Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft
File:                     ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft (raw, json)
Hash identifier:          NESSgUQmW0nVTTd1N8/M8r2PEXYpYMbVdyY0tyvOtoY=
Subject key identifier:   B8:01:7B:15:BB:11:1E:A4:6A:A3:80:DC:9B:E6:E5:67:D6:26:9A:4B
Authority key identifier: BA:53:CA:18:E3:A0:48:D5:9F:A6:CF:59:66:7C:FD:39:A0:57:97:3E
Certificate issuer:       /CN=ba53ca18e3a048d59fa6cf59667cfd39a057973e
Certificate serial:       0199FBEBB91020D4013CFB83737AABD504C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulPKGOOgSNWfps9ZZnz9OaBXlz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft
Manifest number:          109F
Signing time:             Sun 19 Oct 2025 10:02:33 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:33 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:33 +0000
Files and hashes:         1: ulPKGOOgSNWfps9ZZnz9OaBXlz4.crl (hash: JWNdus4aVEFsOwoAGhBQLjVBbtygrMQeMhtTCk6dOEg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulPKGOOgSNWfps9ZZnz9OaBXlz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:b9:10:20:d4:01:3c:fb:83:73:7a:ab:d5:04:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba53ca18e3a048d59fa6cf59667cfd39a057973e
        Validity
            Not Before: Oct 19 10:02:33 2025 GMT
            Not After : Oct 20 10:02:33 2025 GMT
        Subject: CN=b8017b15bb111ea46aa380dc9be6e567d6269a4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:df:72:cb:6b:78:1e:e1:82:02:d3:38:32:b8:
                    81:10:02:88:8a:11:73:2f:be:59:42:cd:6e:0c:67:
                    2f:4e:79:77:37:96:4d:ac:ff:2d:cc:0b:eb:11:9e:
                    6e:16:d1:14:b1:19:89:dd:f0:8f:c1:92:c3:9d:e1:
                    93:17:9b:b2:3e:0c:b6:8e:11:7b:17:0d:85:bb:42:
                    03:7e:0b:a2:eb:08:5b:ee:05:c7:25:cb:c3:0e:68:
                    e9:46:a6:96:2a:93:05:18:80:37:ad:43:5e:cf:57:
                    c1:51:04:78:7d:c1:e3:fa:14:03:f0:0b:48:43:02:
                    30:be:46:98:39:da:10:79:31:e7:cd:91:a0:57:08:
                    4f:99:a6:26:ba:05:e9:70:ab:a5:90:a6:04:cc:e7:
                    ba:05:9a:a1:81:bb:82:fa:cc:dc:2a:b1:ea:47:e5:
                    2f:81:fc:6f:00:03:88:43:36:e8:92:33:06:b2:24:
                    8b:ee:68:36:86:c3:ad:78:81:fd:0c:aa:79:6d:0b:
                    60:6f:e4:18:07:5e:00:da:3b:40:14:7b:aa:0a:65:
                    fa:84:79:fa:85:e0:b3:64:d2:f0:00:b7:ef:2f:8a:
                    a0:47:d5:ca:76:fd:3f:86:4b:d4:e0:8d:7d:ff:d3:
                    a5:5b:8a:85:f1:2e:d8:e4:de:35:6e:d2:12:96:e9:
                    67:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:01:7B:15:BB:11:1E:A4:6A:A3:80:DC:9B:E6:E5:67:D6:26:9A:4B
            X509v3 Authority Key Identifier:
