Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          hE885oc+BvH5EI3lV+miL+xXOYYZBjXyto+rW7gGV3g=
Subject key identifier:   C2:76:2E:43:46:D4:78:37:CC:DB:E0:9E:92:AE:B3:EB:7D:F3:DB:DE
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       0199FC214CEE9DEE2C4A81665F3BAE72F70E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          16E2
Signing time:             Sun 19 Oct 2025 11:01:04 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:04 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:04 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: VH0zxOnMuiymvBHwRIMQaTWDTBeGTaH30ysqxi/aETw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:4c:ee:9d:ee:2c:4a:81:66:5f:3b:ae:72:f7:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Oct 19 11:01:04 2025 GMT
            Not After : Oct 20 11:01:04 2025 GMT
        Subject: CN=c2762e4346d47837ccdbe09e92aeb3eb7df3dbde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:1e:9d:ee:22:85:db:87:17:a9:1d:38:93:05:
                    13:69:9b:2f:2a:ef:11:fc:13:eb:9c:a3:c2:b9:de:
                    68:89:0a:5d:25:1f:c3:37:19:2d:a6:c4:61:3b:e4:
                    4a:f6:45:9e:7b:52:b5:de:8b:6b:f1:8f:d2:c8:22:
                    30:f3:5a:5b:a0:aa:71:75:08:a2:a0:a2:c4:41:75:
                    94:6a:82:30:b9:7b:de:4c:1b:b9:45:57:6f:8b:cf:
                    5a:cb:9f:9c:91:1a:7f:6a:86:5a:f7:a6:20:02:1c:
                    e8:e2:0a:4c:35:e0:b2:8a:14:df:e4:49:7d:38:46:
                    4d:d5:b6:a8:0e:cc:f3:61:3b:3d:f3:23:5d:64:50:
                    d1:98:92:39:c3:2c:9d:7e:aa:9d:63:71:9c:79:93:
                    f5:7d:b5:37:41:3c:8b:e4:22:44:64:50:7a:f3:4d:
                    d0:99:10:2a:c9:c2:bd:17:37:56:d2:73:09:4e:8e:
                    83:68:92:d6:75:bb:42:97:49:0a:03:28:29:c3:6b:
                    0e:ea:52:bf:7b:31:8e:df:8e:3e:60:82:07:de:03:
                    64:ae:85:a5:2c:c1:2a:1a:67:a6:c1:f1:67:57:81:
                    02:85:7f:87:e0:d0:27:4e:f5:f6:de:77:79:db:2d:
                    52:59:80:35:d9:db:a5:13:27:df:c6:2d:33:9d:b6:
                    44:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:76:2E:43:46:D4:78:37:CC:DB:E0:9E:92:AE:B3:EB:7D:F3:DB:DE
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:49:e7:53:8e:0c:9c:f5:5c:fc:03:d1:0a:d7:7e:a5:f3:fd:
         04:f7:ea:75:1e:5f:5b:15:ec:43:ad:65:99:b9:f7:fc:eb:46:
         49:65:79:3c:5d:9f:d0:d2:cd:fb:29:65:cf:ab:83:f6:d2:ac:
         0b:4f:c2:22:56:c6:bd:d0:65:86:8e:8b:c0:cb:bb:5a:8b:ea:
         b4:12:aa:b5:2a:fd:9b:a8:e4:ba:9b:5c:26:b4:e6:3c:de:cd:
         05:1c:37:ed:80:b9:f2:ec:8d:bb:4f:4d:73:3c:5b:03:bc:03:
         10:f0:0b:ba:5f:18:b8:07:5e:55:ac:cc:ee:3e:29:fd:18:7f:
         5b:71:c8:0e:3a:39:3a:d3:5c:61:fa:b6:a0:4a:df:49:a8:e6:
         f1:50:f3:96:a0:81:61:21:06:c3:86:9e:a8:c5:be:17:bd:2e:
         38:43:cd:47:60:ed:64:c9:af:a8:51:ac:67:cc:42:bd:42:8c:
         fe:8e:ae:87:da:3f:0e:ad:5c:ce:59:7a:22:ee:5e:23:4e:6e:
         e6:38:d6:c8:64:8f:fd:4d:e9:72:fb:60:10:32:c3:d7:8b:1e:
         77:18:6f:c8:b0:74:55:84:01:61:71:0f:0c:e1:77:1f:23:70:
         9f:70:0a:aa:b9:c2:da:53:bb:5c:cb:7a:e2:79:27:a5:2b:91:
         8a:39:0a:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IUzune4sSoFmXzuucvcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUxMDE5MTEwMTA0WhcNMjUxMDIwMTEwMTA0WjAzMTEwLwYDVQQD
EyhjMjc2MmU0MzQ2ZDQ3ODM3Y2NkYmUwOWU5MmFlYjNlYjdkZjNkYmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph6d7iKF24cXqR04kwUTaZsvKu8R
/BPrnKPCud5oiQpdJR/DNxktpsRhO+RK9kWee1K13otr8Y/SyCIw81pboKpxdQii
oKLEQXWUaoIwuXveTBu5RVdvi89ay5+ckRp/aoZa96YgAhzo4gpMNeCyihTf5El9
OEZN1baoDszzYTs98yNdZFDRmJI5wyydfqqdY3GceZP1fbU3QTyL5CJEZFB6803Q
mRAqycK9FzdW0nMJTo6DaJLWdbtCl0kKAygpw2sO6lK/ezGO344+YIIH3gNkroWl
LMEqGmemwfFnV4EChX+H4NAnTvX23nd52y1SWYA12dulEyffxi0znbZE9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJ2LkNG1Hg3zNvgnpKus+t989veMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUUnnU44M
nPVc/APRCtd+pfP9BPfqdR5fWxXsQ61lmbn3/OtGSWV5PF2f0NLN+yllz6uD9tKs
C0/CIlbGvdBlho6LwMu7WovqtBKqtSr9m6jkuptcJrTmPN7NBRw37YC58uyNu09N
czxbA7wDEPALul8YuAdeVazM7j4p/Rh/W3HIDjo5OtNcYfq2oErfSajm8VDzlqCB
YSEGw4aeqMW+F70uOEPNR2DtZMmvqFGsZ8xCvUKM/o6uh9o/Dq1czll6Iu5eI05u
5jjWyGSP/U3pcvtgEDLD14sedxhvyLB0VYQBYXEPDOF3HyNwn3AKqrnC2lO7XMt6
4nknpSuRijkKsg==
-----END CERTIFICATE-----