Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
File:                     UfsmDqHIG4GxkdCujcNkESHp65Y.mft (raw, json)
Hash identifier:          q7+Al2ljJY++mQehcVCwW0IQhNSCWbDdZLcC3bRAJqw=
Subject key identifier:   04:33:8E:34:CB:CC:38:B5:83:9D:5B:8D:3D:A8:67:25:96:91:93:21
Authority key identifier: 51:FB:26:0E:A1:C8:1B:81:B1:91:D0:AE:8D:C3:64:11:21:E9:EB:96
Certificate issuer:       /CN=51fb260ea1c81b81b191d0ae8dc3641121e9eb96
Certificate serial:       01976FD131A21BBCA06FE86E98DE6DB5076C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
Manifest number:          0532
Signing time:             Sat 14 Jun 2025 19:01:10 +0000
Manifest this update:     Sat 14 Jun 2025 19:01:10 +0000
Manifest next update:     Sun 15 Jun 2025 19:01:10 +0000
Files and hashes:         1: UfsmDqHIG4GxkdCujcNkESHp65Y.crl (hash: IBEJ1xuiL41dYNfMdtFn2V7AX2JFm7wOqZY6eS91+nk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d1:31:a2:1b:bc:a0:6f:e8:6e:98:de:6d:b5:07:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51fb260ea1c81b81b191d0ae8dc3641121e9eb96
        Validity
            Not Before: Jun 14 19:01:10 2025 GMT
            Not After : Jun 15 19:01:10 2025 GMT
        Subject: CN=04338e34cbcc38b5839d5b8d3da8672596919321
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:47:05:7e:28:36:7a:b1:d6:cb:f5:f6:cb:02:
                    fc:b0:27:2f:88:d5:b3:28:56:fc:db:45:ea:e1:c8:
                    ed:7d:ec:cc:1f:41:e6:df:56:c6:2e:07:3e:17:5b:
                    f3:24:8b:8b:0e:ad:d9:79:51:c3:d7:68:14:42:17:
                    16:ff:cd:62:ef:3f:16:68:59:44:db:d7:02:03:07:
                    16:08:88:2c:e1:10:87:15:1a:af:3b:b8:2b:27:5e:
                    75:d9:d9:6b:41:af:cb:bd:42:1d:1e:bf:f0:b0:ca:
                    53:c7:47:4a:be:10:76:75:80:c9:30:d0:bf:f9:d5:
                    92:c2:95:ff:52:63:47:06:e4:84:47:67:08:29:55:
                    d9:84:55:55:67:64:c6:53:3f:3c:b4:c1:b2:6b:c1:
                    d3:73:9c:74:cc:b1:9d:86:51:eb:7e:36:f5:5c:e0:
                    a5:1d:ff:0a:8b:aa:9c:6c:f0:0a:c4:94:7a:20:b0:
                    b6:48:d7:fa:c1:7c:77:65:16:c8:41:3e:23:f0:44:
                    31:9e:1c:a5:eb:5c:b0:40:c7:b1:23:88:9e:b0:95:
                    df:db:f8:3e:43:2b:d5:9b:cf:94:72:69:86:2e:34:
                    b2:33:97:27:60:99:0f:51:ef:8d:47:bd:33:be:c6:
                    1c:92:26:a2:9d:66:fb:68:e3:e8:37:b8:97:f0:3a:
                    89:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:33:8E:34:CB:CC:38:B5:83:9D:5B:8D:3D:A8:67:25:96:91:93:21
