Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
File:                     uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft (raw, json)
Hash identifier:          N8eLkRct4ra6elIObvmWcIGq6QgMhpOEqVsp2fDPorU=
Subject key identifier:   F5:E0:16:C1:B3:3F:EE:36:63:A6:B2:29:F6:C8:40:A7:09:6F:DD:2D
Authority key identifier: B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA
Certificate issuer:       /CN=b88177a9a3469db3acf10a98f6c03931e35515fa
Certificate serial:       0199FE4735D4E920721F8717E8B6636B02CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
Manifest number:          067C
Signing time:             Sun 19 Oct 2025 21:01:43 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:43 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:43 +0000
Files and hashes:         1: uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl (hash: dvyWQAYeqV3Zjgiz7UI+rSXTsNusaLasYbs85YWe8y0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:35:d4:e9:20:72:1f:87:17:e8:b6:63:6b:02:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88177a9a3469db3acf10a98f6c03931e35515fa
        Validity
            Not Before: Oct 19 21:01:43 2025 GMT
            Not After : Oct 20 21:01:43 2025 GMT
        Subject: CN=f5e016c1b33fee3663a6b229f6c840a7096fdd2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5b:98:22:ef:6f:4c:9d:c6:23:eb:d2:ae:7d:
                    42:69:20:78:39:a3:61:0f:17:3e:1d:13:c5:98:3c:
                    5d:3f:3b:f1:c9:a7:4b:ce:7a:aa:4e:53:57:6e:4f:
                    ce:4a:bf:df:0b:bd:34:86:79:d8:73:cd:2d:78:a9:
                    dc:cd:6b:a4:c9:2d:dd:2d:2b:e0:a1:95:d4:39:34:
                    3b:a6:d9:57:5d:2c:9b:57:1d:db:82:01:a0:58:27:
                    c1:69:6a:1b:e9:c5:ca:10:ac:54:80:a2:a2:40:cd:
                    d6:11:b6:b4:e9:5d:ee:2c:79:86:ad:62:2c:58:88:
                    89:5b:99:37:8f:83:19:6b:ed:87:ea:cd:88:cf:84:
                    69:16:e4:f8:a8:85:2b:22:4b:95:75:a6:7a:68:fd:
                    fa:5f:51:ca:76:97:18:83:bc:9e:24:15:40:3a:12:
                    fc:ee:33:e7:a2:06:fe:94:e0:8f:f3:8b:84:cd:2f:
                    37:02:98:e5:73:32:83:b0:f9:29:10:cb:ff:67:52:
                    fd:f4:9d:b6:51:71:1c:24:0c:0c:83:3f:f3:28:0f:
                    b6:91:13:48:f5:49:3c:b5:d0:8e:af:a1:61:dd:3b:
                    05:2c:b8:bf:7e:bb:e2:70:53:d4:6b:ef:6a:c5:e4:
                    aa:a9:0a:44:c2:58:1d:e3:d3:d7:a0:07:1b:e9:e3:
                    66:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:E0:16:C1:B3:3F:EE:36:63:A6:B2:29:F6:C8:40:A7:09:6F:DD:2D
            X509v3 Authority Key Identifier:
                keyid:B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:10:ad:44:99:ea:bb:d7:79:aa:2d:ab:00:71:66:19:20:47:
         b2:5f:b0:ff:8c:7c:9a:6a:92:0f:af:b3:4b:3c:fa:49:61:28:
         76:13:b1:c7:1a:87:6e:81:13:9f:95:17:dc:27:ac:67:93:5f:
         03:db:56:b1:74:b8:3a:2c:6e:61:19:4f:3f:71:78:3f:95:e4:
         26:cc:ca:7a:9b:0f:70:c5:71:54:a0:d8:a2:71:85:5e:43:f8:
         e0:1c:85:7f:75:e0:2a:5a:fe:ed:3d:e2:a3:e2:27:9e:5c:d1:
         87:d5:ae:a3:f8:0a:dc:68:37:fc:25:eb:45:91:e3:de:b8:8e:
         06:f5:40:8b:10:14:c4:ce:35:b1:0a:86:78:16:03:85:91:aa:
         ee:eb:c3:8f:9a:1f:f4:77:d5:c7:62:9f:fa:b2:e6:1c:60:0b:
         6c:cb:e7:cd:48:7d:5b:68:b4:c6:36:c9:70:bf:7f:a0:b6:10:
         8f:93:fd:ca:15:7b:6e:fe:63:02:a1:af:72:a7:a2:98:19:4d:
         ee:23:c3:a9:26:85:19:b7:bc:a3:e4:37:96:a4:00:54:13:5a:
         b3:82:4e:6c:61:50:d3:42:60:34:44:8a:ab:71:5a:d4:91:d4:
         8e:b7:bd:3c:a2:7c:37:d1:de:e0:a7:bf:5c:cd:2f:37:1e:33:
         f5:bd:d6:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RzXU6SByH4cX6LZjawLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ODE3N2E5YTM0NjlkYjNhY2YxMGE5OGY2YzAzOTMxZTM1
NTE1ZmEwHhcNMjUxMDE5MjEwMTQzWhcNMjUxMDIwMjEwMTQzWjAzMTEwLwYDVQQD
EyhmNWUwMTZjMWIzM2ZlZTM2NjNhNmIyMjlmNmM4NDBhNzA5NmZkZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVuYIu9vTJ3GI+vSrn1CaSB4OaNh
Dxc+HRPFmDxdPzvxyadLznqqTlNXbk/OSr/fC700hnnYc80teKnczWukyS3dLSvg
oZXUOTQ7ptlXXSybVx3bggGgWCfBaWob6cXKEKxUgKKiQM3WEba06V3uLHmGrWIs
WIiJW5k3j4MZa+2H6s2Iz4RpFuT4qIUrIkuVdaZ6aP36X1HKdpcYg7yeJBVAOhL8
7jPnogb+lOCP84uEzS83ApjlczKDsPkpEMv/Z1L99J22UXEcJAwMgz/zKA+2kRNI
9Uk8tdCOr6Fh3TsFLLi/frvicFPUa+9qxeSqqQpEwlgd49PXoAcb6eNmUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXgFsGzP+42Y6ayKfbIQKcJb90tMB8GA1UdIwQY
MBaAFLiBd6mjRp2zrPEKmPbAOTHjVRX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTct
ZWIwODg1YjkwMDNlLzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTctZWIwODg1YjkwMDNl
LzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBCtRJnq
u9d5qi2rAHFmGSBHsl+w/4x8mmqSD6+zSzz6SWEodhOxxxqHboETn5UX3CesZ5Nf
A9tWsXS4OixuYRlPP3F4P5XkJszKepsPcMVxVKDYonGFXkP44ByFf3XgKlr+7T3i
o+InnlzRh9Wuo/gK3Gg3/CXrRZHj3riOBvVAixAUxM41sQqGeBYDhZGq7uvDj5of
9HfVx2Kf+rLmHGALbMvnzUh9W2i0xjbJcL9/oLYQj5P9yhV7bv5jAqGvcqeimBlN
7iPDqSaFGbe8o+Q3lqQAVBNas4JObGFQ00JgNESKq3Fa1JHUjre9PKJ8N9He4Ke/
XM0vNx4z9b3Wew==
-----END CERTIFICATE-----