Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          Iez1sIi8eq32Lm5bqq5XevBaTRmejdYB5dhLStTH+64=
Subject key identifier:   BA:0B:B8:BF:CF:76:4A:F7:C6:90:93:3A:CC:3B:0F:C6:5E:49:BA:B1
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       0197B6D7B8D9FEC73DF46E6807B628B30541
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          15B5
Signing time:             Sat 28 Jun 2025 14:01:20 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:20 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:20 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: ProAlHl6QR9Jb91sL359jFWPWY0jSfoZLsV8hTTAKhk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:b8:d9:fe:c7:3d:f4:6e:68:07:b6:28:b3:05:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Jun 28 14:01:20 2025 GMT
            Not After : Jun 29 14:01:20 2025 GMT
        Subject: CN=ba0bb8bfcf764af7c690933acc3b0fc65e49bab1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:55:34:7a:1c:85:d3:bf:c9:e4:7c:56:94:79:
                    ef:86:6d:2b:a0:09:b9:4a:21:09:36:51:e8:67:47:
                    52:ed:c8:68:0e:f5:86:52:33:92:fd:cb:9f:0e:56:
                    ed:39:68:d5:f4:67:69:a5:df:d2:90:b1:05:d4:5a:
                    81:fd:ce:57:d8:06:f4:65:19:6a:d0:5e:e1:dd:7f:
                    31:0e:61:07:5c:47:68:42:69:4b:74:34:24:1d:38:
                    29:74:d5:f8:e5:41:e3:39:0a:01:cf:43:25:24:76:
                    df:51:ca:1a:d8:85:a7:94:1f:a2:9a:e7:06:89:ad:
                    9b:8b:62:3a:50:b2:ee:26:52:5d:18:45:95:66:9b:
                    e1:5e:22:e1:04:1d:cf:3c:25:a6:9a:b0:97:e1:f5:
                    1e:a1:bf:57:44:f8:eb:9f:21:0e:bc:0c:36:6e:9d:
                    43:48:08:be:0d:48:42:05:40:fe:6c:7b:d2:bd:83:
                    5c:51:e5:eb:69:10:c2:62:a5:8f:47:c4:8e:29:a8:
                    13:a8:49:8a:30:ab:4a:8a:45:ae:86:27:98:b5:09:
                    bc:2f:a6:a1:d8:b4:32:65:39:9b:fc:3f:46:7f:1c:
                    9c:54:2d:f5:b0:4d:96:0f:13:00:f9:72:ab:a1:1b:
                    6f:18:22:01:0b:fd:3d:d5:c1:af:da:84:3d:3a:ea:
                    cc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:0B:B8:BF:CF:76:4A:F7:C6:90:93:3A:CC:3B:0F:C6:5E:49:BA:B1
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:a3:58:f4:1f:40:5b:5b:2a:c1:b4:f4:8d:ee:04:ef:2c:1c:
         af:0c:f1:fc:4a:31:81:fe:2b:57:42:88:3b:92:ce:79:b8:6d:
         04:19:f5:a0:91:6b:05:00:75:75:f8:0a:ae:8a:75:78:a8:00:
         d8:4e:34:0c:c9:f6:9d:dc:23:7d:f3:6e:5e:aa:3d:c9:32:82:
         dd:23:8e:d7:24:de:79:7c:e2:4d:1a:66:4b:0d:23:92:72:f4:
         56:22:ac:47:1a:5a:63:78:e1:ba:57:f8:7b:3f:52:fd:b5:46:
         b2:47:86:f9:7c:58:5a:97:be:0f:f8:e3:1d:99:15:38:41:fa:
         ad:02:bd:bf:a0:8a:c1:64:29:95:fd:86:6e:38:be:81:1e:7a:
         47:26:1b:50:9a:a7:be:6a:67:f0:a6:33:1e:ba:d9:89:7f:35:
         44:b7:ee:55:cf:ed:91:7d:7b:73:e3:df:fb:36:9d:87:7e:66:
         ba:77:e2:72:6d:78:81:2d:29:b1:b6:31:3b:cf:c3:d3:cd:ea:
         99:13:e9:4a:fe:b9:a2:f8:27:4c:2c:32:b9:c3:1e:c5:b6:54:
         89:7a:f6:3c:47:7c:3a:4d:d2:7d:ec:eb:83:8a:68:59:d9:7e:
         92:b0:9b:0b:7b:51:43:28:f4:c0:06:3e:77:7e:f8:4a:69:0d:
         4d:98:6f:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe217jZ/sc99G5oB7YoswVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUwNjI4MTQwMTIwWhcNMjUwNjI5MTQwMTIwWjAzMTEwLwYDVQQD
EyhiYTBiYjhiZmNmNzY0YWY3YzY5MDkzM2FjYzNiMGZjNjVlNDliYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01U0ehyF07/J5HxWlHnvhm0roAm5
SiEJNlHoZ0dS7choDvWGUjOS/cufDlbtOWjV9Gdppd/SkLEF1FqB/c5X2Ab0ZRlq
0F7h3X8xDmEHXEdoQmlLdDQkHTgpdNX45UHjOQoBz0MlJHbfUcoa2IWnlB+imucG
ia2bi2I6ULLuJlJdGEWVZpvhXiLhBB3PPCWmmrCX4fUeob9XRPjrnyEOvAw2bp1D
SAi+DUhCBUD+bHvSvYNcUeXraRDCYqWPR8SOKagTqEmKMKtKikWuhieYtQm8L6ah
2LQyZTmb/D9GfxycVC31sE2WDxMA+XKroRtvGCIBC/091cGv2oQ9OurMtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoLuL/Pdkr3xpCTOsw7D8ZeSbqxMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACKNY9B9A
W1sqwbT0je4E7ywcrwzx/Eoxgf4rV0KIO5LOebhtBBn1oJFrBQB1dfgKrop1eKgA
2E40DMn2ndwjffNuXqo9yTKC3SOO1yTeeXziTRpmSw0jknL0ViKsRxpaY3jhulf4
ez9S/bVGskeG+XxYWpe+D/jjHZkVOEH6rQK9v6CKwWQplf2Gbji+gR56RyYbUJqn
vmpn8KYzHrrZiX81RLfuVc/tkX17c+Pf+zadh35munficm14gS0psbYxO8/D083q
mRPpSv65ovgnTCwyucMexbZUiXr2PEd8Ok3Sfezrg4poWdl+krCbC3tRQyj0wAY+
d374SmkNTZhvng==
-----END CERTIFICATE-----