Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
File:                     UB7eLUfXfhQKl78pidqCpYdzyMA.mft (raw, json)
Hash identifier:          jMx5O7G9+UzXvBhIagVZH6pBzYrTs7OoCDcbIolvU24=
Subject key identifier:   8D:17:A9:2A:9C:E7:ED:A4:21:12:6F:C9:C2:81:7F:37:71:32:39:A2
Authority key identifier: 50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0
Certificate issuer:       /CN=501ede2d47d77e140a97bf2989da82a58773c8c0
Certificate serial:       019776E553B9443C95ABAD3F9CD0332EA40F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
Manifest number:          0C79
Signing time:             Mon 16 Jun 2025 04:00:30 +0000
Manifest this update:     Mon 16 Jun 2025 04:00:30 +0000
Manifest next update:     Tue 17 Jun 2025 04:00:30 +0000
Files and hashes:         1: UB7eLUfXfhQKl78pidqCpYdzyMA.crl (hash: 1Mm+tWmrhDT7BLS17wpveMNqCRJRMw2s1xGoG9SqjKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 04:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:76:e5:53:b9:44:3c:95:ab:ad:3f:9c:d0:33:2e:a4:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=501ede2d47d77e140a97bf2989da82a58773c8c0
        Validity
            Not Before: Jun 16 04:00:30 2025 GMT
            Not After : Jun 17 04:00:30 2025 GMT
        Subject: CN=8d17a92a9ce7eda421126fc9c2817f37713239a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:83:4d:5a:74:b3:90:11:ec:c7:b8:11:88:57:
                    92:63:c3:1b:86:1b:c8:f5:7e:e2:c7:8b:50:f2:fd:
                    9c:f0:cf:5d:be:ae:a8:23:2a:d5:0f:a4:e8:4c:3f:
                    f7:8e:3d:09:63:0a:8f:8d:5b:78:20:5a:cf:f2:f2:
                    b1:d7:d8:2d:cf:08:2a:09:1e:5d:30:6d:c0:9d:6d:
                    5c:f8:a2:70:a9:82:2a:1f:12:87:6f:32:43:b7:87:
                    1b:71:d6:09:04:77:19:00:65:26:ec:86:57:c0:61:
                    9d:e9:5e:ae:20:3d:3d:17:c7:52:ff:f9:c0:56:0e:
                    c3:5d:11:e2:5e:75:6f:71:e2:fe:0c:65:68:df:2d:
                    45:37:13:42:9e:b0:ba:c7:70:ff:87:87:d9:08:d6:
                    61:ae:67:f4:4e:cd:7b:12:50:9f:2a:8b:d7:5a:51:
                    20:74:78:6a:e5:98:14:25:89:3c:d0:c2:dd:7b:2d:
                    90:aa:59:c1:9e:d8:7a:2e:71:fa:60:11:01:d5:0b:
                    2a:fa:d9:cc:3b:05:a4:fa:00:fc:5c:f8:dc:66:2c:
                    c9:c4:a4:7e:a1:19:7e:09:a3:8e:1c:bc:88:f5:60:
                    e0:82:83:b0:ae:52:d6:15:c0:7b:84:91:f2:51:3a:
                    ec:5c:dc:6b:fd:75:b1:ae:de:6f:25:9b:dd:f5:e3:
                    a6:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:17:A9:2A:9C:E7:ED:A4:21:12:6F:C9:C2:81:7F:37:71:32:39:A2
            X509v3 Authority Key Identifier:
                keyid:50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:73:c7:9d:0f:de:e1:3f:c8:d4:3d:62:95:ae:19:1e:46:d1:
         8b:51:21:d4:f1:58:7d:1b:f5:c9:1b:7b:2c:a2:49:d6:9a:ab:
         eb:0f:53:cf:5c:e5:98:80:42:37:53:ed:46:4d:1b:fa:aa:db:
         e0:fc:c8:67:f2:bb:5a:80:d2:1b:96:68:c0:bd:9f:71:df:c2:
         1c:cf:3d:1c:8f:c1:db:de:4b:9c:15:65:a7:08:cc:ed:9a:b1:
         fc:8f:f2:3d:04:f8:60:0b:38:12:fa:91:97:ae:fa:11:6d:8d:
         30:f2:04:9c:47:cb:9a:8f:52:41:7b:ce:bf:ef:a2:d8:16:7f:
         d5:ab:c8:f5:8b:10:ee:ae:4e:89:e2:02:2d:e3:8b:4c:78:36:
         66:57:ce:aa:12:43:7e:2a:76:d4:d4:9b:8a:34:42:4e:28:ab:
         65:18:82:29:db:b2:17:f3:c2:cb:4f:72:31:81:08:b7:2b:9a:
         20:bd:87:d1:9a:f5:de:60:51:fd:95:23:b7:54:c7:70:84:d2:
         05:5b:b5:58:cc:01:9e:b3:8b:c7:c3:a9:09:64:1b:a9:d6:89:
         d6:d9:88:68:00:0c:21:ae:c6:5b:3a:16:21:30:65:11:38:85:
         39:ab:a3:67:d3:65:cf:6e:3c:38:bb:cd:89:03:ee:ec:26:f8:
         d8:a4:9a:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd25VO5RDyVq60/nNAzLqQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMWVkZTJkNDdkNzdlMTQwYTk3YmYyOTg5ZGE4MmE1ODc3
M2M4YzAwHhcNMjUwNjE2MDQwMDMwWhcNMjUwNjE3MDQwMDMwWjAzMTEwLwYDVQQD
Eyg4ZDE3YTkyYTljZTdlZGE0MjExMjZmYzljMjgxN2YzNzcxMzIzOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYNNWnSzkBHsx7gRiFeSY8MbhhvI
9X7ix4tQ8v2c8M9dvq6oIyrVD6ToTD/3jj0JYwqPjVt4IFrP8vKx19gtzwgqCR5d
MG3AnW1c+KJwqYIqHxKHbzJDt4cbcdYJBHcZAGUm7IZXwGGd6V6uID09F8dS//nA
Vg7DXRHiXnVvceL+DGVo3y1FNxNCnrC6x3D/h4fZCNZhrmf0Ts17ElCfKovXWlEg
dHhq5ZgUJYk80MLdey2QqlnBnth6LnH6YBEB1Qsq+tnMOwWk+gD8XPjcZizJxKR+
oRl+CaOOHLyI9WDggoOwrlLWFcB7hJHyUTrsXNxr/XWxrt5vJZvd9eOmoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0XqSqc5+2kIRJvycKBfzdxMjmiMB8GA1UdIwQY
MBaAFFAe3i1H134UCpe/KYnagqWHc8jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEt
MTJlZGQwZTBkMjFiLzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEtMTJlZGQwZTBkMjFi
LzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALXPHnQ/e
4T/I1D1ila4ZHkbRi1Eh1PFYfRv1yRt7LKJJ1pqr6w9Tz1zlmIBCN1PtRk0b+qrb
4PzIZ/K7WoDSG5ZowL2fcd/CHM89HI/B295LnBVlpwjM7Zqx/I/yPQT4YAs4EvqR
l676EW2NMPIEnEfLmo9SQXvOv++i2BZ/1avI9YsQ7q5OieICLeOLTHg2ZlfOqhJD
fip21NSbijRCTiirZRiCKduyF/PCy09yMYEItyuaIL2H0Zr13mBR/ZUjt1THcITS
BVu1WMwBnrOLx8OpCWQbqdaJ1tmIaAAMIa7GWzoWITBlETiFOaujZ9Nlz248OLvN
iQPu7Cb42KSa1Q==
-----END CERTIFICATE-----