Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          uIC4/nhAB7NHEsF4mdWi8aXtf478fLHnG1HrY3pzdMs=
Subject key identifier:   58:49:78:B3:AE:32:ED:DF:BB:2A:AD:EB:37:A1:C5:77:5A:90:74:D2
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       0198D697FD1FBF78E874E8736E80C27A8E4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          164A
Signing time:             Sat 23 Aug 2025 11:02:21 +0000
Manifest this update:     Sat 23 Aug 2025 11:02:21 +0000
Manifest next update:     Sun 24 Aug 2025 11:02:21 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: 7pqP38W+nGLhZNLPZDx93QrdebJ8Yi6RR+Z1ubKMdOw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 11:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:97:fd:1f:bf:78:e8:74:e8:73:6e:80:c2:7a:8e:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Aug 23 11:02:21 2025 GMT
            Not After : Aug 24 11:02:21 2025 GMT
        Subject: CN=584978b3ae32eddfbb2aadeb37a1c5775a9074d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:30:ad:b3:ec:31:4c:63:90:47:4d:d9:1b:57:
                    ab:28:20:54:4a:73:1b:a9:40:c5:38:4d:22:9f:b3:
                    92:82:63:85:f3:fd:23:55:ea:a5:3e:76:c7:fa:bc:
                    b1:4d:71:4c:a1:eb:0e:c5:8d:66:7c:49:12:11:b8:
                    80:bd:05:e3:f2:46:99:06:cc:8a:0b:cf:88:e0:22:
                    88:2f:91:27:2f:03:c6:19:c3:4c:a4:6c:51:b0:98:
                    91:22:b9:31:11:6f:0d:d7:df:6a:3e:48:e3:a1:04:
                    a2:b1:71:a7:82:40:81:ef:28:f5:13:2c:bc:6d:d1:
                    3d:ce:d5:fd:f4:4d:07:6a:1e:99:72:f1:38:4b:98:
                    9e:bd:a5:3b:03:78:9c:f9:23:7f:9f:5c:e1:5c:23:
                    79:17:34:15:e1:4b:f3:7a:50:17:79:f5:47:80:85:
                    e5:18:d5:71:de:fd:5b:fe:7a:7b:86:3a:fe:22:9f:
                    b9:57:d8:9a:80:eb:06:df:1e:49:cc:8f:99:76:1a:
                    91:ff:1f:78:79:41:58:5f:4f:b9:d8:96:27:e6:21:
                    52:b1:52:c0:c5:35:f7:c5:35:03:34:12:44:40:12:
                    d5:dc:fa:36:a6:8c:58:6a:3a:74:65:43:1d:f4:e9:
                    b3:c2:6e:95:17:60:52:e6:3c:f5:e1:5b:5a:42:67:
                    6d:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:49:78:B3:AE:32:ED:DF:BB:2A:AD:EB:37:A1:C5:77:5A:90:74:D2
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:21:31:0d:83:95:f1:35:79:6e:6e:3a:9d:c3:fb:1a:f1:08:
         e9:c4:1b:da:05:98:0f:82:88:63:10:1b:53:76:35:a9:3d:5f:
         ae:83:c5:42:1a:c6:20:b7:94:29:c6:56:d6:ea:64:fc:13:ad:
         2f:8f:24:88:85:f0:30:f8:bc:0c:85:09:43:55:0f:63:fd:0a:
         53:74:70:10:c8:04:34:b0:43:b4:be:17:43:6c:36:ff:17:30:
         0a:b2:a3:06:62:ef:03:b5:34:00:ba:d0:c3:00:15:3c:4f:b2:
         c5:29:c5:a4:5c:96:60:18:fe:ea:ba:0f:44:bd:cc:ca:7e:bf:
         ff:a6:cb:70:c7:49:7e:e0:e7:67:33:fd:3d:b8:72:91:cd:71:
         87:a8:36:57:6e:4c:e3:90:09:2b:c3:b6:4f:8f:36:ea:d8:32:
         a0:78:4b:69:30:6f:b5:7f:45:5c:4c:0b:82:39:7b:70:eb:f8:
         a8:29:66:c2:f6:ee:ba:52:55:0d:43:19:f7:60:a1:37:05:36:
         57:2b:53:0f:0e:76:f8:d6:2f:ce:8d:b5:33:87:08:80:bf:f9:
         a0:90:66:e5:02:67:7f:ba:04:b2:99:23:34:fe:f5:24:14:32:
         09:51:b2:90:fe:6e:98:d8:24:d4:cb:67:be:7b:35:cb:74:03:
         cb:bb:0f:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWl/0fv3jodOhzboDCeo5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUwODIzMTEwMjIxWhcNMjUwODI0MTEwMjIxWjAzMTEwLwYDVQQD
Eyg1ODQ5NzhiM2FlMzJlZGRmYmIyYWFkZWIzN2ExYzU3NzVhOTA3NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DCts+wxTGOQR03ZG1erKCBUSnMb
qUDFOE0in7OSgmOF8/0jVeqlPnbH+ryxTXFMoesOxY1mfEkSEbiAvQXj8kaZBsyK
C8+I4CKIL5EnLwPGGcNMpGxRsJiRIrkxEW8N199qPkjjoQSisXGngkCB7yj1Eyy8
bdE9ztX99E0Hah6ZcvE4S5ievaU7A3ic+SN/n1zhXCN5FzQV4UvzelAXefVHgIXl
GNVx3v1b/np7hjr+Ip+5V9iagOsG3x5JzI+ZdhqR/x94eUFYX0+52JYn5iFSsVLA
xTX3xTUDNBJEQBLV3Po2poxYajp0ZUMd9Omzwm6VF2BS5jz14VtaQmdtBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhJeLOuMu3fuyqt6zehxXdakHTSMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUiExDYOV
8TV5bm46ncP7GvEI6cQb2gWYD4KIYxAbU3Y1qT1froPFQhrGILeUKcZW1upk/BOt
L48kiIXwMPi8DIUJQ1UPY/0KU3RwEMgENLBDtL4XQ2w2/xcwCrKjBmLvA7U0ALrQ
wwAVPE+yxSnFpFyWYBj+6roPRL3Myn6//6bLcMdJfuDnZzP9Pbhykc1xh6g2V25M
45AJK8O2T4826tgyoHhLaTBvtX9FXEwLgjl7cOv4qClmwvbuulJVDUMZ92ChNwU2
VytTDw52+NYvzo21M4cIgL/5oJBm5QJnf7oEspkjNP71JBQyCVGykP5umNgk1Mtn
vns1y3QDy7sPAg==
-----END CERTIFICATE-----