Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          kjanQJHs242eGm0arx9pQljGI8+1kUcnOE1PXpashGI=
Subject key identifier:   10:EB:03:BF:7C:0F:6D:5A:2E:AF:A3:71:23:52:37:45:F1:22:3E:10
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       019688808FFDE003874283A67F91D3BC327F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          0245
Signing time:             Wed 30 Apr 2025 21:00:48 +0000
Manifest this update:     Wed 30 Apr 2025 21:00:48 +0000
Manifest next update:     Thu 01 May 2025 21:00:48 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: zJPljuoDpodQOkgJI6AY66kf8Mz7RiCsIESDeawCyEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:88:80:8f:fd:e0:03:87:42:83:a6:7f:91:d3:bc:32:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Apr 30 21:00:48 2025 GMT
            Not After : May  1 21:00:48 2025 GMT
        Subject: CN=10eb03bf7c0f6d5a2eafa37123523745f1223e10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f9:c3:5d:0b:c4:8e:e7:1a:a1:cf:90:06:25:
                    57:ae:f4:42:90:ab:fe:a4:31:06:d6:c1:d0:8a:f9:
                    d1:c1:e5:17:40:61:b9:d5:eb:cd:f3:55:e5:94:51:
                    ce:45:c0:48:3f:5f:8b:55:1e:6b:95:2a:38:3a:bc:
                    27:e1:c9:8a:45:3b:ec:40:ec:a9:29:90:7c:1a:32:
                    3c:dc:fd:bb:23:1c:7e:13:38:c0:c4:1f:1c:f2:cf:
                    09:a0:b7:2b:71:c4:a4:57:65:10:38:31:dd:d1:7d:
                    31:64:6b:3a:df:85:7c:1f:24:2c:fc:bd:fa:ca:26:
                    69:37:33:b6:e9:cb:fe:72:91:32:df:c4:c1:52:12:
                    3b:b1:c5:09:5f:e9:99:49:3a:08:9a:7d:29:19:e5:
                    b2:42:e3:6e:2f:2e:10:1c:f5:10:ea:d5:a5:88:85:
                    f3:7a:cf:bf:18:16:5c:1e:f3:6a:5e:a9:fa:73:32:
                    2e:8f:18:f2:1e:2e:cd:b1:86:30:99:bd:ab:48:1a:
                    07:77:88:b6:ec:bd:9b:4b:c7:d0:d3:ca:f4:be:c1:
                    d8:30:7c:a7:36:fc:be:3f:fa:2b:c8:45:cb:40:d6:
                    3f:90:14:bf:a2:08:14:cc:b8:35:7d:a2:ac:fe:4b:
                    0a:34:a0:21:75:f8:dd:04:2e:bf:d8:8b:41:cc:56:
                    49:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:EB:03:BF:7C:0F:6D:5A:2E:AF:A3:71:23:52:37:45:F1:22:3E:10
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:0f:e7:50:5c:73:01:15:df:e3:64:91:bf:3d:c2:48:72:81:
         8f:bd:7b:9e:24:64:b9:0c:fe:1c:1e:5f:d1:0c:d2:94:70:c9:
         5c:9d:6c:e5:d7:05:69:d3:68:e6:62:fb:1b:90:a1:4f:5f:77:
         78:e4:44:f4:5b:b2:65:e9:78:93:a7:40:ba:99:c2:12:91:40:
         d3:e3:41:d9:62:d0:9c:e7:85:15:5b:72:66:ab:a7:3a:29:fa:
         a8:49:31:69:99:bf:5b:bc:fb:27:d1:62:39:d1:b1:5e:a7:60:
         8f:1d:a2:fa:f3:50:df:78:89:74:7f:53:d2:61:e0:2a:48:06:
         61:c4:a5:12:6b:9a:12:d0:7d:40:c9:a4:aa:4d:a0:4f:ba:fe:
         bb:4d:3c:ff:25:af:56:60:23:33:1a:76:25:12:76:d3:bf:19:
         38:52:98:cd:84:64:99:24:01:a5:bc:54:a2:b6:4f:00:d6:8b:
         8a:23:eb:46:20:99:57:01:00:d8:3f:9b:4f:28:8e:6f:83:1d:
         ae:13:f9:8f:6b:f9:fc:0f:c3:b5:f9:f5:c8:b2:31:e8:7f:85:
         16:47:5f:d4:2a:3e:1d:3c:43:32:08:1b:a4:41:82:7e:50:d9:
         8d:63:a4:6e:04:98:4a:e5:3b:89:f4:6c:cd:a0:42:55:51:5c:
         b3:d0:4e:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaIgI/94AOHQoOmf5HTvDJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjUwNDMwMjEwMDQ4WhcNMjUwNTAxMjEwMDQ4WjAzMTEwLwYDVQQD
EygxMGViMDNiZjdjMGY2ZDVhMmVhZmEzNzEyMzUyMzc0NWYxMjIzZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvnDXQvEjucaoc+QBiVXrvRCkKv+
pDEG1sHQivnRweUXQGG51evN81XllFHORcBIP1+LVR5rlSo4Orwn4cmKRTvsQOyp
KZB8GjI83P27Ixx+EzjAxB8c8s8JoLcrccSkV2UQODHd0X0xZGs634V8HyQs/L36
yiZpNzO26cv+cpEy38TBUhI7scUJX+mZSToImn0pGeWyQuNuLy4QHPUQ6tWliIXz
es+/GBZcHvNqXqn6czIujxjyHi7NsYYwmb2rSBoHd4i27L2bS8fQ08r0vsHYMHyn
Nvy+P/oryEXLQNY/kBS/oggUzLg1faKs/ksKNKAhdfjdBC6/2ItBzFZJgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDrA798D21aLq+jcSNSN0XxIj4QMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvg/nUFxz
ARXf42SRvz3CSHKBj717niRkuQz+HB5f0QzSlHDJXJ1s5dcFadNo5mL7G5ChT193
eORE9FuyZel4k6dAupnCEpFA0+NB2WLQnOeFFVtyZqunOin6qEkxaZm/W7z7J9Fi
OdGxXqdgjx2i+vNQ33iJdH9T0mHgKkgGYcSlEmuaEtB9QMmkqk2gT7r+u008/yWv
VmAjMxp2JRJ2078ZOFKYzYRkmSQBpbxUorZPANaLiiPrRiCZVwEA2D+bTyiOb4Md
rhP5j2v5/A/Dtfn1yLIx6H+FFkdf1Co+HTxDMggbpEGCflDZjWOkbgSYSuU7ifRs
zaBCVVFcs9BOOQ==
-----END CERTIFICATE-----