            X509v3 Authority Key Identifier:
                keyid:51:FB:26:0E:A1:C8:1B:81:B1:91:D0:AE:8D:C3:64:11:21:E9:EB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:ed:b5:26:f1:63:0b:e7:be:70:a5:ad:b2:a6:f1:ed:49:c9:
         eb:75:24:84:02:0f:aa:26:20:f2:72:3e:3a:fa:8d:1d:e3:b1:
         ec:fc:b9:01:9b:f9:e9:67:c3:a5:f2:6e:28:96:2c:e9:02:cb:
         ea:ac:06:d1:63:83:ac:7d:39:34:80:d6:70:ed:47:dc:96:75:
         fe:c3:d7:03:ec:0e:64:5b:4a:21:48:09:ba:85:a6:f1:b4:14:
         61:fa:e5:58:62:8b:29:6c:c8:0c:5b:58:b0:e3:6c:30:1e:00:
         3d:08:07:6a:91:8d:71:67:33:0d:bb:7f:9a:42:5a:3f:03:c9:
         f1:0b:df:1d:f2:a7:fa:7e:8d:c3:4d:2d:76:4b:23:fd:1b:78:
         38:4a:6e:d4:c5:4c:8e:4e:4c:40:b1:db:5f:86:3f:54:8e:63:
         b8:63:63:a8:83:70:66:1d:92:0c:c4:d5:29:36:28:fc:64:25:
         ef:dc:c2:f6:99:86:8a:d9:92:5b:a3:06:b7:4c:05:03:85:5d:
         0c:d4:8c:f5:3c:f3:2a:6d:12:75:ab:20:e7:b8:33:77:51:56:
         48:a7:0f:a5:04:71:b3:a9:d2:22:d3:3b:f3:e5:14:2a:67:76:
         a8:ad:1a:2b:0f:f1:1d:a1:7a:14:ab:1f:7d:a4:12:a3:ef:12:
         25:d9:49:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0TGiG7ygb+humN5ttQdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZmIyNjBlYTFjODFiODFiMTkxZDBhZThkYzM2NDExMjFl
OWViOTYwHhcNMjUwNjE0MTkwMTEwWhcNMjUwNjE1MTkwMTEwWjAzMTEwLwYDVQQD
EygwNDMzOGUzNGNiY2MzOGI1ODM5ZDViOGQzZGE4NjcyNTk2OTE5MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0cFfig2erHWy/X2ywL8sCcviNWz
KFb820Xq4cjtfezMH0Hm31bGLgc+F1vzJIuLDq3ZeVHD12gUQhcW/81i7z8WaFlE
29cCAwcWCIgs4RCHFRqvO7grJ1512dlrQa/LvUIdHr/wsMpTx0dKvhB2dYDJMNC/
+dWSwpX/UmNHBuSER2cIKVXZhFVVZ2TGUz88tMGya8HTc5x0zLGdhlHrfjb1XOCl
Hf8Ki6qcbPAKxJR6ILC2SNf6wXx3ZRbIQT4j8EQxnhyl61ywQMexI4iesJXf2/g+
QyvVm8+UcmmGLjSyM5cnYJkPUe+NR70zvsYckiainWb7aOPoN7iX8DqJWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQzjjTLzDi1g51bjT2oZyWWkZMhMB8GA1UdIwQY
MBaAFFH7Jg6hyBuBsZHQro3DZBEh6euWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80ZjVlN2ItMTRlNy00NGJjLThkNWQt
ZDI5NTc0NTNiODQ0LzEvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80ZjVlN2ItMTRlNy00NGJjLThkNWQtZDI5NTc0NTNiODQ0
LzEvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR+21JvFj
C+e+cKWtsqbx7UnJ63UkhAIPqiYg8nI+OvqNHeOx7Py5AZv56WfDpfJuKJYs6QLL
6qwG0WODrH05NIDWcO1H3JZ1/sPXA+wOZFtKIUgJuoWm8bQUYfrlWGKLKWzIDFtY
sONsMB4APQgHapGNcWczDbt/mkJaPwPJ8QvfHfKn+n6Nw00tdksj/Rt4OEpu1MVM
jk5MQLHbX4Y/VI5juGNjqINwZh2SDMTVKTYo/GQl79zC9pmGitmSW6MGt0wFA4Vd
DNSM9TzzKm0Sdasg57gzd1FWSKcPpQRxs6nSItM78+UUKmd2qK0aKw/xHaF6FKsf
faQSo+8SJdlJMQ==
-----END CERTIFICATE-----