Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.mft
File:                     UJw4zD6qNVb6OaIvMNwbpINv6J8.mft (raw, json)
Hash identifier:          IQYbl/2aE+gffuzFBfN/LFxDu4lWxRPcdT/cZMLRZBE=
Subject key identifier:   7D:7B:52:C8:6D:C5:90:1A:CA:A0:E6:9E:3B:0C:CE:DF:2C:37:52:DA
Authority key identifier: 50:9C:38:CC:3E:AA:35:56:FA:39:A2:2F:30:DC:1B:A4:83:6F:E8:9F
Certificate issuer:       /CN=509c38cc3eaa3556fa39a22f30dc1ba4836fe89f
Certificate serial:       0197711A9D6D386626635BFBBC240DE3DD33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJw4zD6qNVb6OaIvMNwbpINv6J8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.mft
Manifest number:          158D
Signing time:             Sun 15 Jun 2025 01:00:58 +0000
Manifest this update:     Sun 15 Jun 2025 01:00:58 +0000
Manifest next update:     Mon 16 Jun 2025 01:00:58 +0000
Files and hashes:         1: UJw4zD6qNVb6OaIvMNwbpINv6J8.crl (hash: uHrvrUBkzJx3MYzJYWHK8xwREDqK0byI2pANsFJcdjw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJw4zD6qNVb6OaIvMNwbpINv6J8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:9d:6d:38:66:26:63:5b:fb:bc:24:0d:e3:dd:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509c38cc3eaa3556fa39a22f30dc1ba4836fe89f
        Validity
            Not Before: Jun 15 01:00:58 2025 GMT
            Not After : Jun 16 01:00:58 2025 GMT
        Subject: CN=7d7b52c86dc5901acaa0e69e3b0ccedf2c3752da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:aa:4e:c7:59:01:45:d0:55:c6:d1:35:22:d1:
                    55:26:1a:93:07:85:36:a2:0d:8f:7b:cd:aa:47:11:
                    ce:0d:e6:d4:b8:05:d0:20:28:e8:12:09:b7:02:fb:
                    f9:dd:6c:52:81:91:b3:e0:77:9e:04:81:ce:90:d1:
                    58:79:fb:04:dd:60:24:36:03:7f:b2:48:17:7e:51:
                    0c:13:82:43:65:fa:7b:f9:37:cb:ee:d5:b3:96:53:
                    78:6a:7c:8d:38:15:4e:29:dc:e2:61:de:92:a2:6c:
                    c6:f4:2f:17:2f:27:ba:b6:95:8a:26:62:ee:f0:13:
                    12:e3:64:83:76:be:30:2c:7d:1f:96:1b:66:ac:6b:
                    aa:28:67:ab:45:aa:aa:21:13:67:c1:a0:92:cb:6c:
                    05:62:60:d0:3e:f1:a3:bc:80:45:37:13:32:76:3f:
                    9e:d8:ea:52:6a:98:5c:ad:86:9d:7c:35:f9:34:70:
                    59:f3:0f:96:64:2c:e4:91:49:1f:fb:3d:5c:18:26:
                    fb:67:83:ef:de:82:67:82:50:94:8a:a7:f9:7d:69:
                    f1:37:e9:ac:d3:e9:b3:27:a1:83:3d:c5:2c:ef:e1:
                    a6:3f:cc:89:67:a1:66:30:45:48:50:db:f4:5b:79:
                    30:30:ff:b8:20:16:b6:e5:d5:da:3f:a4:2b:45:ab:
                    3f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:7B:52:C8:6D:C5:90:1A:CA:A0:E6:9E:3B:0C:CE:DF:2C:37:52:DA
            X509v3 Authority Key Identifier:
