Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
File:                     UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft (raw, json)
Hash identifier:          ZSUUsMyd0lNlquZKQD5UQ1PzrGBy0uqdINNBQ5bajWE=
Subject key identifier:   BE:5C:A6:4C:B0:27:41:02:D5:2D:81:17:CE:63:08:03:22:6E:5C:69
Authority key identifier: 52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D
Certificate issuer:       /CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
Certificate serial:       019775D2A49F853F0670642D791BA4FA45C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
Manifest number:          14F1
Signing time:             Sun 15 Jun 2025 23:00:28 +0000
Manifest this update:     Sun 15 Jun 2025 23:00:28 +0000
Manifest next update:     Mon 16 Jun 2025 23:00:28 +0000
Files and hashes:         1: UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl (hash: QK8sgEELENUULGcPU1+uC/QnAyXmKzybUZRgp1fsNHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 20:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:75:d2:a4:9f:85:3f:06:70:64:2d:79:1b:a4:fa:45:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
        Validity
            Not Before: Jun 15 23:00:28 2025 GMT
            Not After : Jun 16 23:00:28 2025 GMT
        Subject: CN=be5ca64cb0274102d52d8117ce630803226e5c69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:87:c3:ad:a6:14:0b:90:9b:36:40:8e:43:4b:
                    40:50:60:ef:ab:f7:a3:a4:13:a9:42:5f:13:07:e1:
                    1e:20:82:81:32:5c:cb:95:03:81:70:5c:30:38:6d:
                    6a:14:10:9a:07:6a:d3:e5:e1:1a:96:c5:86:7b:34:
                    57:8c:72:9f:13:68:9d:db:bb:82:cc:88:5d:26:c5:
                    e6:4a:13:e1:e2:18:36:47:c4:d8:da:76:08:49:63:
                    1b:3e:30:d1:5b:52:76:8a:19:74:ab:1e:25:af:d4:
                    8e:f7:7b:a8:09:3c:32:db:30:85:9f:a3:35:ed:2a:
                    74:6a:60:5b:ad:b1:e8:a2:fd:f1:c1:26:4e:90:07:
                    27:6d:55:61:21:8e:59:20:b3:60:9c:08:5a:68:43:
                    47:ad:56:93:c0:fe:3b:fc:79:a1:e6:e1:c0:1b:02:
                    d6:88:11:04:51:3f:ab:ad:d9:a7:a6:22:1e:8d:1c:
                    9e:ca:43:3f:49:0c:a2:81:a7:cd:49:71:68:be:d6:
                    c1:0d:eb:9d:b7:ff:8c:2a:f0:03:08:d1:93:78:81:
                    32:18:d4:60:28:c1:37:dc:98:15:99:cf:9b:68:d7:
                    79:d1:c9:74:65:a7:04:19:85:bb:f0:7f:40:6f:23:
                    47:55:c9:64:9c:0e:d1:96:da:aa:35:0f:7d:bf:e1:
                    3c:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:5C:A6:4C:B0:27:41:02:D5:2D:81:17:CE:63:08:03:22:6E:5C:69
            X509v3 Authority Key Identifier:
                keyid:52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:44:7b:03:bb:8b:32:0c:19:10:59:3f:9d:0d:cd:74:f2:a9:
         d6:74:cf:49:72:06:85:f4:12:93:a1:60:50:4b:5f:0a:78:08:
         10:f7:37:70:b5:6b:ea:25:36:ab:96:a6:1f:67:e5:07:f7:4a:
         04:a7:d4:8c:d0:72:74:4c:66:54:92:ec:00:25:c8:fa:c6:10:
         ce:87:c2:c5:9c:f0:09:0c:5c:46:1a:3b:d3:4c:17:db:5c:e2:
         b4:f5:f9:75:3c:4c:06:91:63:26:c5:d7:3d:19:d1:dc:19:84:
         01:0c:88:07:9a:97:8f:38:4b:53:99:dd:1c:12:80:f4:7e:e8:
         4c:c6:34:11:b3:4c:31:bd:48:64:85:3c:55:f5:3e:83:9f:92:
         9a:ce:b9:7a:9c:cf:89:55:66:d9:eb:44:1f:55:11:61:67:f0:
         99:f4:c6:bd:b7:f0:0f:dc:bc:ad:40:18:5d:52:e6:cd:d4:60:
         eb:75:b2:30:63:d7:98:47:54:a3:ac:aa:e9:c9:d2:3a:6a:fb:
         93:c7:ca:07:ad:6f:07:36:61:4d:a6:cc:11:3f:f1:9c:34:ed:
         54:ef:3a:11:cf:78:af:48:c3:0c:d6:fa:88:50:ed:c4:73:09:
         38:c6:65:99:db:d8:8a:fc:54:e6:b8:3f:71:ba:9e:bf:a9:18:
         f3:88:e5:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd10qSfhT8GcGQteRuk+kXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjJkM2YyN2NjMDViZTU5MjRiYjdiZDg5MGY3ZTZkZWZm
YjQ5N2QwHhcNMjUwNjE1MjMwMDI4WhcNMjUwNjE2MjMwMDI4WjAzMTEwLwYDVQQD
EyhiZTVjYTY0Y2IwMjc0MTAyZDUyZDgxMTdjZTYzMDgwMzIyNmU1YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4fDraYUC5CbNkCOQ0tAUGDvq/ej
pBOpQl8TB+EeIIKBMlzLlQOBcFwwOG1qFBCaB2rT5eEalsWGezRXjHKfE2id27uC
zIhdJsXmShPh4hg2R8TY2nYISWMbPjDRW1J2ihl0qx4lr9SO93uoCTwy2zCFn6M1
7Sp0amBbrbHoov3xwSZOkAcnbVVhIY5ZILNgnAhaaENHrVaTwP47/Hmh5uHAGwLW
iBEEUT+rrdmnpiIejRyeykM/SQyigafNSXFovtbBDeudt/+MKvADCNGTeIEyGNRg
KME33JgVmc+baNd50cl0ZacEGYW78H9AbyNHVclknA7RltqqNQ99v+E8kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5cpkywJ0EC1S2BF85jCAMiblxpMB8GA1UdIwQY
MBaAFFJi0/J8wFvlkku3vYkPfm3v+0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2Et
N2FlNTk4N2JlZTYyLzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2EtN2FlNTk4N2JlZTYy
LzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFER7A7uL
MgwZEFk/nQ3NdPKp1nTPSXIGhfQSk6FgUEtfCngIEPc3cLVr6iU2q5amH2flB/dK
BKfUjNBydExmVJLsACXI+sYQzofCxZzwCQxcRho700wX21zitPX5dTxMBpFjJsXX
PRnR3BmEAQyIB5qXjzhLU5ndHBKA9H7oTMY0EbNMMb1IZIU8VfU+g5+Sms65epzP
iVVm2etEH1URYWfwmfTGvbfwD9y8rUAYXVLmzdRg63WyMGPXmEdUo6yq6cnSOmr7
k8fKB61vBzZhTabMET/xnDTtVO86Ec94r0jDDNb6iFDtxHMJOMZlmdvYivxU5rg/
cbqev6kY84jl9Q==
-----END CERTIFICATE-----