8:3a:50:9d:81:43:46:c8:75:43:d3:aa:be:ff:ab:82:
         02:98:bc:6c:1d:51:d7:93:14:87:80:f0:72:8d:95:f2:8e:21:
         1a:64:e5:db:95:3c:a1:2c:92:22:08:ee:54:78:8f:36:3c:70:
         8e:a7:e7:01:37:98:3c:02:02:8f:5f:44:27:39:e4:66:88:41:
         ec:df:f1:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemzkvGcb8rhLiEQFI4Q6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOGQ2Nzk4YmRkMGIyYjg4MDVkNDNiMzQ1NWY3NjczOWI5
NDZmMWQwHhcNMjUwNTA1MDQwMTM0WhcNMjUwNTA2MDQwMTM0WjAzMTEwLwYDVQQD
EyhhNGNkYjY0OGZkMzg4Mzk1NmU3ZmRhZTQzZjZhMGRlOTkxOTIzNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8X5mxxF/z504rM+DZZuI+FuHlub
zAWE+KWRgzdSzh3hNYSaNiDVKG567ARaoQZFsqpk7JS14fFVqGcA7gSdKcXjc5xI
eyZJcZSHB9h+ZO1+Ek2UXcbrifxOsMWvIRGBOPq+sRFn2J29E26ns7mXAr7uTwuo
f8KzhWt5N0+kQk3a0Xd6diIyzzJiz5liw8PceYKyo2uCmLMVZhhGZnPxo6ifQDvN
1PYw3U5sCnVDC86kq9JG7vKjXN7XOiRB+FuG3e7cyufH+dBgCYDOV8nhOSABDwe/
8NeKx2nI3IYda5GIBlkoKzaQl0UD4b7xNpbPPxOkrbCEBi0fgkXa6xiuAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTNtkj9OIOVbn/a5D9qDemRkjeXMB8GA1UdIwQY
MBaAFLqNZ5i90LK4gF1Ds0VfdnOblG8dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW8xbm1MM1FzcmlBWFVPelJWOTJjNXVVYngwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy82OGI1N2ItZDE4ZC00Nzg1LTk3YjAt
ZWM1NmMwYjA4MWFlLzEvdW8xbm1MM1FzcmlBWFVPelJWOTJjNXVVYngwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy82OGI1N2ItZDE4ZC00Nzg1LTk3YjAtZWM1NmMwYjA4MWFl
LzEvdW8xbm1MM1FzcmlBWFVPelJWOTJjNXVVYngwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKJsMfOte
deSk7vajo0mlcf1qljWAmvV2Z1V2b7NfCYnzSeZbGH6EmGOviwP8N1n+swUKdzqC
5J2tVhV62TBNYvwlOrOAgjAy6Z2UcYjfypsDcKvw/bza8kT5/Fg3Anx+sN4nB7xN
vMPfqst0/7M+h7OzTjY3iPoXNynGHbPFdkPuMEV5g4R07VErvk7etuo5324hPbls
9TJsBJsn9WGqBdzr6bchWaxk6Bl//Zf0jINAd3NXYmvoOlCdgUNGyHVD06q+/6uC
Api8bB1R15MUh4Dwco2V8o4hGmTl25U8oSySIgjuVHiPNjxwjqfnATeYPAICj19E
JznkZohB7N/xtw==
-----END CERTIFICATE-----