                keyid:50:9C:38:CC:3E:AA:35:56:FA:39:A2:2F:30:DC:1B:A4:83:6F:E8:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJw4zD6qNVb6OaIvMNwbpINv6J8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:50:a9:73:67:6f:70:14:21:6f:00:d5:61:e7:e1:b6:01:9b:
         28:4f:93:fe:82:3b:1d:c3:7d:2a:90:e4:58:e6:7a:45:20:6a:
         af:3e:f5:bd:2d:16:db:cd:e5:77:fe:d9:9a:b6:a2:7d:52:53:
         0d:09:f3:7c:09:1f:f2:af:2e:d7:9c:ce:e1:c7:a2:2c:16:ea:
         00:ad:1c:c9:70:7e:35:0c:7c:3c:43:76:f0:08:30:26:f7:b5:
         46:83:ee:d9:8b:ae:3c:eb:33:0f:ef:54:20:fc:e1:3b:c1:49:
         dd:ff:4f:d7:9a:e8:09:92:ca:0b:80:35:a9:f5:fd:db:aa:43:
         e8:49:16:ad:ff:8f:10:ed:2d:d9:51:93:11:27:e6:be:3a:3a:
         f3:39:47:d9:6b:99:d8:8a:7a:e5:13:ad:9b:9d:39:4f:28:f2:
         8e:79:c4:60:e7:49:a9:cc:fb:6f:0e:b3:c4:4f:33:65:33:c3:
         d8:7a:0c:ca:74:1e:ff:a1:dc:b9:dd:3e:87:f9:3f:c9:71:7f:
         58:45:2b:4b:5b:ab:62:c9:a8:0c:22:c1:c6:62:03:ad:ab:6a:
         e4:65:6a:e5:07:80:41:10:45:75:d3:d8:99:ba:2b:90:c1:f5:
         d5:c4:90:29:86:30:8d:27:05:1c:3c:13:24:93:60:51:16:ff:
         57:4b:85:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGp1tOGYmY1v7vCQN490zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWMzOGNjM2VhYTM1NTZmYTM5YTIyZjMwZGMxYmE0ODM2
ZmU4OWYwHhcNMjUwNjE1MDEwMDU4WhcNMjUwNjE2MDEwMDU4WjAzMTEwLwYDVQQD
Eyg3ZDdiNTJjODZkYzU5MDFhY2FhMGU2OWUzYjBjY2VkZjJjMzc1MmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KpOx1kBRdBVxtE1ItFVJhqTB4U2
og2Pe82qRxHODebUuAXQICjoEgm3Avv53WxSgZGz4HeeBIHOkNFYefsE3WAkNgN/
skgXflEME4JDZfp7+TfL7tWzllN4anyNOBVOKdziYd6SomzG9C8XLye6tpWKJmLu
8BMS42SDdr4wLH0flhtmrGuqKGerRaqqIRNnwaCSy2wFYmDQPvGjvIBFNxMydj+e
2OpSaphcrYadfDX5NHBZ8w+WZCzkkUkf+z1cGCb7Z4Pv3oJnglCUiqf5fWnxN+ms
0+mzJ6GDPcUs7+GmP8yJZ6FmMEVIUNv0W3kwMP+4IBa25dXaP6QrRas/awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH17UshtxZAayqDmnjsMzt8sN1LaMB8GA1UdIwQY
MBaAFFCcOMw+qjVW+jmiLzDcG6SDb+ifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUp3NHpENnFOVmI2T2FJdk1Od2JwSU52Nko4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9mYjAwZWMtYmFiZC00MTcyLThkNGQt
MmE2NGY5OWJhZjVmLzEvVUp3NHpENnFOVmI2T2FJdk1Od2JwSU52Nko4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9mYjAwZWMtYmFiZC00MTcyLThkNGQtMmE2NGY5OWJhZjVm
LzEvVUp3NHpENnFOVmI2T2FJdk1Od2JwSU52Nko4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR1Cpc2dv
cBQhbwDVYefhtgGbKE+T/oI7HcN9KpDkWOZ6RSBqrz71vS0W283ld/7ZmraifVJT
DQnzfAkf8q8u15zO4ceiLBbqAK0cyXB+NQx8PEN28AgwJve1RoPu2YuuPOszD+9U
IPzhO8FJ3f9P15roCZLKC4A1qfX926pD6EkWrf+PEO0t2VGTESfmvjo68zlH2WuZ
2Ip65ROtm505TyjyjnnEYOdJqcz7bw6zxE8zZTPD2HoMynQe/6Hcud0+h/k/yXF/
WEUrS1urYsmoDCLBxmIDratq5GVq5QeAQRBFddPYmborkMH11cSQKYYwjScFHDwT
JJNgURb/V0uFbQ==
-----END CERTIFICATE-----