                keyid:BA:53:CA:18:E3:A0:48:D5:9F:A6:CF:59:66:7C:FD:39:A0:57:97:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulPKGOOgSNWfps9ZZnz9OaBXlz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:5f:d0:5b:53:50:05:f1:e3:e4:66:75:e2:96:47:07:84:42:
         64:94:2c:75:1c:e8:2c:c8:07:a1:74:f7:0e:80:32:0b:b1:69:
         d4:d1:58:71:0a:fc:76:71:dd:b9:d6:c5:bb:32:1c:88:b0:35:
         b4:00:cb:83:28:ef:fc:0f:c2:74:fb:e0:69:3a:39:56:09:2b:
         0d:8c:5a:17:7c:22:31:20:c1:b5:7a:0a:f4:04:71:d0:de:3a:
         c7:c9:2a:53:a7:d5:cd:38:95:7e:f5:f6:f2:17:ed:5c:69:43:
         15:35:b8:ec:4b:38:92:cb:99:64:62:87:b2:9f:b5:f3:30:76:
         56:fc:9d:c7:7c:ab:a4:f1:fd:13:5f:92:e6:c8:61:cb:35:33:
         8f:78:b1:dd:ca:a5:64:81:08:05:98:ca:a3:19:ae:44:23:a0:
         66:f8:0c:8c:57:38:ca:9d:15:06:cb:fd:41:fc:6a:b3:67:55:
         9f:09:6d:05:bf:8a:42:ec:8d:61:20:16:d8:ed:97:f9:27:db:
         87:5d:e3:17:5f:d9:76:b3:0e:42:26:55:76:b5:f9:ad:d6:7a:
         a1:4f:16:7d:2c:92:f1:8b:3f:07:6f:e3:38:b3:f8:62:58:27:
         66:d2:d3:d9:d7:df:5c:c6:d7:ff:46:bc:ae:6a:dd:96:45:c4:
         d9:89:a3:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn767kQINQBPPuDc3qr1QTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNTNjYTE4ZTNhMDQ4ZDU5ZmE2Y2Y1OTY2N2NmZDM5YTA1
Nzk3M2UwHhcNMjUxMDE5MTAwMjMzWhcNMjUxMDIwMTAwMjMzWjAzMTEwLwYDVQQD
EyhiODAxN2IxNWJiMTExZWE0NmFhMzgwZGM5YmU2ZTU2N2Q2MjY5YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl99yy2t4HuGCAtM4MriBEAKIihFz
L75ZQs1uDGcvTnl3N5ZNrP8tzAvrEZ5uFtEUsRmJ3fCPwZLDneGTF5uyPgy2jhF7
Fw2Fu0IDfgui6whb7gXHJcvDDmjpRqaWKpMFGIA3rUNez1fBUQR4fcHj+hQD8AtI
QwIwvkaYOdoQeTHnzZGgVwhPmaYmugXpcKulkKYEzOe6BZqhgbuC+szcKrHqR+Uv
gfxvAAOIQzbokjMGsiSL7mg2hsOteIH9DKp5bQtgb+QYB14A2jtAFHuqCmX6hHn6
heCzZNLwALfvL4qgR9XKdv0/hkvU4I19/9OlW4qF8S7Y5N41btISlulnKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgBexW7ER6kaqOA3Jvm5WfWJppLMB8GA1UdIwQY
MBaAFLpTyhjjoEjVn6bPWWZ8/TmgV5c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWxQS0dPT2dTTldmcHM5WlpuejlPYUJYbHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82ODhjZTAtMTBlYy00OTM3LTk0NDMt
MWIyMDQ1NGEyODYyLzEvdWxQS0dPT2dTTldmcHM5WlpuejlPYUJYbHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82ODhjZTAtMTBlYy00OTM3LTk0NDMtMWIyMDQ1NGEyODYy
LzEvdWxQS0dPT2dTTldmcHM5WlpuejlPYUJYbHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiF/QW1NQ
BfHj5GZ14pZHB4RCZJQsdRzoLMgHoXT3DoAyC7Fp1NFYcQr8dnHdudbFuzIciLA1
tADLgyjv/A/CdPvgaTo5VgkrDYxaF3wiMSDBtXoK9ARx0N46x8kqU6fVzTiVfvX2
8hftXGlDFTW47Es4ksuZZGKHsp+18zB2Vvydx3yrpPH9E1+S5shhyzUzj3ix3cql
ZIEIBZjKoxmuRCOgZvgMjFc4yp0VBsv9Qfxqs2dVnwltBb+KQuyNYSAW2O2X+Sfb
h13jF1/ZdrMOQiZVdrX5rdZ6oU8WfSyS8Ys/B2/jOLP4YlgnZtLT2dffXMbX/0a8
rmrdlkXE2YmjLg==
-----END CERTIFICATE-----