Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
File:                     U3YJ5EhhINufF7bT10v4VfJxV18.mft (raw, json)
Hash identifier:          7JjqT3z7pwCs/YlQ0RstnOidRMmdmQAwUamUbav7Xgc=
Subject key identifier:   6B:3D:13:66:9F:44:CA:38:B1:78:50:03:87:DB:68:D1:EE:D1:F0:04
Authority key identifier: 53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F
Certificate issuer:       /CN=537609e4486120db9f17b6d3d74bf855f271575f
Certificate serial:       0196A23FDD82416E84B3A499B4BBEC55BB32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
Manifest number:          0BA4
Signing time:             Mon 05 May 2025 21:00:16 +0000
Manifest this update:     Mon 05 May 2025 21:00:16 +0000
Manifest next update:     Tue 06 May 2025 21:00:16 +0000
Files and hashes:         1: U3YJ5EhhINufF7bT10v4VfJxV18.crl (hash: 3lZwtaOtz+yA6/MrFVd2adsOpS4TfthZZPmQ7BVWEH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 21:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a2:3f:dd:82:41:6e:84:b3:a4:99:b4:bb:ec:55:bb:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537609e4486120db9f17b6d3d74bf855f271575f
        Validity
            Not Before: May  5 21:00:16 2025 GMT
            Not After : May  6 21:00:16 2025 GMT
        Subject: CN=6b3d13669f44ca38b178500387db68d1eed1f004
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:c0:22:9e:62:1f:4f:32:a0:0c:f0:24:3f:14:
                    d0:ae:f5:7b:9b:87:53:48:7a:19:af:d6:9d:af:43:
                    d5:b4:bd:8d:09:79:39:f4:85:b0:bb:31:c0:56:04:
                    fd:7c:4b:8c:3f:68:dc:ff:74:7b:f4:b6:64:61:bb:
                    79:c3:cc:b7:9d:c0:67:fa:c7:11:9f:06:9e:be:0c:
                    7d:ba:ff:4e:c0:51:24:95:1f:27:c3:1c:c1:d5:bf:
                    02:9d:b7:d0:2c:4e:8f:4e:b5:f2:cf:38:55:bf:6f:
                    32:da:89:42:7b:c7:ed:65:51:34:15:87:fb:04:93:
                    b3:72:b8:83:7b:71:86:37:00:d4:29:54:5e:f9:19:
                    f8:9b:a2:46:c4:4b:15:bf:e7:1e:86:b8:6f:ca:48:
                    55:09:ac:bb:ae:9f:68:8a:5a:d0:cf:cd:28:31:47:
                    9c:76:10:f7:dc:88:fd:a1:0d:19:59:95:90:d2:0b:
                    7b:68:05:9e:65:98:6e:ab:34:57:2b:60:5e:9d:db:
                    f9:f6:5d:bf:27:e6:61:68:66:63:b7:b6:8e:0d:eb:
                    58:04:7e:31:7f:ed:5e:9b:ee:40:f3:ad:c5:f9:3f:
                    fa:5e:ce:e0:cc:46:eb:22:71:f2:9d:74:b5:69:8b:
                    fd:4e:04:f2:91:8f:37:e0:a4:de:7c:15:9b:5d:f5:
                    0d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:3D:13:66:9F:44:CA:38:B1:78:50:03:87:DB:68:D1:EE:D1:F0:04
            X509v3 Authority Key Identifier:
                keyid:53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:8e:01:7a:65:6b:2e:84:96:3e:b0:8a:37:bd:bd:e3:21:8a:
         01:8a:1b:59:80:62:65:a0:29:1a:be:3b:48:27:60:bc:0c:a3:
         9e:87:4e:d0:58:fc:64:23:68:21:e4:34:33:a3:3e:69:26:21:
         ca:26:f2:73:9b:5d:6b:84:c1:5a:18:57:e4:67:e1:64:18:fc:
         e1:2c:b5:17:3e:87:7e:4d:a4:da:ab:d0:b8:5f:8b:41:2e:97:
         04:94:38:37:17:30:05:4f:2d:eb:88:5d:15:e5:d4:1b:8b:bb:
         f6:ce:23:98:86:64:bb:42:d6:7f:25:85:9b:01:b5:29:34:4f:
         99:e9:6c:ca:45:3c:dd:e4:f3:c8:50:24:58:51:8e:63:e9:e7:
         c9:b8:f1:cc:27:a4:80:df:dd:ba:ef:a2:7b:b1:68:99:0c:50:
         85:57:5e:3c:e2:91:91:49:ee:9b:a0:c7:7f:9e:60:fd:d0:a5:
         62:6b:e0:f2:52:81:0d:2b:34:ff:71:d0:12:55:5f:51:e4:db:
         15:27:cf:33:15:83:f3:76:e8:08:80:17:69:c9:3d:d9:0f:44:
         75:5a:0d:1d:dd:d8:43:8b:dd:42:6b:cb:f8:87:2d:46:09:4f:
         3c:b5:2a:51:72:f0:31:f6:fc:1f:3e:90:70:e3:0d:93:e7:3d:
         6b:65:3e:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaiP92CQW6Es6SZtLvsVbsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzYwOWU0NDg2MTIwZGI5ZjE3YjZkM2Q3NGJmODU1ZjI3
MTU3NWYwHhcNMjUwNTA1MjEwMDE2WhcNMjUwNTA2MjEwMDE2WjAzMTEwLwYDVQQD
Eyg2YjNkMTM2NjlmNDRjYTM4YjE3ODUwMDM4N2RiNjhkMWVlZDFmMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8AinmIfTzKgDPAkPxTQrvV7m4dT
SHoZr9adr0PVtL2NCXk59IWwuzHAVgT9fEuMP2jc/3R79LZkYbt5w8y3ncBn+scR
nwaevgx9uv9OwFEklR8nwxzB1b8CnbfQLE6PTrXyzzhVv28y2olCe8ftZVE0FYf7
BJOzcriDe3GGNwDUKVRe+Rn4m6JGxEsVv+cehrhvykhVCay7rp9oilrQz80oMUec
dhD33Ij9oQ0ZWZWQ0gt7aAWeZZhuqzRXK2Bendv59l2/J+ZhaGZjt7aODetYBH4x
f+1em+5A863F+T/6Xs7gzEbrInHynXS1aYv9TgTykY834KTefBWbXfUN2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGs9E2afRMo4sXhQA4fbaNHu0fAEMB8GA1UdIwQY
MBaAFFN2CeRIYSDbnxe209dL+FXycVdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYt
ZDRkNDRiZDkxYWZlLzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYtZDRkNDRiZDkxYWZl
LzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR44BemVr
LoSWPrCKN7294yGKAYobWYBiZaApGr47SCdgvAyjnodO0Fj8ZCNoIeQ0M6M+aSYh
yibyc5tda4TBWhhX5GfhZBj84Sy1Fz6Hfk2k2qvQuF+LQS6XBJQ4NxcwBU8t64hd
FeXUG4u79s4jmIZku0LWfyWFmwG1KTRPmelsykU83eTzyFAkWFGOY+nnybjxzCek
gN/duu+ie7FomQxQhVdePOKRkUnum6DHf55g/dClYmvg8lKBDSs0/3HQElVfUeTb
FSfPMxWD83boCIAXack92Q9EdVoNHd3YQ4vdQmvL+IctRglPPLUqUXLwMfb8Hz6Q
cOMNk+c9a2U+gg==
-----END CERTIFICATE-----