Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
File:                     uU8woHaUohE5ZIclom6zTOSha6s.mft (raw, json)
Hash identifier:          3j2s3gWfuw67g7WAFV7z0lLJzo9HSoKHx4b21w62ibk=
Subject key identifier:   AF:1B:D1:81:BA:40:86:75:9F:E7:22:BE:40:3C:95:91:29:FC:86:E2
Authority key identifier: B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB
Certificate issuer:       /CN=b94f30a07694a21139648725a26eb34ce4a16bab
Certificate serial:       0199FC8FA88C8270B67226E0797A7161CB47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
Manifest number:          0376
Signing time:             Sun 19 Oct 2025 13:01:37 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:37 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:37 +0000
Files and hashes:         1: uU8woHaUohE5ZIclom6zTOSha6s.crl (hash: qRxuecDSqcDal+Twb12POJtt3l9wBfqUtkndDJc2F6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:a8:8c:82:70:b6:72:26:e0:79:7a:71:61:cb:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b94f30a07694a21139648725a26eb34ce4a16bab
        Validity
            Not Before: Oct 19 13:01:37 2025 GMT
            Not After : Oct 20 13:01:37 2025 GMT
        Subject: CN=af1bd181ba4086759fe722be403c959129fc86e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:47:bc:fb:13:8b:60:9a:8e:7a:fe:fd:e1:3b:
                    55:82:5c:21:77:68:78:a0:7f:bd:70:6d:16:ce:ed:
                    93:66:2f:ce:0c:7a:34:b4:40:00:f1:90:5e:e6:cb:
                    32:30:4e:57:46:b1:55:e0:16:72:b4:a0:cd:d5:15:
                    ab:55:b2:df:32:5a:cf:1b:f3:29:00:66:d1:53:fe:
                    05:c8:e9:97:c9:f6:94:d9:a2:35:ab:09:45:61:34:
                    73:2a:d7:2f:3a:3e:d6:3c:87:67:ae:33:c6:2d:51:
                    ad:88:02:37:26:f9:62:d1:52:02:81:00:d4:7b:3a:
                    27:2b:ad:18:ac:28:c2:e4:6d:ad:e5:13:c7:e3:4c:
                    de:44:dc:d5:38:55:3d:4a:e7:fe:33:8f:df:b5:dd:
                    87:4c:a3:a8:88:c1:dd:1a:3d:c1:8e:82:76:90:fa:
                    49:37:3d:57:a1:0c:d4:72:78:dd:ca:e0:4f:7d:89:
                    ec:aa:bc:19:b3:fd:66:b2:11:4a:13:5e:78:21:87:
                    e8:82:49:72:bc:ad:88:50:d1:f0:44:82:c4:c7:ac:
                    52:cf:80:2c:d5:c8:fe:98:40:2f:fa:c5:16:fc:19:
                    fe:10:49:ea:11:4d:07:48:d5:e4:c5:df:ad:d9:23:
                    a9:6d:ca:92:05:60:d0:f8:6e:31:ba:f8:3d:1f:0e:
                    04:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:1B:D1:81:BA:40:86:75:9F:E7:22:BE:40:3C:95:91:29:FC:86:E2
            X509v3 Authority Key Identifier:
                keyid:B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:cb:09:49:2e:b0:a4:45:15:e8:be:35:84:8c:29:97:71:18:
         73:43:03:66:92:1b:6e:b2:bd:bf:a3:f9:01:54:c8:80:b2:8c:
         52:25:bc:38:e4:bd:e6:11:b1:79:52:0b:11:18:bb:67:bb:d2:
         65:4a:ed:bb:ea:f8:c1:0b:40:77:56:89:c4:c4:40:4a:3f:98:
         eb:1b:3e:64:d2:87:4e:a4:b6:cf:65:1e:36:d3:07:73:75:58:
         a8:ff:2b:94:b7:5f:32:70:f6:ea:42:f5:53:62:0e:62:28:b5:
         f7:4c:e5:20:12:ce:0a:ae:e9:ee:f9:d0:9f:32:15:5b:45:4a:
         51:0f:2f:9a:10:72:39:99:b1:8b:b0:58:9d:a6:a6:2b:f9:f2:
         a5:31:94:ee:fc:d4:4e:7e:ad:33:b7:98:29:00:57:5d:0d:3b:
         4e:90:6e:ac:66:b2:ec:80:19:47:73:9f:0c:a7:36:49:4e:31:
         48:d3:11:8f:e7:49:97:8e:83:08:23:17:1e:5a:f0:de:2f:10:
         fa:04:35:c5:90:ba:74:bf:c5:0e:e0:dc:f2:9e:4d:9c:98:e3:
         c0:e6:27:4a:22:73:36:a7:01:29:b8:f6:5f:7a:bd:38:0d:70:
         e6:65:68:78:33:ce:f7:d3:d5:13:bb:33:65:ab:40:b1:b2:7e:
         58:04:7a:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j6iMgnC2cibgeXpxYctHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NGYzMGEwNzY5NGEyMTEzOTY0ODcyNWEyNmViMzRjZTRh
MTZiYWIwHhcNMjUxMDE5MTMwMTM3WhcNMjUxMDIwMTMwMTM3WjAzMTEwLwYDVQQD
EyhhZjFiZDE4MWJhNDA4Njc1OWZlNzIyYmU0MDNjOTU5MTI5ZmM4NmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70e8+xOLYJqOev794TtVglwhd2h4
oH+9cG0Wzu2TZi/ODHo0tEAA8ZBe5ssyME5XRrFV4BZytKDN1RWrVbLfMlrPG/Mp
AGbRU/4FyOmXyfaU2aI1qwlFYTRzKtcvOj7WPIdnrjPGLVGtiAI3Jvli0VICgQDU
ezonK60YrCjC5G2t5RPH40zeRNzVOFU9Suf+M4/ftd2HTKOoiMHdGj3BjoJ2kPpJ
Nz1XoQzUcnjdyuBPfYnsqrwZs/1mshFKE154IYfogklyvK2IUNHwRILEx6xSz4As
1cj+mEAv+sUW/Bn+EEnqEU0HSNXkxd+t2SOpbcqSBWDQ+G4xuvg9Hw4E4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8b0YG6QIZ1n+civkA8lZEp/IbiMB8GA1UdIwQY
MBaAFLlPMKB2lKIROWSHJaJus0zkoWurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDIt
NzdhMzgzNWQ0ZmJiLzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDItNzdhMzgzNWQ0ZmJi
LzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArcsJSS6w
pEUV6L41hIwpl3EYc0MDZpIbbrK9v6P5AVTIgLKMUiW8OOS95hGxeVILERi7Z7vS
ZUrtu+r4wQtAd1aJxMRASj+Y6xs+ZNKHTqS2z2UeNtMHc3VYqP8rlLdfMnD26kL1
U2IOYii190zlIBLOCq7p7vnQnzIVW0VKUQ8vmhByOZmxi7BYnaamK/nypTGU7vzU
Tn6tM7eYKQBXXQ07TpBurGay7IAZR3OfDKc2SU4xSNMRj+dJl46DCCMXHlrw3i8Q
+gQ1xZC6dL/FDuDc8p5NnJjjwOYnSiJzNqcBKbj2X3q9OA1w5mVoeDPO99PVE7sz
ZatAsbJ+WAR6rg==
-----END CERTIFICATE-----