Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
File:                     UfsmDqHIG4GxkdCujcNkESHp65Y.mft (raw, json)
Hash identifier:          97zAKEPnosx2zVxbmRVJZRgLkj1q+JDOd3tFMmHu/qY=
Subject key identifier:   1A:5F:BA:5C:02:9E:BF:FE:4A:B1:41:F1:65:C6:F9:D4:EF:40:2A:A4
Authority key identifier: 51:FB:26:0E:A1:C8:1B:81:B1:91:D0:AE:8D:C3:64:11:21:E9:EB:96
Certificate issuer:       /CN=51fb260ea1c81b81b191d0ae8dc3641121e9eb96
Certificate serial:       0196824742CB5D1207DFFB8417F3F0BC127A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
Manifest number:          04B7
Signing time:             Tue 29 Apr 2025 16:00:30 +0000
Manifest this update:     Tue 29 Apr 2025 16:00:30 +0000
Manifest next update:     Wed 30 Apr 2025 16:00:30 +0000
Files and hashes:         1: UfsmDqHIG4GxkdCujcNkESHp65Y.crl (hash: m3HgMdC02cVyUb3jDRUE+zqFlvGQY/yObD+gVagh+YY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:47:42:cb:5d:12:07:df:fb:84:17:f3:f0:bc:12:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51fb260ea1c81b81b191d0ae8dc3641121e9eb96
        Validity
            Not Before: Apr 29 16:00:30 2025 GMT
            Not After : Apr 30 16:00:30 2025 GMT
        Subject: CN=1a5fba5c029ebffe4ab141f165c6f9d4ef402aa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:99:d1:6b:68:9b:ee:e0:3a:e5:9b:a2:f6:9e:
                    80:d6:25:13:bf:e6:b1:8c:6b:f1:5d:bc:66:c3:d9:
                    01:40:4a:a8:fb:76:7b:19:eb:6e:3c:7b:b1:c7:9d:
                    f9:05:32:3c:ef:3a:39:ce:54:f8:6f:fa:c1:2b:2d:
                    27:98:98:b2:75:75:7d:85:83:7c:ff:6a:86:2d:d9:
                    2c:ff:8d:d6:6b:09:cd:2a:d9:85:2d:ff:7f:8a:af:
                    2e:99:3b:8d:8f:9b:bc:d9:8b:dd:29:c8:d1:a0:42:
                    4f:64:59:9a:56:3c:80:12:af:5d:32:d2:ff:9e:b6:
                    5b:27:44:06:e5:07:10:06:3c:ee:02:65:3c:09:6d:
                    f2:4d:cd:12:9c:e9:50:b7:41:df:e8:f9:3b:e7:4e:
                    ec:71:65:98:02:ed:71:84:ff:ae:9c:3e:86:91:21:
                    68:7f:95:eb:67:72:47:cc:04:e9:d9:be:b7:65:00:
                    3b:eb:0f:71:b0:13:0f:94:4e:3d:dd:12:0a:5f:d9:
                    79:68:5d:ef:8d:c8:39:ad:ec:e0:1c:b5:6b:98:da:
                    fe:aa:e4:69:f8:0e:14:5a:24:28:1c:35:ba:0f:6c:
                    ea:ca:29:d6:ab:f5:a3:75:e9:f6:c6:1d:27:dd:57:
                    e1:91:5d:d1:f3:c2:01:f6:64:98:fb:84:3d:f8:4a:
                    27:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:5F:BA:5C:02:9E:BF:FE:4A:B1:41:F1:65:C6:F9:D4:EF:40:2A:A4
