Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
File:                     UDCmlphoVt51uCLWrpX-ATE4IK8.mft (raw, json)
Hash identifier:          9MZNCo3zVgK3MFfbAeRqTAlc0IYFu/fMWpHW8K48NXM=
Subject key identifier:   01:21:24:66:2B:99:72:77:13:96:66:6B:7D:33:89:5B:D2:2A:90:CF
Authority key identifier: 50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF
Certificate issuer:       /CN=5030a696986856de75b822d6ae95fe01313820af
Certificate serial:       01968AA5DA59BC3FCB916CBCC43429FB544D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
Manifest number:          0F12
Signing time:             Thu 01 May 2025 07:00:47 +0000
Manifest this update:     Thu 01 May 2025 07:00:47 +0000
Manifest next update:     Fri 02 May 2025 07:00:47 +0000
Files and hashes:         1: UDCmlphoVt51uCLWrpX-ATE4IK8.crl (hash: 5dFyl1W9imeOhlvU3RcXSLQfaKPyzAawJBEAyjP258A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8a:a5:da:59:bc:3f:cb:91:6c:bc:c4:34:29:fb:54:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5030a696986856de75b822d6ae95fe01313820af
        Validity
            Not Before: May  1 07:00:47 2025 GMT
            Not After : May  2 07:00:47 2025 GMT
        Subject: CN=012124662b9972771396666b7d33895bd22a90cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:00:69:8b:36:e6:b1:51:98:36:fe:91:a5:c6:
                    88:97:61:88:67:e9:4a:79:18:fa:28:5b:50:8f:d0:
                    da:47:cb:2f:8a:08:2a:0b:44:2c:98:39:77:2a:65:
                    7a:08:a2:6c:09:4b:43:3b:18:90:df:b9:d9:b8:54:
                    f6:a0:a5:36:72:ce:22:e7:be:9e:88:26:49:de:c9:
                    5e:8c:f3:fc:a4:fa:b9:c9:1c:d4:32:9a:c3:84:c5:
                    65:54:ab:0c:e2:50:95:96:45:03:04:89:9e:15:4f:
                    24:4d:8c:3e:02:d3:0b:ed:38:83:b3:cf:69:d3:29:
                    f8:ef:a7:7d:16:05:2a:ce:20:bf:92:0e:44:a7:64:
                    12:c0:b1:41:49:b5:0d:ba:b7:35:76:d1:fe:fc:90:
                    f4:14:ca:f6:c8:34:a4:bc:d3:b8:ad:71:f9:4d:1f:
                    4b:7a:fd:41:23:45:8c:be:bf:9a:6d:24:0e:30:e0:
                    ab:43:fa:65:dc:62:c3:7a:ef:0a:a5:ce:cb:85:55:
                    0b:2e:f7:fb:63:c5:45:7d:c3:bf:6b:43:96:bc:70:
                    1b:42:83:c7:e7:4a:55:35:45:0d:b9:f9:df:6d:6d:
                    fa:19:c4:32:65:2a:cc:b6:c7:8f:fb:7d:11:22:74:
                    e4:69:9a:05:92:c0:e9:78:7f:36:05:69:ed:e4:a3:
                    c4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:21:24:66:2B:99:72:77:13:96:66:6B:7D:33:89:5B:D2:2A:90:CF
            X509v3 Authority Key Identifier:
                keyid:50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:04:63:fa:04:69:4d:50:92:a0:9c:5d:1e:fa:74:2f:6d:85:
         99:6b:15:45:7c:50:bc:b2:a6:b5:de:77:30:b7:63:9d:d6:3c:
         73:17:aa:2f:c8:c3:6f:a1:b8:2a:36:1e:f3:bc:95:a8:33:40:
         3c:a2:16:12:3e:b1:66:0f:95:7e:b5:b1:7f:82:d0:f9:1c:72:
         d7:6a:52:83:36:4e:d3:1e:4d:7e:b1:bb:b0:10:e5:2d:fd:7b:
         8d:66:2c:5f:79:99:aa:f9:56:23:51:37:c6:01:6b:35:3a:cc:
         b6:f9:f9:93:06:8e:a7:b0:f1:fe:3e:7c:db:ef:b8:73:72:15:
         f9:68:d9:a6:51:b6:a4:47:64:bc:b0:4f:49:52:b1:6e:c6:53:
         fd:7c:53:76:6c:d9:9e:43:69:6e:9e:d3:4b:1f:00:36:41:05:
         c5:24:4f:5d:65:ef:be:26:30:53:76:49:74:39:c8:e4:7a:be:
         a1:da:8a:30:88:f5:12:b2:03:0d:22:16:95:a9:1d:cf:51:c4:
         8e:28:45:b0:44:25:35:56:d7:5f:5b:6d:e2:fa:4d:eb:b2:e5:
         0e:df:7f:e5:52:4f:57:fe:d3:5a:2a:31:26:fa:e4:7c:47:5d:
         9e:78:25:a5:44:2a:f9:f7:1d:86:cc:69:c7:c1:92:57:b7:b6:
         1d:3f:7b:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKpdpZvD/LkWy8xDQp+1RNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMzBhNjk2OTg2ODU2ZGU3NWI4MjJkNmFlOTVmZTAxMzEz
ODIwYWYwHhcNMjUwNTAxMDcwMDQ3WhcNMjUwNTAyMDcwMDQ3WjAzMTEwLwYDVQQD
EygwMTIxMjQ2NjJiOTk3Mjc3MTM5NjY2NmI3ZDMzODk1YmQyMmE5MGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgBpizbmsVGYNv6RpcaIl2GIZ+lK
eRj6KFtQj9DaR8sviggqC0QsmDl3KmV6CKJsCUtDOxiQ37nZuFT2oKU2cs4i576e
iCZJ3slejPP8pPq5yRzUMprDhMVlVKsM4lCVlkUDBImeFU8kTYw+AtML7TiDs89p
0yn476d9FgUqziC/kg5Ep2QSwLFBSbUNurc1dtH+/JD0FMr2yDSkvNO4rXH5TR9L
ev1BI0WMvr+abSQOMOCrQ/pl3GLDeu8Kpc7LhVULLvf7Y8VFfcO/a0OWvHAbQoPH
50pVNUUNufnfbW36GcQyZSrMtseP+30RInTkaZoFksDpeH82BWnt5KPEGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAEhJGYrmXJ3E5Zma30ziVvSKpDPMB8GA1UdIwQY
MBaAFFAwppaYaFbedbgi1q6V/gExOCCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUt
ZTUyNTI1ZGIxMmRiLzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUtZTUyNTI1ZGIxMmRi
LzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfgRj+gRp
TVCSoJxdHvp0L22FmWsVRXxQvLKmtd53MLdjndY8cxeqL8jDb6G4KjYe87yVqDNA
PKIWEj6xZg+VfrWxf4LQ+Rxy12pSgzZO0x5NfrG7sBDlLf17jWYsX3mZqvlWI1E3
xgFrNTrMtvn5kwaOp7Dx/j582++4c3IV+WjZplG2pEdkvLBPSVKxbsZT/XxTdmzZ
nkNpbp7TSx8ANkEFxSRPXWXvviYwU3ZJdDnI5Hq+odqKMIj1ErIDDSIWlakdz1HE
jihFsEQlNVbXX1tt4vpN67LlDt9/5VJPV/7TWioxJvrkfEddnnglpUQq+fcdhsxp
x8GSV7e2HT97Kg==
-----END CERTIFICATE-----