Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
File:                     U3YJ5EhhINufF7bT10v4VfJxV18.mft (raw, json)
Hash identifier:          VYnRyGowj4L8PXHM0XAdKQsnnnO8VSoKRkhQqD+Ixws=
Subject key identifier:   9F:92:C7:02:2A:FA:71:42:7A:2E:78:39:5A:B2:DE:3D:0D:4F:A2:DD
Authority key identifier: 53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F
Certificate issuer:       /CN=537609e4486120db9f17b6d3d74bf855f271575f
Certificate serial:       01976EF52196091A0C3D04C8BFA9BA20687B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
Manifest number:          0C0E
Signing time:             Sat 14 Jun 2025 15:00:48 +0000
Manifest this update:     Sat 14 Jun 2025 15:00:48 +0000
Manifest next update:     Sun 15 Jun 2025 15:00:48 +0000
Files and hashes:         1: U3YJ5EhhINufF7bT10v4VfJxV18.crl (hash: OucnHjEVKnl3NxGhnkhoxCHBj7k8TsrLnXNM0uXBPyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 15:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:f5:21:96:09:1a:0c:3d:04:c8:bf:a9:ba:20:68:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537609e4486120db9f17b6d3d74bf855f271575f
        Validity
            Not Before: Jun 14 15:00:48 2025 GMT
            Not After : Jun 15 15:00:48 2025 GMT
        Subject: CN=9f92c7022afa71427a2e78395ab2de3d0d4fa2dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b6:f4:11:24:f9:0e:fd:98:58:39:4d:f8:b8:
                    b2:48:8e:2d:6d:c9:7c:4a:4a:dd:56:ec:e2:75:3b:
                    3e:6d:81:d1:6d:d9:4f:a0:f5:0c:7e:c5:49:15:74:
                    8a:8a:1d:d6:ba:bd:d9:2d:ed:13:7d:22:35:12:9e:
                    c8:2d:90:7a:1f:99:1c:a5:f6:a8:7a:6b:c7:94:1f:
                    6d:32:92:2d:c4:99:c0:72:4a:c7:bb:14:96:d7:15:
                    c8:0a:49:a5:9f:1c:a0:1f:27:e1:ab:b6:3e:3e:d6:
                    ba:dd:6a:00:3c:ea:57:13:09:73:f6:8f:6e:fa:3f:
                    a8:c6:fa:7e:25:1e:08:c3:e7:f7:91:b5:43:f7:4c:
                    fa:55:44:42:e5:8e:58:6f:3e:a5:ac:98:0e:74:1e:
                    8f:f6:62:5a:c7:78:1f:de:ed:f7:95:91:be:34:c7:
                    35:65:15:95:ce:f1:1a:0d:04:da:92:b0:34:3b:6a:
                    67:5d:fb:f1:e8:1d:69:b1:e7:d6:85:e9:cb:25:37:
                    c7:17:fe:31:e7:d4:be:47:37:54:1e:2d:90:a9:3b:
                    69:57:c7:f0:a0:f4:ec:1d:51:a0:47:76:79:f5:01:
                    61:63:b8:5f:0f:af:60:b2:09:7a:76:3a:7e:2d:95:
                    8d:3f:3e:d8:42:d2:5a:df:cc:9b:8e:a9:15:55:48:
                    05:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:92:C7:02:2A:FA:71:42:7A:2E:78:39:5A:B2:DE:3D:0D:4F:A2:DD
            X509v3 Authority Key Identifier:
                keyid:53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:d9:67:1e:71:b4:e2:68:43:47:17:ce:7b:b9:1b:bf:c7:65:
         57:f2:da:d1:05:70:60:a1:61:49:e5:35:6a:0e:06:19:98:47:
         d7:39:89:78:0b:84:6d:ae:fe:2a:06:5e:01:15:32:f5:92:6e:
         7b:41:84:87:98:b8:bd:cc:2c:37:3b:bc:08:33:fc:29:db:5a:
         14:9f:b3:16:6a:3a:23:c7:05:af:a0:00:72:27:6c:32:63:5b:
         1b:4a:0f:ba:68:ac:30:aa:7b:0c:c5:0e:55:1a:bb:82:65:d0:
         be:f0:5c:73:79:0b:91:6d:ba:42:5e:bf:97:22:cd:83:f8:af:
         5d:3e:17:a8:14:b9:81:02:f8:4a:f2:0d:d7:c0:30:b6:93:e9:
         05:d9:85:f6:2d:c6:14:de:df:df:80:21:5f:71:75:f8:9a:51:
         ea:52:61:06:e0:bf:bd:d3:33:b9:62:da:45:19:fb:41:06:10:
         a2:a4:56:f9:51:4f:46:79:57:d5:a0:42:9f:a0:2e:98:da:c2:
         e5:51:c3:f5:0f:ad:32:e4:35:58:09:ae:0c:a1:a4:09:5d:c4:
         f0:f6:84:78:4f:40:7b:6c:5a:8a:ac:e1:ba:57:cc:69:fa:a0:
         4d:ac:a2:d5:ce:c2:19:53:2f:45:c1:7d:00:28:77:4c:48:47:
         56:8d:ca:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdu9SGWCRoMPQTIv6m6IGh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzYwOWU0NDg2MTIwZGI5ZjE3YjZkM2Q3NGJmODU1ZjI3
MTU3NWYwHhcNMjUwNjE0MTUwMDQ4WhcNMjUwNjE1MTUwMDQ4WjAzMTEwLwYDVQQD
Eyg5ZjkyYzcwMjJhZmE3MTQyN2EyZTc4Mzk1YWIyZGUzZDBkNGZhMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7b0EST5Dv2YWDlN+LiySI4tbcl8
SkrdVuzidTs+bYHRbdlPoPUMfsVJFXSKih3Wur3ZLe0TfSI1Ep7ILZB6H5kcpfao
emvHlB9tMpItxJnAckrHuxSW1xXICkmlnxygHyfhq7Y+Pta63WoAPOpXEwlz9o9u
+j+oxvp+JR4Iw+f3kbVD90z6VURC5Y5Ybz6lrJgOdB6P9mJax3gf3u33lZG+NMc1
ZRWVzvEaDQTakrA0O2pnXfvx6B1psefWhenLJTfHF/4x59S+RzdUHi2QqTtpV8fw
oPTsHVGgR3Z59QFhY7hfD69gsgl6djp+LZWNPz7YQtJa38ybjqkVVUgFkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+SxwIq+nFCei54OVqy3j0NT6LdMB8GA1UdIwQY
MBaAFFN2CeRIYSDbnxe209dL+FXycVdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYt
ZDRkNDRiZDkxYWZlLzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYtZDRkNDRiZDkxYWZl
LzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr9lnHnG0
4mhDRxfOe7kbv8dlV/La0QVwYKFhSeU1ag4GGZhH1zmJeAuEba7+KgZeARUy9ZJu
e0GEh5i4vcwsNzu8CDP8KdtaFJ+zFmo6I8cFr6AAcidsMmNbG0oPumisMKp7DMUO
VRq7gmXQvvBcc3kLkW26Ql6/lyLNg/ivXT4XqBS5gQL4SvIN18AwtpPpBdmF9i3G
FN7f34AhX3F1+JpR6lJhBuC/vdMzuWLaRRn7QQYQoqRW+VFPRnlX1aBCn6AumNrC
5VHD9Q+tMuQ1WAmuDKGkCV3E8PaEeE9Ae2xaiqzhulfMafqgTayi1c7CGVMvRcF9
ACh3TEhHVo3KNw==
-----END CERTIFICATE-----