Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
File:                     uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft (raw, json)
Hash identifier:          4gIDq8YSAMwjxUXB7iFUN21ePlPbqv4jTJ50xWm9KgA=
Subject key identifier:   F4:37:28:B1:AB:8C:26:E0:A0:07:39:12:5F:2A:A5:25:EC:F5:BE:40
Authority key identifier: B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA
Certificate issuer:       /CN=b88177a9a3469db3acf10a98f6c03931e35515fa
Certificate serial:       01968BB859A5B3B25FF2CD3F389BE3B062BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
Manifest number:          04B3
Signing time:             Thu 01 May 2025 12:00:36 +0000
Manifest this update:     Thu 01 May 2025 12:00:36 +0000
Manifest next update:     Fri 02 May 2025 12:00:36 +0000
Files and hashes:         1: uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl (hash: lj3sQhUDSbr1+rduYYSBXMMt1zD+9UoTchRkijyJ+5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:b8:59:a5:b3:b2:5f:f2:cd:3f:38:9b:e3:b0:62:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88177a9a3469db3acf10a98f6c03931e35515fa
        Validity
            Not Before: May  1 12:00:36 2025 GMT
            Not After : May  2 12:00:36 2025 GMT
        Subject: CN=f43728b1ab8c26e0a00739125f2aa525ecf5be40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:14:e0:08:10:99:24:cc:b4:74:4e:c7:ec:7f:
                    64:af:79:2b:61:c2:f2:9b:21:b7:5b:a6:6c:dd:9e:
                    98:fc:0f:e7:bb:11:a6:de:8f:f5:46:04:32:21:37:
                    10:7c:f2:91:0e:a2:29:76:d7:32:04:3b:f6:10:b1:
                    b4:0f:73:85:6e:6f:29:a2:e6:4a:04:4b:ec:04:12:
                    8a:ae:eb:48:d0:62:f1:1b:ea:c4:10:65:c8:85:da:
                    74:3e:4e:bd:e8:7b:08:7e:51:e4:1e:07:52:4e:a0:
                    b7:bf:a1:47:31:b3:ab:33:03:a1:35:2a:f6:3d:24:
                    63:15:5e:63:09:e0:0e:ae:70:70:67:f8:30:51:39:
                    15:a2:36:85:53:09:98:50:8d:12:30:c1:49:40:28:
                    15:f9:1f:b1:7f:b0:fb:23:aa:e8:3b:20:12:ed:65:
                    d4:9c:cb:30:06:25:a7:3a:f3:9c:69:a1:14:20:a3:
                    d8:68:2a:ef:d1:ce:9e:1f:0e:9f:0c:4d:9d:8e:47:
                    f6:fc:0f:47:10:b9:74:70:8b:9f:3f:f5:65:a1:12:
                    0a:53:e5:ca:3a:1c:b5:8a:9d:e5:25:b7:1c:8d:d9:
                    07:be:bd:cc:54:0f:ae:be:29:83:80:30:cc:b7:9b:
                    de:28:69:16:64:48:f9:30:d4:f9:26:df:a5:ce:b3:
                    92:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:37:28:B1:AB:8C:26:E0:A0:07:39:12:5F:2A:A5:25:EC:F5:BE:40
            X509v3 Authority Key Identifier:
                keyid:B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:77:51:c2:15:ca:57:fb:83:89:14:67:8c:1d:67:ee:78:bc:
         b2:9e:da:43:58:76:b3:e1:80:bf:4c:71:8f:ef:2a:7f:6b:fe:
         67:3c:30:f4:dc:b6:d9:05:24:66:8a:7a:b9:be:39:08:a8:69:
         ee:dd:ce:25:9b:76:26:bc:f5:a4:69:b6:cc:2e:b7:0b:1b:73:
         30:a6:42:9c:34:3d:eb:de:68:a2:72:38:f1:d3:14:54:6d:90:
         b6:92:d1:31:23:e1:b9:9c:7e:e5:e9:90:5c:7f:eb:eb:00:72:
         0f:35:8d:8c:58:5d:a9:77:06:97:b9:c3:c8:3f:4c:c5:7c:96:
         a0:9c:69:d6:25:0b:12:20:8d:42:9a:28:48:e0:9a:7e:c0:7b:
         0e:77:7b:5d:e7:f6:3b:1c:df:57:ac:e7:cb:3d:36:2d:b7:7d:
         e5:0a:b4:7f:c7:70:55:05:60:08:60:c1:8f:8e:1b:e5:e4:54:
         f1:d9:a1:54:21:a8:54:1f:7f:b0:42:d3:ec:10:3a:f3:e7:8b:
         b5:a3:92:00:2c:4b:cb:03:34:27:79:75:50:b8:e2:1f:4f:69:
         26:ba:e6:6a:89:d1:ef:44:06:f3:68:17:1b:af:d6:03:fe:2a:
         93:18:ca:df:2d:5c:7b:16:88:5a:c7:f4:da:ed:e5:9e:df:61:
         0b:cd:95:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaLuFmls7Jf8s0/OJvjsGK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ODE3N2E5YTM0NjlkYjNhY2YxMGE5OGY2YzAzOTMxZTM1
NTE1ZmEwHhcNMjUwNTAxMTIwMDM2WhcNMjUwNTAyMTIwMDM2WjAzMTEwLwYDVQQD
EyhmNDM3MjhiMWFiOGMyNmUwYTAwNzM5MTI1ZjJhYTUyNWVjZjViZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxTgCBCZJMy0dE7H7H9kr3krYcLy
myG3W6Zs3Z6Y/A/nuxGm3o/1RgQyITcQfPKRDqIpdtcyBDv2ELG0D3OFbm8pouZK
BEvsBBKKrutI0GLxG+rEEGXIhdp0Pk696HsIflHkHgdSTqC3v6FHMbOrMwOhNSr2
PSRjFV5jCeAOrnBwZ/gwUTkVojaFUwmYUI0SMMFJQCgV+R+xf7D7I6roOyAS7WXU
nMswBiWnOvOcaaEUIKPYaCrv0c6eHw6fDE2djkf2/A9HELl0cIufP/VloRIKU+XK
Ohy1ip3lJbccjdkHvr3MVA+uvimDgDDMt5veKGkWZEj5MNT5Jt+lzrOSfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQ3KLGrjCbgoAc5El8qpSXs9b5AMB8GA1UdIwQY
MBaAFLiBd6mjRp2zrPEKmPbAOTHjVRX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTct
ZWIwODg1YjkwMDNlLzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTctZWIwODg1YjkwMDNl
LzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQXdRwhXK
V/uDiRRnjB1n7ni8sp7aQ1h2s+GAv0xxj+8qf2v+Zzww9Ny22QUkZop6ub45CKhp
7t3OJZt2Jrz1pGm2zC63CxtzMKZCnDQ9695oonI48dMUVG2QtpLRMSPhuZx+5emQ
XH/r6wByDzWNjFhdqXcGl7nDyD9MxXyWoJxp1iULEiCNQpooSOCafsB7Dnd7Xef2
OxzfV6znyz02Lbd95Qq0f8dwVQVgCGDBj44b5eRU8dmhVCGoVB9/sELT7BA68+eL
taOSACxLywM0J3l1ULjiH09pJrrmaonR70QG82gXG6/WA/4qkxjK3y1cexaIWsf0
2u3lnt9hC82VcA==
-----END CERTIFICATE-----