Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft
File:                     pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft (raw, json)
Hash identifier:          IR+7FBzJM5tMSy51+Cns4nk52UjqgKRSOk5+9o6RhKY=
Subject key identifier:   9D:68:7A:E9:24:38:79:E0:94:8A:CB:7A:EA:48:B4:8D:78:14:64:EE
Authority key identifier: A5:4A:9E:27:5C:5C:17:80:9B:8F:CF:8C:0F:E0:B5:F6:32:9C:EE:EF
Certificate issuer:       /CN=a54a9e275c5c17809b8fcf8c0fe0b5f6329ceeef
Certificate serial:       0199FBEBA9E6BEEE23B397F9CCD0AC98D165
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft
Manifest number:          0FFF
Signing time:             Sun 19 Oct 2025 10:02:29 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:29 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:29 +0000
Files and hashes:         1: pUqeJ1xcF4Cbj8-MD-C19jKc7u8.crl (hash: 5IAWkKR/xzAb+Jiy122OidfjDjC0bS0RnM9LJdO2v3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:a9:e6:be:ee:23:b3:97:f9:cc:d0:ac:98:d1:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a54a9e275c5c17809b8fcf8c0fe0b5f6329ceeef
        Validity
            Not Before: Oct 19 10:02:29 2025 GMT
            Not After : Oct 20 10:02:29 2025 GMT
        Subject: CN=9d687ae9243879e0948acb7aea48b48d781464ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:22:cd:a3:72:99:49:84:d8:9c:6c:8e:1f:8d:
                    e1:bf:af:8b:6f:35:c1:53:1f:6c:de:dd:09:a1:a6:
                    78:24:e8:96:24:21:39:54:ad:b5:2a:72:dc:12:ef:
                    55:aa:27:96:80:c7:1c:87:c4:1d:db:d4:1b:fc:bd:
                    4f:fd:48:c7:f0:3d:21:35:f3:3d:94:28:ff:70:44:
                    89:e5:7b:a1:f0:04:24:e5:7a:33:bb:bc:c1:77:44:
                    17:26:37:7e:da:79:8d:ef:0a:9a:1b:d5:70:ce:25:
                    9f:27:ff:e1:fd:a9:6f:75:af:b0:0c:26:31:6c:5e:
                    8b:16:0c:8e:26:71:9b:8e:d7:03:71:86:81:4c:a4:
                    b5:39:75:f9:65:f6:89:6a:46:01:89:8c:05:40:6c:
                    e5:d9:25:95:6a:35:f0:19:b4:bf:94:81:2c:6e:a7:
                    dd:23:d0:64:f1:39:d3:5c:1d:54:04:a0:eb:46:7d:
                    91:6c:f2:02:73:88:25:24:15:b5:b9:3e:38:ec:4a:
                    d1:72:c4:ed:be:6e:c8:62:c7:1b:53:5a:07:34:8e:
                    e2:e3:3e:02:a8:ba:39:30:30:c5:78:e5:bd:1d:86:
                    cc:fc:50:81:aa:7b:c1:94:fc:37:19:43:e9:e5:c6:
                    2f:49:51:ae:91:03:ac:b4:9a:87:1a:40:33:c5:71:
                    f3:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:68:7A:E9:24:38:79:E0:94:8A:CB:7A:EA:48:B4:8D:78:14:64:EE
            X509v3 Authority Key Identifier:
