Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft
File:                     Unzgu6rDVu3srWci8qhvjgZJCY4.mft (raw, json)
Hash identifier:          NJUwKJYyKURhiBp6Vkti51/xmBlQKelMrHd6kpjKZos=
Subject key identifier:   78:83:53:F7:BB:31:D3:BF:71:D2:AA:19:91:59:2D:82:D7:BC:4D:3D
Authority key identifier: 52:7C:E0:BB:AA:C3:56:ED:EC:AD:67:22:F2:A8:6F:8E:06:49:09:8E
Certificate issuer:       /CN=527ce0bbaac356edecad6722f2a86f8e0649098e
Certificate serial:       01967A8DA0D599C93CD5A1CDE63B0296FAC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Unzgu6rDVu3srWci8qhvjgZJCY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft
Manifest number:          14A1
Signing time:             Mon 28 Apr 2025 04:00:24 +0000
Manifest this update:     Mon 28 Apr 2025 04:00:24 +0000
Manifest next update:     Tue 29 Apr 2025 04:00:24 +0000
Files and hashes:         1: Unzgu6rDVu3srWci8qhvjgZJCY4.crl (hash: HqjNrEMTplnDLrboCflvtJpmb1cEjZbJOFb8U10zmO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Unzgu6rDVu3srWci8qhvjgZJCY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 04:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:8d:a0:d5:99:c9:3c:d5:a1:cd:e6:3b:02:96:fa:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=527ce0bbaac356edecad6722f2a86f8e0649098e
        Validity
            Not Before: Apr 28 04:00:24 2025 GMT
            Not After : Apr 29 04:00:24 2025 GMT
        Subject: CN=788353f7bb31d3bf71d2aa1991592d82d7bc4d3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c4:d9:16:36:5a:c9:bf:e5:0d:54:86:ca:e9:
                    26:79:a8:ae:4c:2c:7a:48:03:72:1e:75:42:de:bc:
                    0c:a2:09:e9:3b:72:22:86:cc:80:d2:7e:68:f7:93:
                    ec:c6:72:9b:b0:7e:c1:37:ca:86:bb:c8:79:cb:8f:
                    95:ac:eb:70:5b:1e:75:ce:b0:c5:c4:45:f3:43:dc:
                    44:ac:b3:c1:ab:b2:52:1f:e0:fc:5f:6c:2d:03:27:
                    59:db:03:41:c2:41:2c:a1:7e:30:86:2e:50:ab:e9:
                    8b:32:92:4f:ec:fc:53:d1:bf:45:bb:b9:45:9f:67:
                    6e:cd:de:1b:f1:05:1e:b7:98:cb:7c:34:6b:07:fe:
                    52:33:fe:ab:82:d3:68:6d:a5:48:01:41:6b:b7:07:
                    39:ee:ff:25:ac:ea:0e:65:4f:b6:1e:69:74:8c:2e:
                    ef:9c:b8:69:6b:66:75:21:24:d9:d2:6b:a7:3c:df:
                    5b:46:9e:db:1a:5b:c6:15:2b:d8:5a:f5:a4:da:cd:
                    2b:b1:44:28:fe:b6:31:84:98:e9:d3:c5:3c:9c:46:
                    68:da:82:c2:c4:e9:ba:31:64:ff:0a:49:02:18:7b:
                    cf:c2:62:f8:f9:81:a8:47:08:fa:7e:f6:17:2e:4d:
                    e1:dc:59:17:00:8e:4e:1d:bf:33:60:91:af:4e:bf:
                    eb:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:83:53:F7:BB:31:D3:BF:71:D2:AA:19:91:59:2D:82:D7:BC:4D:3D
