Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.mft
File:                     U-r4Oizdyf0L4onM-vMrMjMEz04.mft (raw, json)
Hash identifier:          O0Xl7L5uVCSB79tgrqCYjOJfzPyrmuvN4XwpeKwT5J4=
Subject key identifier:   59:F1:03:05:30:27:DE:56:68:EB:BA:B1:29:05:1B:17:84:71:18:D8
Authority key identifier: 53:EA:F8:3A:2C:DD:C9:FD:0B:E2:89:CC:FA:F3:2B:32:33:04:CF:4E
Certificate issuer:       /CN=53eaf83a2cddc9fd0be289ccfaf32b323304cf4e
Certificate serial:       019674C26D33295A38BD8956ABCD017FFA67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U-r4Oizdyf0L4onM-vMrMjMEz04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.mft
Manifest number:          0BDC
Signing time:             Sun 27 Apr 2025 01:00:20 +0000
Manifest this update:     Sun 27 Apr 2025 01:00:20 +0000
Manifest next update:     Mon 28 Apr 2025 01:00:20 +0000
Files and hashes:         1: U-r4Oizdyf0L4onM-vMrMjMEz04.crl (hash: E7O9pFA2XoXs0Swr+TiwT+8UGhLsqvRq2FH91Sl4wMg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U-r4Oizdyf0L4onM-vMrMjMEz04.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 01:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:c2:6d:33:29:5a:38:bd:89:56:ab:cd:01:7f:fa:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53eaf83a2cddc9fd0be289ccfaf32b323304cf4e
        Validity
            Not Before: Apr 27 01:00:20 2025 GMT
            Not After : Apr 28 01:00:20 2025 GMT
        Subject: CN=59f103053027de5668ebbab129051b17847118d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:14:86:23:df:22:1f:6a:0e:85:85:8b:ec:bc:
                    3e:18:74:af:60:b6:fb:2a:d1:8e:fa:e8:88:99:b8:
                    9b:57:f6:62:88:af:a9:d6:25:c7:d1:0e:1c:7b:c9:
                    a7:6f:97:ce:31:21:5b:50:1f:d8:d5:94:28:c7:5c:
                    23:de:1a:99:f3:25:68:c5:9c:73:50:cb:75:40:d1:
                    9c:8a:98:dc:89:47:5f:35:0d:78:0d:b1:38:e9:08:
                    5e:57:4e:c3:f4:10:dc:db:37:78:3e:46:a8:ec:09:
                    97:77:bd:cd:b6:a9:cd:73:3b:f3:aa:79:f9:5c:4c:
                    5c:17:a6:89:89:fc:44:3d:03:71:11:9e:c8:c0:92:
                    6c:b0:73:42:65:e2:62:d9:1c:4d:19:30:d8:c6:69:
                    6f:76:e7:1f:2f:0e:a6:a7:ad:51:0d:4b:e9:22:58:
                    b3:b3:00:45:2a:10:93:ca:2d:df:ac:39:93:bb:55:
                    f0:b1:43:b6:34:3d:e6:94:10:f4:0e:bf:7c:a5:b2:
                    1f:24:6a:ff:bb:62:dc:9d:85:aa:bd:eb:1d:59:6f:
                    aa:73:52:83:bc:fd:af:83:99:fe:95:a1:cf:18:58:
                    ae:9c:9d:f8:70:fe:2e:d6:4a:71:60:26:e7:d3:52:
                    6f:d6:ea:c1:65:ed:64:9b:98:61:d1:1e:7e:0b:1d:
                    b4:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:F1:03:05:30:27:DE:56:68:EB:BA:B1:29:05:1B:17:84:71:18:D8