            X509v3 Authority Key Identifier:
                keyid:51:FB:26:0E:A1:C8:1B:81:B1:91:D0:AE:8D:C3:64:11:21:E9:EB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:24:9c:9d:4b:fb:f1:27:b2:8f:cb:fa:44:17:d9:59:58:09:
         26:cb:e6:f1:e2:14:22:a1:53:63:53:e0:c3:fe:82:0d:1b:da:
         d3:0d:1a:07:14:56:40:4f:ca:30:41:9c:f1:e0:e1:72:e0:85:
         38:e7:73:18:db:3d:6f:2d:3e:38:90:48:8c:49:4f:22:4b:08:
         82:3e:a6:31:8b:6a:da:fe:86:67:ce:02:1a:43:0a:16:b3:90:
         c5:dd:ed:e9:61:b9:e4:db:c9:da:76:d6:b4:59:02:cc:ad:86:
         eb:53:ae:4c:9f:18:e9:24:f3:93:11:3e:12:0d:67:63:3e:14:
         0d:ae:d4:4a:01:ae:6c:ce:1d:95:fe:9a:2f:1a:5c:20:1c:51:
         be:6a:1a:0c:98:27:fe:8c:98:a0:88:b9:74:16:81:88:37:88:
         d4:63:37:fa:33:69:27:1d:da:13:5a:24:59:67:38:0b:36:da:
         27:da:96:1d:12:61:ed:7f:87:3f:fc:7e:aa:e4:92:fe:af:8e:
         37:59:e9:cd:4d:8a:f8:bc:cb:b4:70:a3:e2:32:01:b6:8d:e0:
         9d:3d:a4:7b:5f:c2:ed:5f:8e:05:7b:b0:81:87:db:27:d1:9f:
         50:7a:ca:2f:1d:d4:e3:c7:90:d5:d0:b1:80:b6:e9:db:7c:81:
         c5:8c:7d:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCR0LLXRIH3/uEF/PwvBJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZmIyNjBlYTFjODFiODFiMTkxZDBhZThkYzM2NDExMjFl
OWViOTYwHhcNMjUwNDI5MTYwMDMwWhcNMjUwNDMwMTYwMDMwWjAzMTEwLwYDVQQD
EygxYTVmYmE1YzAyOWViZmZlNGFiMTQxZjE2NWM2ZjlkNGVmNDAyYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopnRa2ib7uA65Zui9p6A1iUTv+ax
jGvxXbxmw9kBQEqo+3Z7GetuPHuxx535BTI87zo5zlT4b/rBKy0nmJiydXV9hYN8
/2qGLdks/43WawnNKtmFLf9/iq8umTuNj5u82YvdKcjRoEJPZFmaVjyAEq9dMtL/
nrZbJ0QG5QcQBjzuAmU8CW3yTc0SnOlQt0Hf6Pk7507scWWYAu1xhP+unD6GkSFo
f5XrZ3JHzATp2b63ZQA76w9xsBMPlE493RIKX9l5aF3vjcg5rezgHLVrmNr+quRp
+A4UWiQoHDW6D2zqyinWq/Wjden2xh0n3VfhkV3R88IB9mSY+4Q9+EonrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpfulwCnr/+SrFB8WXG+dTvQCqkMB8GA1UdIwQY
MBaAFFH7Jg6hyBuBsZHQro3DZBEh6euWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80ZjVlN2ItMTRlNy00NGJjLThkNWQt
ZDI5NTc0NTNiODQ0LzEvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80ZjVlN2ItMTRlNy00NGJjLThkNWQtZDI5NTc0NTNiODQ0
LzEvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwiScnUv7
8Seyj8v6RBfZWVgJJsvm8eIUIqFTY1Pgw/6CDRva0w0aBxRWQE/KMEGc8eDhcuCF
OOdzGNs9by0+OJBIjElPIksIgj6mMYtq2v6GZ84CGkMKFrOQxd3t6WG55NvJ2nbW
tFkCzK2G61OuTJ8Y6STzkxE+Eg1nYz4UDa7USgGubM4dlf6aLxpcIBxRvmoaDJgn
/oyYoIi5dBaBiDeI1GM3+jNpJx3aE1okWWc4CzbaJ9qWHRJh7X+HP/x+quSS/q+O
N1npzU2K+LzLtHCj4jIBto3gnT2ke1/C7V+OBXuwgYfbJ9GfUHrKLx3U48eQ1dCx
gLbp23yBxYx93g==
-----END CERTIFICATE-----