Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft
File:                     UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft (raw, json)
Hash identifier:          B3R5nMqiC9DOCgmI1htmNAVxn9UtdcZHJEiE36uep7o=
Subject key identifier:   D9:25:D2:0B:69:64:5E:38:46:9C:C0:77:26:FF:48:53:99:1C:F9:41
Authority key identifier: 51:C3:CC:54:41:4F:B4:42:BE:39:D6:E1:A4:AF:72:4C:FF:EE:EE:FF
Certificate issuer:       /CN=51c3cc54414fb442be39d6e1a4af724cffeeeeff
Certificate serial:       01976F2C87FCA8C1C4E7BBCAAF1F19CF10F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UcPMVEFPtEK-OdbhpK9yTP_u7v8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft
Manifest number:          1495
Signing time:             Sat 14 Jun 2025 16:01:18 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:18 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:18 +0000
Files and hashes:         1: UcPMVEFPtEK-OdbhpK9yTP_u7v8.crl (hash: e31fCp321SpsabumhXDgwyuriuu6vPOgMkwJ6Avs3Rg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UcPMVEFPtEK-OdbhpK9yTP_u7v8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:87:fc:a8:c1:c4:e7:bb:ca:af:1f:19:cf:10:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51c3cc54414fb442be39d6e1a4af724cffeeeeff
        Validity
            Not Before: Jun 14 16:01:18 2025 GMT
            Not After : Jun 15 16:01:18 2025 GMT
        Subject: CN=d925d20b69645e38469cc07726ff4853991cf941
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:dc:3e:a6:65:8f:42:32:ee:23:3b:79:d7:b6:
                    c1:03:04:12:fa:aa:e8:10:fe:5c:34:f1:be:1b:48:
                    ca:88:77:49:ee:39:e8:5e:00:3a:c4:fd:6b:91:c5:
                    3d:62:e6:5e:00:b7:63:09:06:e4:b9:25:ba:03:9a:
                    e0:d0:86:5a:d8:06:fc:6f:5f:65:c5:c3:07:02:5a:
                    1c:f3:2e:ef:90:c1:de:5f:5e:66:26:0f:6f:a4:92:
                    3d:3e:02:54:20:64:a1:6f:d7:0d:5c:1f:76:5c:21:
                    2c:7b:bd:94:f9:5f:01:e1:01:36:b5:66:0a:3e:8c:
                    ca:09:d5:1c:c8:f9:75:22:b2:49:8d:53:a0:9e:4f:
                    da:ca:f8:4f:e1:d3:ca:ca:3d:81:1e:f4:41:f2:6f:
                    4f:53:2e:ec:f3:5e:dd:53:97:28:7d:6a:1d:01:35:
                    f7:0f:24:c3:42:58:c4:f3:c1:c3:0f:40:2f:4d:2f:
                    79:9a:ce:02:99:8d:7c:4f:63:bf:21:e4:30:75:41:
                    75:2e:83:4d:2f:b1:bf:97:5e:5f:5e:08:ad:3c:be:
                    bc:95:4f:c0:10:26:80:b5:a7:25:93:91:b0:0f:f3:
                    50:5e:3e:de:43:f8:63:f6:65:cf:5a:fa:7c:71:e1:
                    d9:2d:d7:a3:45:a9:c6:98:dc:ae:0a:37:02:92:1c:
                    a6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:25:D2:0B:69:64:5E:38:46:9C:C0:77:26:FF:48:53:99:1C:F9:41
            X509v3 Authority Key Identifier:
