Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft
File:                     U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft (raw, json)
Hash identifier:          jNeuROFZHhrEIcPpiBAr61bYxpQI1ziJ9WbK5OvT2U8=
Subject key identifier:   9F:D4:70:D9:9E:1C:5F:2C:A9:0E:4A:9E:CF:5F:F2:E3:25:F2:6A:CC
Authority key identifier: 53:F6:66:01:B7:CE:AC:08:C1:82:07:84:06:4E:57:1D:B9:88:7B:EB
Certificate issuer:       /CN=53f66601b7ceac08c1820784064e571db9887beb
Certificate serial:       0199FAD81FF8A594CFA378384F2BC0416C6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_ZmAbfOrAjBggeEBk5XHbmIe-s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft
Manifest number:          0A
Signing time:             Sun 19 Oct 2025 05:01:31 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:31 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:31 +0000
Files and hashes:         1: U_ZmAbfOrAjBggeEBk5XHbmIe-s.crl (hash: LrcZfCYaYckBn0OK1D69wzWHU02TF4/acWN7sLQGzIA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_ZmAbfOrAjBggeEBk5XHbmIe-s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:1f:f8:a5:94:cf:a3:78:38:4f:2b:c0:41:6c:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53f66601b7ceac08c1820784064e571db9887beb
        Validity
            Not Before: Oct 19 05:01:31 2025 GMT
            Not After : Oct 20 05:01:31 2025 GMT
        Subject: CN=9fd470d99e1c5f2ca90e4a9ecf5ff2e325f26acc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:06:26:b7:9b:a5:f3:74:2f:48:2f:1e:8c:25:
                    62:a2:80:e5:48:fb:08:52:3a:ce:de:6c:ea:20:38:
                    c1:c8:a5:3c:ba:4e:c1:ba:31:86:bb:b7:e9:e2:f0:
                    6e:1f:a1:3f:94:78:67:f6:45:92:6d:10:93:4d:32:
                    a1:78:42:42:46:82:ca:67:3f:49:d7:03:7d:c8:14:
                    71:9c:db:43:8d:42:cb:05:4b:df:3e:56:a4:3b:28:
                    dc:2a:24:17:d0:7f:2c:45:a4:1d:c3:66:9f:bf:a3:
                    f3:b5:fd:dd:20:56:c1:45:0c:16:2e:c9:1f:91:8a:
                    3a:56:4e:de:65:97:e1:07:84:cc:5d:3a:85:e8:e1:
                    bc:79:cc:48:1c:c0:ab:cd:16:62:74:67:b5:79:80:
                    ba:e0:3b:28:4d:ed:bc:dc:f4:5c:b1:e6:77:71:93:
                    0d:18:ae:52:c5:8d:aa:e3:a0:c6:1b:cc:6c:8a:80:
                    61:20:c0:0b:e3:7c:8a:47:95:9c:86:95:5c:ab:d0:
                    88:e9:8e:66:cc:78:42:33:b8:f1:e2:4d:39:9a:a7:
                    de:6d:b5:1e:a5:68:ac:38:4d:34:b9:43:f3:67:4a:
                    81:6e:88:4c:2b:1b:bc:ad:ab:a9:1f:a3:e8:aa:71:
                    70:cb:3b:53:26:a9:38:f0:8d:06:78:51:c4:8f:17:
                    a2:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:D4:70:D9:9E:1C:5F:2C:A9:0E:4A:9E:CF:5F:F2:E3:25:F2:6A:CC
            X509v3 Authority Key Identifier:
