Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
File:                     UB7eLUfXfhQKl78pidqCpYdzyMA.mft (raw, json)
Hash identifier:          7cEmZswrtHfXRvy542q76iA+5+D9ljnd3QmSzVF+3us=
Subject key identifier:   1F:A0:EB:DF:F7:EA:9E:4A:AE:BA:68:CB:6E:B7:95:16:9F:44:EC:91
Authority key identifier: 50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0
Certificate issuer:       /CN=501ede2d47d77e140a97bf2989da82a58773c8c0
Certificate serial:       01967FB46F7286F9B4809660CF235F552682
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
Manifest number:          0BF9
Signing time:             Tue 29 Apr 2025 04:00:53 +0000
Manifest this update:     Tue 29 Apr 2025 04:00:53 +0000
Manifest next update:     Wed 30 Apr 2025 04:00:53 +0000
Files and hashes:         1: UB7eLUfXfhQKl78pidqCpYdzyMA.crl (hash: nBwzljNtQ5aIuZqwqHbjCd38A30LNzfor86Z27iEMQY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 04:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:6f:72:86:f9:b4:80:96:60:cf:23:5f:55:26:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=501ede2d47d77e140a97bf2989da82a58773c8c0
        Validity
            Not Before: Apr 29 04:00:53 2025 GMT
            Not After : Apr 30 04:00:53 2025 GMT
        Subject: CN=1fa0ebdff7ea9e4aaeba68cb6eb795169f44ec91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:b2:f5:be:ff:70:d2:7e:6c:53:42:73:05:d6:
                    10:6a:cd:49:fe:30:db:08:85:a6:61:54:cc:e3:89:
                    f4:d5:21:e8:62:7b:00:57:b8:c9:e1:6a:d0:42:37:
                    a3:0d:e6:32:8f:ab:4a:d5:47:34:39:26:7e:55:c0:
                    e7:e4:cd:42:08:e2:cc:41:ec:84:eb:20:6f:3c:69:
                    2e:4a:4f:54:42:c8:d2:02:ef:ad:ab:8f:03:9f:00:
                    bc:7d:9a:d1:70:be:72:b7:8c:c7:0a:df:fe:ce:c2:
                    56:2f:2d:09:19:5e:db:9d:1e:10:50:99:b6:81:c1:
                    12:0e:de:08:3d:eb:db:b7:77:08:35:b3:e7:ce:71:
                    26:ce:b5:3a:03:fb:72:cb:7f:34:12:92:6a:9a:46:
                    6b:2c:42:95:b7:a9:6f:8f:83:0f:15:69:1d:03:3d:
                    de:dc:69:8d:b0:ec:35:a3:d9:c1:d7:fe:76:4b:a7:
                    22:9f:d4:ba:cc:7d:a2:a5:75:7b:55:6b:51:15:0a:
                    21:f7:5c:8a:4b:9c:fc:8e:c5:60:1d:31:95:91:cc:
                    bf:d0:3e:76:04:3a:88:32:42:fc:c2:75:8e:30:06:
                    ee:00:f3:5d:68:bf:23:d9:02:fd:76:60:f9:ad:c3:
                    b2:5f:d0:9c:0d:68:8f:f5:28:98:2a:83:ec:f1:d5:
                    6d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:A0:EB:DF:F7:EA:9E:4A:AE:BA:68:CB:6E:B7:95:16:9F:44:EC:91
            X509v3 Authority Key Identifier:
                keyid:50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:ee:a8:9c:ea:e6:0c:6e:be:55:c2:03:c4:9e:65:be:ef:28:
         d6:58:04:8f:d9:da:d5:0e:fb:c1:50:9c:53:e1:7c:f4:d4:1e:
         5b:9f:d6:08:0a:0b:91:44:22:8d:4f:1b:1f:93:30:d1:5e:a8:
         f8:19:6c:db:01:ae:80:ef:a8:33:61:2b:8b:53:c5:2c:25:2a:
         54:36:95:cb:4a:ce:fe:af:40:69:2b:ba:40:2b:2a:59:09:2d:
         fc:de:5b:55:ac:91:7e:84:42:bc:da:38:94:19:77:75:fd:80:
         e7:e5:2d:4d:54:ad:8b:74:18:f6:aa:a1:7a:f3:98:9c:70:56:
         58:5b:ab:ba:a6:85:41:af:f7:a5:64:b3:b4:38:e9:ef:55:cc:
         0f:74:fd:bf:3a:ec:33:39:77:20:78:c0:07:43:31:9a:6c:0e:
         42:39:90:1c:c3:17:a5:61:d5:97:7b:53:bc:a7:30:2b:c9:8a:
         5d:bd:5e:01:f8:7d:85:86:18:a2:51:19:5f:e6:f0:29:4e:2a:
         05:af:cc:e5:3d:a4:00:63:d7:60:76:5d:6b:a5:df:a0:36:3e:
         99:a5:d3:73:6e:78:a6:ce:e6:96:b2:da:05:12:e6:a3:dc:6b:
         9a:d2:d1:b2:15:80:d6:99:47:36:5e:07:3a:f5:79:87:26:3b:
         87:0b:0c:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tG9yhvm0gJZgzyNfVSaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMWVkZTJkNDdkNzdlMTQwYTk3YmYyOTg5ZGE4MmE1ODc3
M2M4YzAwHhcNMjUwNDI5MDQwMDUzWhcNMjUwNDMwMDQwMDUzWjAzMTEwLwYDVQQD
EygxZmEwZWJkZmY3ZWE5ZTRhYWViYTY4Y2I2ZWI3OTUxNjlmNDRlYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bL1vv9w0n5sU0JzBdYQas1J/jDb
CIWmYVTM44n01SHoYnsAV7jJ4WrQQjejDeYyj6tK1Uc0OSZ+VcDn5M1CCOLMQeyE
6yBvPGkuSk9UQsjSAu+tq48DnwC8fZrRcL5yt4zHCt/+zsJWLy0JGV7bnR4QUJm2
gcESDt4IPevbt3cINbPnznEmzrU6A/tyy380EpJqmkZrLEKVt6lvj4MPFWkdAz3e
3GmNsOw1o9nB1/52S6cin9S6zH2ipXV7VWtRFQoh91yKS5z8jsVgHTGVkcy/0D52
BDqIMkL8wnWOMAbuAPNdaL8j2QL9dmD5rcOyX9CcDWiP9SiYKoPs8dVt0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+g69/36p5Krrpoy263lRafROyRMB8GA1UdIwQY
MBaAFFAe3i1H134UCpe/KYnagqWHc8jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEt
MTJlZGQwZTBkMjFiLzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEtMTJlZGQwZTBkMjFi
LzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGO6onOrm
DG6+VcIDxJ5lvu8o1lgEj9na1Q77wVCcU+F89NQeW5/WCAoLkUQijU8bH5Mw0V6o
+Bls2wGugO+oM2Eri1PFLCUqVDaVy0rO/q9AaSu6QCsqWQkt/N5bVayRfoRCvNo4
lBl3df2A5+UtTVSti3QY9qqhevOYnHBWWFuruqaFQa/3pWSztDjp71XMD3T9vzrs
Mzl3IHjAB0MxmmwOQjmQHMMXpWHVl3tTvKcwK8mKXb1eAfh9hYYYolEZX+bwKU4q
Ba/M5T2kAGPXYHZda6XfoDY+maXTc254ps7mlrLaBRLmo9xrmtLRshWA1plHNl4H
OvV5hyY7hwsMFg==
-----END CERTIFICATE-----