                keyid:51:C3:CC:54:41:4F:B4:42:BE:39:D6:E1:A4:AF:72:4C:FF:EE:EE:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UcPMVEFPtEK-OdbhpK9yTP_u7v8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:ec:f6:1d:84:8d:8c:26:f8:29:f8:47:b2:81:40:86:9b:86:
         ab:4f:16:f7:30:3f:e1:35:52:21:da:3c:9e:3a:42:88:09:21:
         06:07:27:7e:16:9c:b9:3f:63:95:6a:f5:0b:55:63:b2:97:ef:
         37:a4:81:32:46:dd:cc:93:c6:fa:f1:49:28:8d:45:c1:61:55:
         7e:35:6b:66:89:1d:8b:d3:76:cc:27:b4:c2:e7:76:b4:32:e2:
         b6:d3:c5:c5:92:04:2c:f9:2d:a8:00:de:49:e6:57:17:65:e4:
         4a:3c:b4:eb:08:19:f5:f6:49:81:2a:8b:e7:7a:25:a9:43:bb:
         0f:93:f9:d7:c6:cf:ac:2a:db:60:21:12:f6:38:ba:81:e3:14:
         1c:72:11:49:05:75:ad:1a:24:ac:1d:3d:6c:c4:1b:3d:45:ec:
         e2:d1:13:ae:c2:aa:43:47:c9:17:d5:90:c5:d2:4a:23:f1:f7:
         a4:c4:ce:d3:a3:88:51:f8:40:ea:72:2e:a5:19:a6:25:4c:c8:
         1c:27:1d:bd:6d:cc:47:e2:c9:00:43:f1:0f:2b:a2:72:e3:58:
         d6:cd:ed:af:37:c2:e6:35:4f:4a:8e:dd:b0:4a:e9:94:3c:b0:
         7e:1c:8a:66:8d:78:db:91:c3:87:37:36:69:a1:cf:15:2d:7b:
         89:84:ed:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLIf8qMHE57vKrx8ZzxDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYzNjYzU0NDE0ZmI0NDJiZTM5ZDZlMWE0YWY3MjRjZmZl
ZWVlZmYwHhcNMjUwNjE0MTYwMTE4WhcNMjUwNjE1MTYwMTE4WjAzMTEwLwYDVQQD
EyhkOTI1ZDIwYjY5NjQ1ZTM4NDY5Y2MwNzcyNmZmNDg1Mzk5MWNmOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNw+pmWPQjLuIzt517bBAwQS+qro
EP5cNPG+G0jKiHdJ7jnoXgA6xP1rkcU9YuZeALdjCQbkuSW6A5rg0IZa2Ab8b19l
xcMHAloc8y7vkMHeX15mJg9vpJI9PgJUIGShb9cNXB92XCEse72U+V8B4QE2tWYK
PozKCdUcyPl1IrJJjVOgnk/ayvhP4dPKyj2BHvRB8m9PUy7s817dU5cofWodATX3
DyTDQljE88HDD0AvTS95ms4CmY18T2O/IeQwdUF1LoNNL7G/l15fXgitPL68lU/A
ECaAtaclk5GwD/NQXj7eQ/hj9mXPWvp8ceHZLdejRanGmNyuCjcCkhymGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkl0gtpZF44RpzAdyb/SFOZHPlBMB8GA1UdIwQY
MBaAFFHDzFRBT7RCvjnW4aSvckz/7u7/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWNQTVZFRlB0RUstT2RiaHBLOXlUUF91N3Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hNzM5MDAtYjM0Zi00ZmZjLTllMzkt
MjMxNWNkOWI5ZmEyLzEvVWNQTVZFRlB0RUstT2RiaHBLOXlUUF91N3Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9hNzM5MDAtYjM0Zi00ZmZjLTllMzktMjMxNWNkOWI5ZmEy
LzEvVWNQTVZFRlB0RUstT2RiaHBLOXlUUF91N3Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL+z2HYSN
jCb4KfhHsoFAhpuGq08W9zA/4TVSIdo8njpCiAkhBgcnfhacuT9jlWr1C1Vjspfv
N6SBMkbdzJPG+vFJKI1FwWFVfjVrZokdi9N2zCe0wud2tDLittPFxZIELPktqADe
SeZXF2XkSjy06wgZ9fZJgSqL53olqUO7D5P518bPrCrbYCES9ji6geMUHHIRSQV1
rRokrB09bMQbPUXs4tETrsKqQ0fJF9WQxdJKI/H3pMTO06OIUfhA6nIupRmmJUzI
HCcdvW3MR+LJAEPxDyuicuNY1s3trzfC5jVPSo7dsErplDywfhyKZo1425HDhzc2
aaHPFS17iYTt4g==
-----END CERTIFICATE-----