                keyid:53:F6:66:01:B7:CE:AC:08:C1:82:07:84:06:4E:57:1D:B9:88:7B:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_ZmAbfOrAjBggeEBk5XHbmIe-s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:3c:44:81:07:b4:8f:f1:b1:a0:8a:a6:d6:3c:a9:58:a4:ad:
         c3:cf:88:82:23:26:35:40:4c:83:34:0c:98:3f:86:eb:f0:bb:
         dc:c6:b7:ec:84:2d:c2:e0:d0:57:ea:89:c3:62:76:d2:58:34:
         65:4b:cc:cb:5c:ae:dd:aa:c3:89:03:ad:1d:0d:3b:40:31:2b:
         2d:c2:b6:30:ed:7b:a4:b6:d8:f0:f5:31:02:39:bc:ee:32:6e:
         e0:4b:9b:71:c4:1e:3e:4f:03:cc:4d:2f:b3:d7:7f:ce:89:0c:
         10:f5:91:08:61:83:a3:b4:93:f6:8d:4f:95:d0:3c:ca:53:e6:
         f6:61:37:ae:73:34:f8:3e:eb:02:6d:43:82:86:21:13:11:fa:
         17:4a:8d:df:40:81:a3:cf:4c:91:b1:77:54:b2:42:32:99:73:
         fe:98:3a:f5:8c:79:57:66:de:ff:29:4b:5c:6c:1f:2c:13:c2:
         7f:05:54:48:98:58:de:02:3d:64:fa:6d:33:33:c8:60:ac:07:
         4a:99:32:fb:ed:e3:23:28:ab:7b:c9:c1:0c:09:2a:4c:32:93:
         53:a1:74:0c:75:d5:8d:35:58:18:ef:45:bd:32:62:15:f6:6f:
         8d:1c:e9:9f:07:80:c6:be:72:ed:cc:f2:23:f4:88:5e:e6:e6:
         00:6c:d3:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62B/4pZTPo3g4TyvAQWxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjY2NjAxYjdjZWFjMDhjMTgyMDc4NDA2NGU1NzFkYjk4
ODdiZWIwHhcNMjUxMDE5MDUwMTMxWhcNMjUxMDIwMDUwMTMxWjAzMTEwLwYDVQQD
Eyg5ZmQ0NzBkOTllMWM1ZjJjYTkwZTRhOWVjZjVmZjJlMzI1ZjI2YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AYmt5ul83QvSC8ejCViooDlSPsI
UjrO3mzqIDjByKU8uk7BujGGu7fp4vBuH6E/lHhn9kWSbRCTTTKheEJCRoLKZz9J
1wN9yBRxnNtDjULLBUvfPlakOyjcKiQX0H8sRaQdw2afv6Pztf3dIFbBRQwWLskf
kYo6Vk7eZZfhB4TMXTqF6OG8ecxIHMCrzRZidGe1eYC64DsoTe283PRcseZ3cZMN
GK5SxY2q46DGG8xsioBhIMAL43yKR5WchpVcq9CI6Y5mzHhCM7jx4k05mqfebbUe
pWisOE00uUPzZ0qBbohMKxu8raupH6PoqnFwyztTJqk48I0GeFHEjxeipQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/UcNmeHF8sqQ5Kns9f8uMl8mrMMB8GA1UdIwQY
MBaAFFP2ZgG3zqwIwYIHhAZOVx25iHvrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9abUFiZk9yQWpCZ2dlRUJrNVhIYm1JZS1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kNDNjMmYtZmZhOS00ZjJiLWE4MzEt
YWQwYjVkY2YzMzAzLzEvVV9abUFiZk9yQWpCZ2dlRUJrNVhIYm1JZS1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kNDNjMmYtZmZhOS00ZjJiLWE4MzEtYWQwYjVkY2YzMzAz
LzEvVV9abUFiZk9yQWpCZ2dlRUJrNVhIYm1JZS1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQTxEgQe0
j/GxoIqm1jypWKStw8+IgiMmNUBMgzQMmD+G6/C73Ma37IQtwuDQV+qJw2J20lg0
ZUvMy1yu3arDiQOtHQ07QDErLcK2MO17pLbY8PUxAjm87jJu4EubccQePk8DzE0v
s9d/zokMEPWRCGGDo7ST9o1PldA8ylPm9mE3rnM0+D7rAm1DgoYhExH6F0qN30CB
o89MkbF3VLJCMplz/pg69Yx5V2be/ylLXGwfLBPCfwVUSJhY3gI9ZPptMzPIYKwH
Spky++3jIyire8nBDAkqTDKTU6F0DHXVjTVYGO9FvTJiFfZvjRzpnweAxr5y7czy
I/SIXubmAGzTwA==
-----END CERTIFICATE-----