Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
File:                     UJFp9pOVg8wdvmUtulwMglBAoBI.mft (raw, json)
Hash identifier:          xoVOSDxlkJLYIETmG3vWFOxzoVJ/icsQVxzj3hftjGk=
Subject key identifier:   C0:2F:02:AA:B9:33:1F:4B:E0:F7:65:58:9A:B6:D0:72:C6:11:1E:D4
Authority key identifier: 50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12
Certificate issuer:       /CN=509169f6939583cc1dbe652dba5c0c825040a012
Certificate serial:       01967D8EB95E4ABE626AD321048AD10EFE98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
Manifest number:          01B7
Signing time:             Mon 28 Apr 2025 18:00:27 +0000
Manifest this update:     Mon 28 Apr 2025 18:00:27 +0000
Manifest next update:     Tue 29 Apr 2025 18:00:27 +0000
Files and hashes:         1: UJFp9pOVg8wdvmUtulwMglBAoBI.crl (hash: lTEoORlG+XxAy8z7/eG7LveiX96YgJIZQC0qVUvyZ54=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:8e:b9:5e:4a:be:62:6a:d3:21:04:8a:d1:0e:fe:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509169f6939583cc1dbe652dba5c0c825040a012
        Validity
            Not Before: Apr 28 18:00:27 2025 GMT
            Not After : Apr 29 18:00:27 2025 GMT
        Subject: CN=c02f02aab9331f4be0f765589ab6d072c6111ed4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:61:67:d7:b4:71:48:fa:03:05:c9:83:7b:51:
                    ac:b4:2b:2d:ba:09:bc:96:89:de:b9:9f:dd:92:f9:
                    d1:3b:c7:38:60:19:9e:95:bb:5b:cc:ea:d3:f8:15:
                    d2:80:1c:9c:4d:df:0b:3c:3f:cb:21:d7:db:b7:23:
                    95:cb:c9:49:b2:ef:14:d6:e2:de:e8:c3:5b:1c:47:
                    91:3b:a1:c2:65:3a:59:87:48:e5:d1:7d:a1:27:90:
                    1f:de:bd:36:15:e9:ba:79:56:a9:78:a0:28:da:db:
                    2d:e1:58:1a:6e:66:54:c9:74:47:74:5b:7a:b0:04:
                    c3:50:29:91:84:94:32:af:58:dd:e3:f8:81:cb:58:
                    9b:d3:45:af:20:cd:60:e8:dd:0c:e5:c6:c6:f8:1f:
                    c0:cb:38:b5:ad:b4:34:81:83:1f:43:45:c1:3d:66:
                    da:fa:de:7b:25:91:d1:54:b9:5f:24:04:88:ea:1c:
                    f0:1e:92:08:04:d4:b6:ac:00:68:50:0a:cc:0a:23:
                    a1:79:5f:ce:31:91:68:1b:b0:ef:25:b6:4a:39:14:
                    34:c7:b5:c3:f3:ad:2b:82:2f:ad:9c:a2:b2:af:1c:
                    60:a3:91:4a:d7:17:77:64:92:96:ac:1e:16:d9:70:
                    93:da:80:91:4b:85:95:61:03:f8:03:ba:07:0e:c5:
                    78:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:2F:02:AA:B9:33:1F:4B:E0:F7:65:58:9A:B6:D0:72:C6:11:1E:D4
            X509v3 Authority Key Identifier:
                keyid:50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:e4:bb:ab:dd:ec:56:3f:40:bd:55:85:fa:4f:92:cc:1b:77:
         27:a9:b1:d9:3a:2e:0a:d4:87:17:d1:93:8c:ac:5b:96:2a:9e:
         fe:43:99:30:56:b5:62:6e:d2:ef:03:92:49:4f:52:ce:f7:fd:
         5c:1d:eb:64:e5:86:a9:dc:7a:f3:1c:ed:5a:51:0a:b3:a0:a2:
         ad:35:99:2d:30:bb:0d:21:e2:0e:32:b0:98:12:48:de:3e:c8:
         de:5b:a2:97:f7:b1:ee:88:9c:03:f0:8a:b1:3e:02:f3:d8:f7:
         9b:f2:15:53:19:11:cd:df:bd:91:05:cf:64:46:4c:f0:30:c7:
         3b:e2:c5:c9:5f:22:00:f8:fb:9d:c3:5e:33:81:bf:6f:87:54:
         9d:65:31:fa:63:4c:f6:51:e9:29:48:d0:52:2c:e0:2c:c0:51:
         e2:3a:ea:d0:18:f9:ae:91:99:cb:b4:31:bb:b8:d0:d8:dd:01:
         94:21:5e:90:27:ee:a1:1f:c4:57:03:86:81:22:1b:c4:8b:a1:
         f7:98:4a:48:8e:4b:2b:9f:0e:32:4c:0f:d0:68:03:eb:a5:33:
         01:e7:45:44:79:4b:00:4b:12:38:8d:8f:1f:27:23:0d:25:07:
         a5:c6:08:23:b8:33:97:96:28:30:92:be:1d:a7:48:7a:00:7f:
         9c:c9:d9:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9jrleSr5iatMhBIrRDv6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTE2OWY2OTM5NTgzY2MxZGJlNjUyZGJhNWMwYzgyNTA0
MGEwMTIwHhcNMjUwNDI4MTgwMDI3WhcNMjUwNDI5MTgwMDI3WjAzMTEwLwYDVQQD
EyhjMDJmMDJhYWI5MzMxZjRiZTBmNzY1NTg5YWI2ZDA3MmM2MTExZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGFn17RxSPoDBcmDe1GstCstugm8
loneuZ/dkvnRO8c4YBmelbtbzOrT+BXSgBycTd8LPD/LIdfbtyOVy8lJsu8U1uLe
6MNbHEeRO6HCZTpZh0jl0X2hJ5Af3r02Fem6eVapeKAo2tst4VgabmZUyXRHdFt6
sATDUCmRhJQyr1jd4/iBy1ib00WvIM1g6N0M5cbG+B/Ayzi1rbQ0gYMfQ0XBPWba
+t57JZHRVLlfJASI6hzwHpIIBNS2rABoUArMCiOheV/OMZFoG7DvJbZKORQ0x7XD
860rgi+tnKKyrxxgo5FK1xd3ZJKWrB4W2XCT2oCRS4WVYQP4A7oHDsV4QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAvAqq5Mx9L4PdlWJq20HLGER7UMB8GA1UdIwQY
MBaAFFCRafaTlYPMHb5lLbpcDIJQQKASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQt
NzU0NDEzYjk4ZGIyLzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQtNzU0NDEzYjk4ZGIy
LzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAouS7q93s
Vj9AvVWF+k+SzBt3J6mx2TouCtSHF9GTjKxbliqe/kOZMFa1Ym7S7wOSSU9Szvf9
XB3rZOWGqdx68xztWlEKs6CirTWZLTC7DSHiDjKwmBJI3j7I3luil/ex7oicA/CK
sT4C89j3m/IVUxkRzd+9kQXPZEZM8DDHO+LFyV8iAPj7ncNeM4G/b4dUnWUx+mNM
9lHpKUjQUizgLMBR4jrq0Bj5rpGZy7Qxu7jQ2N0BlCFekCfuoR/EVwOGgSIbxIuh
95hKSI5LK58OMkwP0GgD66UzAedFRHlLAEsSOI2PHycjDSUHpcYII7gzl5YoMJK+
HadIegB/nMnZ8g==
-----END CERTIFICATE-----