            X509v3 Authority Key Identifier:
                keyid:52:7C:E0:BB:AA:C3:56:ED:EC:AD:67:22:F2:A8:6F:8E:06:49:09:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Unzgu6rDVu3srWci8qhvjgZJCY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:af:26:c2:a9:66:a1:ba:6f:72:a6:df:38:d5:38:78:d6:54:
         97:13:6b:ce:02:59:3f:48:4a:b4:92:31:41:dc:f0:97:ac:b0:
         ee:1d:4d:78:34:c7:4b:b9:6c:cc:3b:5c:b0:37:53:20:55:ac:
         43:86:56:9b:37:eb:11:ad:af:e5:60:be:4f:4b:d8:1a:ad:4f:
         4b:66:f4:ec:27:4a:52:f3:a0:63:1d:1f:a0:27:41:28:a8:14:
         6e:83:01:ac:80:dd:79:05:42:f1:20:1d:b8:79:7f:a6:b5:4e:
         d2:e9:b5:b9:b4:1b:7f:51:2e:e4:ee:50:c6:8f:b0:35:19:82:
         85:9a:71:e8:1c:3d:43:7a:f1:9b:be:43:3e:4b:62:27:9e:8e:
         4c:10:99:ed:a7:1c:de:2a:3b:1f:49:17:1c:6c:5e:56:9c:fd:
         e0:9f:ed:a4:ab:6b:9a:a4:63:98:6e:6b:91:7b:2b:7d:88:90:
         10:9a:2c:4c:bf:ce:92:b2:99:b8:94:77:a9:d2:a7:05:78:98:
         39:26:7d:1e:c8:8e:61:09:ba:7d:66:b7:0f:46:02:ea:57:bc:
         39:33:91:e6:b0:34:d2:72:09:8b:32:d4:ae:c3:16:62:cd:f1:
         16:40:18:32:40:9e:cd:d2:04:15:a7:d4:a2:04:bb:c1:ef:9c:
         e0:25:e7:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6jaDVmck81aHN5jsClvrEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyN2NlMGJiYWFjMzU2ZWRlY2FkNjcyMmYyYTg2ZjhlMDY0
OTA5OGUwHhcNMjUwNDI4MDQwMDI0WhcNMjUwNDI5MDQwMDI0WjAzMTEwLwYDVQQD
Eyg3ODgzNTNmN2JiMzFkM2JmNzFkMmFhMTk5MTU5MmQ4MmQ3YmM0ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8TZFjZayb/lDVSGyukmeaiuTCx6
SANyHnVC3rwMognpO3IihsyA0n5o95PsxnKbsH7BN8qGu8h5y4+VrOtwWx51zrDF
xEXzQ9xErLPBq7JSH+D8X2wtAydZ2wNBwkEsoX4whi5Qq+mLMpJP7PxT0b9Fu7lF
n2duzd4b8QUet5jLfDRrB/5SM/6rgtNobaVIAUFrtwc57v8lrOoOZU+2Hml0jC7v
nLhpa2Z1ISTZ0munPN9bRp7bGlvGFSvYWvWk2s0rsUQo/rYxhJjp08U8nEZo2oLC
xOm6MWT/CkkCGHvPwmL4+YGoRwj6fvYXLk3h3FkXAI5OHb8zYJGvTr/rLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiDU/e7MdO/cdKqGZFZLYLXvE09MB8GA1UdIwQY
MBaAFFJ84Luqw1bt7K1nIvKob44GSQmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW56Z3U2ckRWdTNzcldjaThxaHZqZ1pKQ1k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85MWRhOGYtY2IwOC00OWMwLTgzMDkt
OGEyYjdmOTU2OTI0LzEvVW56Z3U2ckRWdTNzcldjaThxaHZqZ1pKQ1k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85MWRhOGYtY2IwOC00OWMwLTgzMDktOGEyYjdmOTU2OTI0
LzEvVW56Z3U2ckRWdTNzcldjaThxaHZqZ1pKQ1k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj68mwqlm
obpvcqbfONU4eNZUlxNrzgJZP0hKtJIxQdzwl6yw7h1NeDTHS7lszDtcsDdTIFWs
Q4ZWmzfrEa2v5WC+T0vYGq1PS2b07CdKUvOgYx0foCdBKKgUboMBrIDdeQVC8SAd
uHl/prVO0um1ubQbf1Eu5O5Qxo+wNRmChZpx6Bw9Q3rxm75DPktiJ56OTBCZ7acc
3io7H0kXHGxeVpz94J/tpKtrmqRjmG5rkXsrfYiQEJosTL/OkrKZuJR3qdKnBXiY
OSZ9HsiOYQm6fWa3D0YC6le8OTOR5rA00nIJizLUrsMWYs3xFkAYMkCezdIEFafU
ogS7we+c4CXn/g==
-----END CERTIFICATE-----