Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
File:                     U3YJ5EhhINufF7bT10v4VfJxV18.mft (raw, json)
Hash identifier:          rO1NKTlfsQ+wH7HrFiFrMMr/DlQh44QMiL80Og6/xEc=
Subject key identifier:   F9:43:D1:A6:18:E7:99:45:D9:A5:C2:9A:24:EC:4F:E4:7E:5F:DE:0C
Authority key identifier: 53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F
Certificate issuer:       /CN=537609e4486120db9f17b6d3d74bf855f271575f
Certificate serial:       019675D5009F575D3BF7304200421477D9C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
Manifest number:          0B8D
Signing time:             Sun 27 Apr 2025 06:00:15 +0000
Manifest this update:     Sun 27 Apr 2025 06:00:15 +0000
Manifest next update:     Mon 28 Apr 2025 06:00:15 +0000
Files and hashes:         1: U3YJ5EhhINufF7bT10v4VfJxV18.crl (hash: sT8enhEzZ3CMRknb1mace+nzaBKYZap3i/+XTriUrOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:d5:00:9f:57:5d:3b:f7:30:42:00:42:14:77:d9:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537609e4486120db9f17b6d3d74bf855f271575f
        Validity
            Not Before: Apr 27 06:00:15 2025 GMT
            Not After : Apr 28 06:00:15 2025 GMT
        Subject: CN=f943d1a618e79945d9a5c29a24ec4fe47e5fde0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:69:76:ae:64:b2:9a:17:a9:c0:f8:0d:f4:57:
                    6f:35:37:5a:77:d6:9f:36:e7:12:ce:aa:0f:8b:05:
                    d4:a0:bb:d5:8d:8e:8f:da:f4:c9:ef:69:47:11:af:
                    c6:79:04:c7:a6:e3:f9:04:62:3a:63:05:1c:69:28:
                    db:2b:ab:9d:5c:65:ef:c2:ed:8d:08:ac:78:30:56:
                    85:13:12:d1:0a:9d:ae:b9:54:d2:43:8e:d4:7f:f8:
                    c0:6e:32:fa:91:c9:ce:18:dc:1a:d3:d2:e7:de:d4:
                    b7:32:a2:ab:37:cf:72:29:03:5d:f5:9d:53:8b:7d:
                    0b:16:d3:27:82:70:76:a8:19:b0:88:87:de:ce:17:
                    d6:09:ff:5b:c8:5d:73:eb:be:b5:fa:a8:67:e3:ae:
                    20:c8:62:36:92:78:e4:a5:ee:3d:36:a1:61:ef:2a:
                    14:3a:35:c7:be:5a:3a:19:00:e4:3a:a1:86:3c:81:
                    eb:ae:2d:f2:01:bc:00:ca:76:68:e8:7c:c5:55:1a:
                    a3:5f:07:f5:8f:e0:7b:3f:64:49:30:d2:63:2a:04:
                    a7:30:42:be:77:bc:41:e8:85:9a:6a:d6:37:b9:69:
                    02:db:16:f2:2d:c3:fc:dc:1f:53:4e:8b:7c:4e:dc:
                    08:6d:3a:eb:d4:6f:e9:00:8f:18:b1:da:81:6c:d3:
                    61:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:43:D1:A6:18:E7:99:45:D9:A5:C2:9A:24:EC:4F:E4:7E:5F:DE:0C
            X509v3 Authority Key Identifier:
                keyid:53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:95:74:88:54:8a:e5:90:0e:31:df:c7:72:5c:ee:6e:52:6a:
         0d:ef:12:fa:aa:f6:0e:ce:81:99:e6:0d:2b:68:2d:1c:37:6e:
         8a:47:40:15:6e:a7:6e:a4:ba:52:a8:7d:f7:93:83:92:2b:13:
         2a:06:a1:15:38:ae:f1:75:2e:83:47:c7:e7:6d:2b:da:15:59:
         9f:45:af:0d:be:85:e3:13:20:2a:02:c0:8e:a7:f5:bc:a0:f5:
         2f:68:54:cb:72:08:c2:66:10:8a:12:7f:51:65:8b:ad:ce:41:
         e8:fc:79:68:5d:45:38:1c:0d:04:30:0f:e8:d7:d0:58:f1:3c:
         3e:bb:9a:7a:2d:27:30:5e:e8:41:d1:fa:42:3e:52:4e:d7:58:
         8f:57:53:c0:db:90:7f:9e:58:89:37:64:95:1d:8a:c7:2d:3e:
         59:db:f3:35:a7:80:22:c6:39:a1:f2:f4:ce:14:c6:05:52:19:
         b3:4c:17:2d:02:ac:c4:dd:d2:c2:90:af:91:ca:e4:55:09:42:
         3c:06:69:99:8f:ac:79:38:4f:61:fa:e2:8f:65:3d:d9:1b:43:
         1c:5d:27:fb:23:32:8c:4d:08:ed:6a:29:09:23:2a:cc:d7:da:
         e8:7a:7d:af:df:03:41:95:db:cf:84:c3:60:c1:aa:90:e8:95:
         2b:67:63:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ11QCfV1079zBCAEIUd9nAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzYwOWU0NDg2MTIwZGI5ZjE3YjZkM2Q3NGJmODU1ZjI3
MTU3NWYwHhcNMjUwNDI3MDYwMDE1WhcNMjUwNDI4MDYwMDE1WjAzMTEwLwYDVQQD
EyhmOTQzZDFhNjE4ZTc5OTQ1ZDlhNWMyOWEyNGVjNGZlNDdlNWZkZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWl2rmSymhepwPgN9FdvNTdad9af
NucSzqoPiwXUoLvVjY6P2vTJ72lHEa/GeQTHpuP5BGI6YwUcaSjbK6udXGXvwu2N
CKx4MFaFExLRCp2uuVTSQ47Uf/jAbjL6kcnOGNwa09Ln3tS3MqKrN89yKQNd9Z1T
i30LFtMngnB2qBmwiIfezhfWCf9byF1z6761+qhn464gyGI2knjkpe49NqFh7yoU
OjXHvlo6GQDkOqGGPIHrri3yAbwAynZo6HzFVRqjXwf1j+B7P2RJMNJjKgSnMEK+
d7xB6IWaatY3uWkC2xbyLcP83B9TTot8TtwIbTrr1G/pAI8YsdqBbNNh+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlD0aYY55lF2aXCmiTsT+R+X94MMB8GA1UdIwQY
MBaAFFN2CeRIYSDbnxe209dL+FXycVdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYt
ZDRkNDRiZDkxYWZlLzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYtZDRkNDRiZDkxYWZl
LzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ5V0iFSK
5ZAOMd/HclzublJqDe8S+qr2Ds6BmeYNK2gtHDduikdAFW6nbqS6Uqh995ODkisT
KgahFTiu8XUug0fH520r2hVZn0WvDb6F4xMgKgLAjqf1vKD1L2hUy3IIwmYQihJ/
UWWLrc5B6Px5aF1FOBwNBDAP6NfQWPE8Pruaei0nMF7oQdH6Qj5STtdYj1dTwNuQ
f55YiTdklR2Kxy0+WdvzNaeAIsY5ofL0zhTGBVIZs0wXLQKsxN3SwpCvkcrkVQlC
PAZpmY+seThPYfrij2U92RtDHF0n+yMyjE0I7WopCSMqzNfa6Hp9r98DQZXbz4TD
YMGqkOiVK2djIw==
-----END CERTIFICATE-----