            X509v3 Authority Key Identifier:
                keyid:53:EA:F8:3A:2C:DD:C9:FD:0B:E2:89:CC:FA:F3:2B:32:33:04:CF:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-r4Oizdyf0L4onM-vMrMjMEz04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:e2:ba:ac:2b:e6:7a:d5:db:39:c5:a0:bf:5e:51:46:35:27:
         45:bb:46:65:dd:b2:53:d5:ff:76:ea:b1:4a:1b:76:9d:4c:c5:
         2b:82:70:1a:e1:72:dd:0b:90:35:a1:55:ba:25:87:44:ad:de:
         e3:05:ad:d9:4c:c5:59:34:8f:14:65:0d:4e:19:73:3e:e6:2e:
         ae:7f:72:38:26:2f:4c:b5:64:79:3e:1e:93:59:b6:6c:f3:94:
         fa:dd:43:ba:11:70:44:83:2d:b6:68:b9:78:dd:88:cb:0e:0b:
         cc:eb:2d:20:ac:5b:73:65:41:a5:71:a3:1e:50:92:d7:44:a1:
         9c:1e:d1:07:88:8e:12:4b:be:b4:77:15:c2:30:9c:47:a3:14:
         69:36:95:c6:d2:23:49:27:04:ed:1c:d3:92:a8:05:5d:2a:01:
         56:91:68:fd:6f:b8:b6:d4:f5:f0:73:77:4a:f7:55:5a:22:24:
         8b:83:6f:96:92:be:84:cd:ca:70:8c:13:74:bd:91:fe:4c:94:
         9f:c0:c6:f9:5c:d7:57:3a:75:3a:1b:70:28:ba:92:14:ce:4d:
         da:bb:23:15:02:c1:2a:de:63:8b:4c:84:e3:24:9e:a1:81:a0:
         d3:db:db:47:95:9a:55:d1:5e:29:9c:45:e4:a6:c7:86:36:9b:
         76:53:76:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0wm0zKVo4vYlWq80Bf/pnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZWFmODNhMmNkZGM5ZmQwYmUyODljY2ZhZjMyYjMyMzMw
NGNmNGUwHhcNMjUwNDI3MDEwMDIwWhcNMjUwNDI4MDEwMDIwWjAzMTEwLwYDVQQD
Eyg1OWYxMDMwNTMwMjdkZTU2NjhlYmJhYjEyOTA1MWIxNzg0NzExOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxSGI98iH2oOhYWL7Lw+GHSvYLb7
KtGO+uiImbibV/ZiiK+p1iXH0Q4ce8mnb5fOMSFbUB/Y1ZQox1wj3hqZ8yVoxZxz
UMt1QNGcipjciUdfNQ14DbE46QheV07D9BDc2zd4Pkao7AmXd73NtqnNczvzqnn5
XExcF6aJifxEPQNxEZ7IwJJssHNCZeJi2RxNGTDYxmlvducfLw6mp61RDUvpIliz
swBFKhCTyi3frDmTu1XwsUO2ND3mlBD0Dr98pbIfJGr/u2LcnYWqvesdWW+qc1KD
vP2vg5n+laHPGFiunJ34cP4u1kpxYCbn01Jv1urBZe1km5hh0R5+Cx202wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnxAwUwJ95WaOu6sSkFGxeEcRjYMB8GA1UdIwQY
MBaAFFPq+Dos3cn9C+KJzPrzKzIzBM9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1yNE9pemR5ZjBMNG9uTS12TXJNak1FejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yYzMwMzgtOWM0NS00M2U4LWI2OWYt
Yjg0Y2ZmMTg4ZjU1LzEvVS1yNE9pemR5ZjBMNG9uTS12TXJNak1FejA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yYzMwMzgtOWM0NS00M2U4LWI2OWYtYjg0Y2ZmMTg4ZjU1
LzEvVS1yNE9pemR5ZjBMNG9uTS12TXJNak1FejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAReK6rCvm
etXbOcWgv15RRjUnRbtGZd2yU9X/duqxSht2nUzFK4JwGuFy3QuQNaFVuiWHRK3e
4wWt2UzFWTSPFGUNThlzPuYurn9yOCYvTLVkeT4ek1m2bPOU+t1DuhFwRIMttmi5
eN2Iyw4LzOstIKxbc2VBpXGjHlCS10ShnB7RB4iOEku+tHcVwjCcR6MUaTaVxtIj
SScE7RzTkqgFXSoBVpFo/W+4ttT18HN3SvdVWiIki4NvlpK+hM3KcIwTdL2R/kyU
n8DG+VzXVzp1OhtwKLqSFM5N2rsjFQLBKt5ji0yE4ySeoYGg09vbR5WaVdFeKZxF
5KbHhjabdlN2yg==
-----END CERTIFICATE-----