Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.mft
File:                     UJw4zD6qNVb6OaIvMNwbpINv6J8.mft (raw, json)
Hash identifier:          aacW8bmvg49G/fhRstnRzkibx4YvBTCP448ii5orBqI=
Subject key identifier:   88:8E:1B:B3:7A:80:1D:D5:B7:C5:EC:CF:B8:25:D7:99:13:6C:86:48
Authority key identifier: 50:9C:38:CC:3E:AA:35:56:FA:39:A2:2F:30:DC:1B:A4:83:6F:E8:9F
Certificate issuer:       /CN=509c38cc3eaa3556fa39a22f30dc1ba4836fe89f
Certificate serial:       0196741DCB7AC9EC7D5D94235919E983F37C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJw4zD6qNVb6OaIvMNwbpINv6J8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.mft
Manifest number:          150A
Signing time:             Sat 26 Apr 2025 22:00:31 +0000
Manifest this update:     Sat 26 Apr 2025 22:00:31 +0000
Manifest next update:     Sun 27 Apr 2025 22:00:31 +0000
Files and hashes:         1: UJw4zD6qNVb6OaIvMNwbpINv6J8.crl (hash: 2mOUHXvZQbCoRMXEuRdjPuoyi17DvEGC9nf6rFKflDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJw4zD6qNVb6OaIvMNwbpINv6J8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 22:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1d:cb:7a:c9:ec:7d:5d:94:23:59:19:e9:83:f3:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509c38cc3eaa3556fa39a22f30dc1ba4836fe89f
        Validity
            Not Before: Apr 26 22:00:31 2025 GMT
            Not After : Apr 27 22:00:31 2025 GMT
        Subject: CN=888e1bb37a801dd5b7c5eccfb825d799136c8648
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:86:17:28:6b:90:93:fe:48:8e:f7:e5:01:aa:
                    e8:a1:6f:49:7d:6b:04:2e:b4:db:6a:1c:c6:60:de:
                    7c:d6:48:e6:31:04:79:a1:ee:df:c3:ff:b7:17:62:
                    14:cf:37:65:42:f9:a5:ce:cf:e7:d5:25:b2:64:83:
                    62:eb:0d:24:a6:fe:b9:fa:01:81:75:b4:d8:bc:e8:
                    35:ef:a6:e0:4d:9e:8f:b9:94:a2:d0:05:87:dc:7e:
                    b0:a3:fc:e3:6f:01:b7:1a:5a:7c:fa:ce:82:a4:e1:
                    65:d3:5e:9a:6b:b3:d7:a0:17:cf:fb:45:49:5a:50:
                    2d:85:e8:be:cf:f5:de:fd:5f:39:de:3c:32:61:e6:
                    94:f8:6a:f8:eb:e8:ec:30:fc:c5:ef:09:9b:54:12:
                    df:08:dc:78:6b:de:77:4b:ba:90:aa:ec:e6:b2:08:
                    0d:f2:27:06:4c:7c:d7:5f:dc:bc:74:58:45:94:de:
                    75:a8:80:a1:a6:46:7b:cd:6e:31:61:2a:ed:52:e2:
                    11:41:aa:f3:a0:cc:2b:ac:76:e8:23:f1:78:70:37:
                    d6:b4:94:91:29:c6:91:5c:0d:19:4b:f3:6c:ec:a9:
                    cc:bb:0d:ed:40:e8:67:eb:4b:8d:d3:63:75:d5:54:
                    07:0a:5d:1f:1e:68:79:32:71:d9:9f:8b:df:f1:8c:
                    dd:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:8E:1B:B3:7A:80:1D:D5:B7:C5:EC:CF:B8:25:D7:99:13:6C:86:48
            X509v3 Authority Key Identifier:
