Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
File:                     UMrU5Xdbox7K4ibRBG89waEEgU0.mft (raw, json)
Hash identifier:          h99D6DfPh3MiZ7izngtEiB5KkOAAv74IaxCNJmTRGzY=
Subject key identifier:   38:D6:12:5B:D5:68:AE:56:DD:92:FE:E4:B9:C2:AA:7B:31:DC:27:D2
Authority key identifier: 50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D
Certificate issuer:       /CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
Certificate serial:       01969E2C4788890F939EBF45DACF4AE48314
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
Manifest number:          04B9
Signing time:             Mon 05 May 2025 02:00:23 +0000
Manifest this update:     Mon 05 May 2025 02:00:23 +0000
Manifest next update:     Tue 06 May 2025 02:00:23 +0000
Files and hashes:         1: UMrU5Xdbox7K4ibRBG89waEEgU0.crl (hash: KyQB8rpA3w9K2qkv3WWeDYzBkbY8sqwt7rSx3ayFW78=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:2c:47:88:89:0f:93:9e:bf:45:da:cf:4a:e4:83:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
        Validity
            Not Before: May  5 02:00:23 2025 GMT
            Not After : May  6 02:00:23 2025 GMT
        Subject: CN=38d6125bd568ae56dd92fee4b9c2aa7b31dc27d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3e:7a:0f:c2:0c:6f:68:0b:02:ef:1d:6f:4d:
                    c5:99:59:a5:eb:16:2c:0a:af:42:27:fb:35:95:f8:
                    7c:13:51:78:47:da:91:1e:ce:b4:47:00:f6:9e:31:
                    47:67:74:37:cb:3f:34:c4:21:22:a6:a5:97:55:11:
                    b9:80:b6:a0:99:f9:bb:c7:0f:56:34:6f:ce:e3:dd:
                    53:2d:f1:86:17:61:b5:02:fe:54:5a:f8:bf:b6:22:
                    26:86:f1:98:35:e8:c3:f5:74:4c:a7:dc:9c:93:b6:
                    c5:16:0d:bf:8f:15:51:a1:31:a5:d4:e6:a9:a6:b8:
                    4e:b0:c9:c4:c7:7e:60:41:a2:21:95:59:67:0e:84:
                    3c:9c:7c:3d:f5:3b:19:08:81:19:bf:6e:a6:70:ce:
                    69:d7:f0:75:97:40:b4:83:c2:df:1e:71:59:74:01:
                    e4:cb:2f:64:9c:8c:0c:a5:10:48:4b:a3:1a:30:08:
                    2c:d4:d1:ef:c1:46:93:bc:df:9e:af:f9:e2:c2:59:
                    3b:32:da:8f:ad:2b:9a:9c:ac:0a:6a:10:af:e5:24:
                    b5:cc:b2:6c:7b:f4:77:32:3c:d2:5a:4f:b1:04:86:
                    53:7c:02:d9:9a:d8:16:cb:29:c4:b6:8a:65:20:f2:
                    90:13:e7:c9:9d:53:15:d0:52:4b:de:62:b3:ff:59:
                    97:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:D6:12:5B:D5:68:AE:56:DD:92:FE:E4:B9:C2:AA:7B:31:DC:27:D2
            X509v3 Authority Key Identifier:
                keyid:50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:04:7a:6d:d9:f1:27:e6:bf:fc:47:cb:e6:25:10:54:f1:73:
         5d:b7:8f:ec:af:1f:a0:e0:40:e5:08:d1:d1:d0:3a:85:5f:05:
         c6:e2:d5:e0:bf:b7:83:fd:bc:8f:c2:8a:7f:8a:2c:c4:a1:81:
         a4:d2:43:b0:7d:a1:3d:26:3e:03:08:e6:7f:ed:70:78:19:bc:
         f8:1a:34:2e:26:30:10:85:29:54:8a:d3:ed:8c:c9:00:4f:de:
         4b:df:cf:18:08:b9:cb:22:fe:e8:f3:bd:e4:88:cf:a0:de:9d:
         7a:25:7e:16:3d:52:e8:00:11:d3:a5:21:43:e9:5e:77:0c:11:
         35:27:bb:cd:8f:8c:32:c7:c8:25:92:3e:3e:61:3c:1c:8b:aa:
         2e:55:ea:53:f1:9c:64:96:fc:10:6b:e1:a7:e3:5a:a9:ab:a5:
         5f:a9:20:68:16:cc:aa:6f:68:1e:78:71:f6:6c:e4:50:93:7c:
         18:8f:89:d0:c1:d5:e3:25:47:5c:cc:51:2d:c3:ea:bb:38:9b:
         1c:c9:9b:20:fe:49:17:32:98:eb:51:1a:90:7e:73:15:05:4a:
         4c:60:e8:c9:38:27:f1:2b:7d:b7:7f:c4:32:d4:ab:d7:50:00:
         1b:db:0a:64:84:19:98:fb:70:7d:b5:59:35:54:80:0d:83:1e:
         4c:23:c9:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaeLEeIiQ+Tnr9F2s9K5IMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwY2FkNGU1Nzc1YmEzMWVjYWUyMjZkMTA0NmYzZGMxYTEw
NDgxNGQwHhcNMjUwNTA1MDIwMDIzWhcNMjUwNTA2MDIwMDIzWjAzMTEwLwYDVQQD
EygzOGQ2MTI1YmQ1NjhhZTU2ZGQ5MmZlZTRiOWMyYWE3YjMxZGMyN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T56D8IMb2gLAu8db03FmVml6xYs
Cq9CJ/s1lfh8E1F4R9qRHs60RwD2njFHZ3Q3yz80xCEipqWXVRG5gLagmfm7xw9W
NG/O491TLfGGF2G1Av5UWvi/tiImhvGYNejD9XRMp9yck7bFFg2/jxVRoTGl1Oap
prhOsMnEx35gQaIhlVlnDoQ8nHw99TsZCIEZv26mcM5p1/B1l0C0g8LfHnFZdAHk
yy9knIwMpRBIS6MaMAgs1NHvwUaTvN+er/niwlk7MtqPrSuanKwKahCv5SS1zLJs
e/R3MjzSWk+xBIZTfALZmtgWyynEtoplIPKQE+fJnVMV0FJL3mKz/1mXuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjWElvVaK5W3ZL+5LnCqnsx3CfSMB8GA1UdIwQY
MBaAFFDK1OV3W6MeyuIm0QRvPcGhBIFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEt
NjYzOWJjYTdhMWIwLzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEtNjYzOWJjYTdhMWIw
LzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhwR6bdnx
J+a//EfL5iUQVPFzXbeP7K8foOBA5QjR0dA6hV8FxuLV4L+3g/28j8KKf4osxKGB
pNJDsH2hPSY+Awjmf+1weBm8+Bo0LiYwEIUpVIrT7YzJAE/eS9/PGAi5yyL+6PO9
5IjPoN6deiV+Fj1S6AAR06UhQ+ledwwRNSe7zY+MMsfIJZI+PmE8HIuqLlXqU/Gc
ZJb8EGvhp+NaqaulX6kgaBbMqm9oHnhx9mzkUJN8GI+J0MHV4yVHXMxRLcPquzib
HMmbIP5JFzKY61EakH5zFQVKTGDoyTgn8St9t3/EMtSr11AAG9sKZIQZmPtwfbVZ
NVSADYMeTCPJZg==
-----END CERTIFICATE-----