                keyid:A5:4A:9E:27:5C:5C:17:80:9B:8F:CF:8C:0F:E0:B5:F6:32:9C:EE:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:8f:a9:40:35:cf:eb:49:a7:b8:82:36:4a:b9:00:45:27:ce:
         c9:56:c6:00:4e:27:5c:b6:6e:ac:d2:79:33:22:fe:e6:99:44:
         5c:e7:3c:4f:31:b3:6f:49:ed:4d:55:02:d8:8b:57:6b:14:ae:
         f7:8b:d1:cc:28:c8:2a:a5:78:01:54:18:4e:a7:b6:3f:4a:90:
         e5:6c:8f:b8:e5:70:83:49:79:3a:4e:00:fc:21:0e:73:e8:b8:
         d4:0c:a5:de:50:b0:95:5b:f3:1e:55:2b:62:f6:c8:aa:1c:77:
         56:fb:21:04:84:e0:e2:e5:64:8a:20:f4:71:24:47:b5:dc:e2:
         9b:e8:ea:e2:19:ac:ef:91:0c:d3:71:d7:07:2d:31:b1:13:33:
         3c:d9:d0:f0:ba:08:9d:63:f7:d1:ba:06:db:3c:2d:31:f9:1a:
         12:3b:40:46:fc:e1:99:3b:6a:e3:56:17:8f:78:d1:be:ef:b0:
         fb:61:2e:a7:e6:ec:97:8e:76:e7:1a:c7:8f:50:7a:01:55:64:
         d4:17:64:aa:6a:9e:b8:01:76:b5:7f:5b:2b:72:d1:e6:ed:67:
         b6:c0:e0:83:45:4d:f7:6b:e7:59:74:69:a3:b7:70:a4:1e:7d:
         ac:92:69:eb:1a:db:3f:f3:b2:c3:5c:c5:06:b7:76:40:fe:a1:
         c1:86:d2:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766nmvu4js5f5zNCsmNFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NGE5ZTI3NWM1YzE3ODA5YjhmY2Y4YzBmZTBiNWY2MzI5
Y2VlZWYwHhcNMjUxMDE5MTAwMjI5WhcNMjUxMDIwMTAwMjI5WjAzMTEwLwYDVQQD
Eyg5ZDY4N2FlOTI0Mzg3OWUwOTQ4YWNiN2FlYTQ4YjQ4ZDc4MTQ2NGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCLNo3KZSYTYnGyOH43hv6+LbzXB
Ux9s3t0JoaZ4JOiWJCE5VK21KnLcEu9VqieWgMcch8Qd29Qb/L1P/UjH8D0hNfM9
lCj/cESJ5Xuh8AQk5Xozu7zBd0QXJjd+2nmN7wqaG9VwziWfJ//h/alvda+wDCYx
bF6LFgyOJnGbjtcDcYaBTKS1OXX5ZfaJakYBiYwFQGzl2SWVajXwGbS/lIEsbqfd
I9Bk8TnTXB1UBKDrRn2RbPICc4glJBW1uT447ErRcsTtvm7IYscbU1oHNI7i4z4C
qLo5MDDFeOW9HYbM/FCBqnvBlPw3GUPp5cYvSVGukQOstJqHGkAzxXHzYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1oeukkOHnglIrLeupItI14FGTuMB8GA1UdIwQY
MBaAFKVKnidcXBeAm4/PjA/gtfYynO7vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFVxZUoxeGNGNENiajgtTUQtQzE5aktjN3U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC80NzA3ZWMtZDNkZi00NDcwLTkyYTkt
Njk5ODBlZWJjMjBjLzEvcFVxZUoxeGNGNENiajgtTUQtQzE5aktjN3U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC80NzA3ZWMtZDNkZi00NDcwLTkyYTktNjk5ODBlZWJjMjBj
LzEvcFVxZUoxeGNGNENiajgtTUQtQzE5aktjN3U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn4+pQDXP
60mnuII2SrkARSfOyVbGAE4nXLZurNJ5MyL+5plEXOc8TzGzb0ntTVUC2ItXaxSu
94vRzCjIKqV4AVQYTqe2P0qQ5WyPuOVwg0l5Ok4A/CEOc+i41Ayl3lCwlVvzHlUr
YvbIqhx3VvshBITg4uVkiiD0cSRHtdzim+jq4hms75EM03HXBy0xsRMzPNnQ8LoI
nWP30boG2zwtMfkaEjtARvzhmTtq41YXj3jRvu+w+2Eup+bsl4525xrHj1B6AVVk
1BdkqmqeuAF2tX9bK3LR5u1ntsDgg0VN92vnWXRpo7dwpB59rJJp6xrbP/Oyw1zF
Brd2QP6hwYbS6A==
-----END CERTIFICATE-----