                keyid:50:9C:38:CC:3E:AA:35:56:FA:39:A2:2F:30:DC:1B:A4:83:6F:E8:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJw4zD6qNVb6OaIvMNwbpINv6J8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/fb00ec-babd-4172-8d4d-2a64f99baf5f/1/UJw4zD6qNVb6OaIvMNwbpINv6J8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:0b:60:d4:d1:ce:bb:f2:2e:da:4f:44:c9:5e:39:62:37:e3:
         5b:5f:19:a7:f9:ea:69:8a:69:36:5f:d3:d0:68:c9:cc:b2:1c:
         c4:97:c4:57:e9:51:34:d0:f6:0c:ea:59:e1:a7:22:fe:26:b4:
         3f:5e:f6:ce:fa:ce:20:d3:52:7e:62:25:b4:1c:c5:3f:ec:ff:
         86:b4:91:b1:c2:10:38:35:5c:8b:e0:72:d6:4b:75:e0:66:1d:
         ab:f4:94:39:67:0c:d8:dc:ff:15:fa:64:82:0b:35:d7:d4:e1:
         a7:80:2f:a2:4b:50:89:e7:72:28:3d:17:82:c1:6a:7d:58:f7:
         97:69:72:67:bb:fd:a7:3c:81:29:7a:91:c5:f5:98:a5:eb:fe:
         21:3c:5a:12:57:0b:34:a7:7e:19:3b:30:a0:ed:b1:dd:11:c4:
         49:e0:07:87:35:ec:64:a3:60:d8:9d:0a:e0:8a:ab:4a:bb:00:
         5c:6b:ba:1c:e6:c9:46:db:19:65:87:15:a8:11:4f:83:0d:2f:
         6f:e5:a1:07:67:f1:f4:f0:8a:f1:3c:48:13:84:f5:de:48:64:
         07:67:f4:7e:5b:66:25:b7:c2:d0:f1:0c:2a:fd:d9:24:ad:20:
         5c:eb:cc:95:03:52:4a:57:16:22:6e:69:74:c4:fc:a0:7f:92:
         d8:67:fd:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0Hct6yex9XZQjWRnpg/N8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWMzOGNjM2VhYTM1NTZmYTM5YTIyZjMwZGMxYmE0ODM2
ZmU4OWYwHhcNMjUwNDI2MjIwMDMxWhcNMjUwNDI3MjIwMDMxWjAzMTEwLwYDVQQD
Eyg4ODhlMWJiMzdhODAxZGQ1YjdjNWVjY2ZiODI1ZDc5OTEzNmM4NjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIYXKGuQk/5IjvflAarooW9JfWsE
LrTbahzGYN581kjmMQR5oe7fw/+3F2IUzzdlQvmlzs/n1SWyZINi6w0kpv65+gGB
dbTYvOg176bgTZ6PuZSi0AWH3H6wo/zjbwG3Glp8+s6CpOFl016aa7PXoBfP+0VJ
WlAthei+z/Xe/V853jwyYeaU+Gr46+jsMPzF7wmbVBLfCNx4a953S7qQquzmsggN
8icGTHzXX9y8dFhFlN51qIChpkZ7zW4xYSrtUuIRQarzoMwrrHboI/F4cDfWtJSR
KcaRXA0ZS/Ns7KnMuw3tQOhn60uN02N11VQHCl0fHmh5MnHZn4vf8YzdmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIiOG7N6gB3Vt8Xsz7gl15kTbIZIMB8GA1UdIwQY
MBaAFFCcOMw+qjVW+jmiLzDcG6SDb+ifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUp3NHpENnFOVmI2T2FJdk1Od2JwSU52Nko4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9mYjAwZWMtYmFiZC00MTcyLThkNGQt
MmE2NGY5OWJhZjVmLzEvVUp3NHpENnFOVmI2T2FJdk1Od2JwSU52Nko4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9mYjAwZWMtYmFiZC00MTcyLThkNGQtMmE2NGY5OWJhZjVm
LzEvVUp3NHpENnFOVmI2T2FJdk1Od2JwSU52Nko4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsAtg1NHO
u/Iu2k9EyV45YjfjW18Zp/nqaYppNl/T0GjJzLIcxJfEV+lRNND2DOpZ4aci/ia0
P172zvrOINNSfmIltBzFP+z/hrSRscIQODVci+By1kt14GYdq/SUOWcM2Nz/Ffpk
ggs119Thp4AvoktQiedyKD0XgsFqfVj3l2lyZ7v9pzyBKXqRxfWYpev+ITxaElcL
NKd+GTswoO2x3RHESeAHhzXsZKNg2J0K4IqrSrsAXGu6HObJRtsZZYcVqBFPgw0v
b+WhB2fx9PCK8TxIE4T13khkB2f0fltmJbfC0PEMKv3ZJK0gXOvMlQNSSlcWIm5p
dMT8oH+S2Gf99g==
-----END CERTIFICATE-----