Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
File:                     U_tSQvmM_53qm6qMiuRmpCtTfFw.mft (raw, json)
Hash identifier:          3ulZB53CHTCQrSKwsvLFFpUaCb9d6IZlmt48/Xqo+E0=
Subject key identifier:   65:89:30:C1:1B:5A:7B:C8:22:9C:48:5C:FE:C9:65:AE:2A:72:F4:0A
Authority key identifier: 53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C
Certificate issuer:       /CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
Certificate serial:       019A01B5CA2AE469745C784B9A5FEDF96342
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
Manifest number:          16CA
Signing time:             Mon 20 Oct 2025 13:01:22 +0000
Manifest this update:     Mon 20 Oct 2025 13:01:22 +0000
Manifest next update:     Tue 21 Oct 2025 13:01:22 +0000
Files and hashes:         1: U_tSQvmM_53qm6qMiuRmpCtTfFw.crl (hash: /dP4KXee7DdM0Y7U8Kd/iUW2gHRd2Onv8EIP8JK/8e8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:b5:ca:2a:e4:69:74:5c:78:4b:9a:5f:ed:f9:63:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
        Validity
            Not Before: Oct 20 13:01:22 2025 GMT
            Not After : Oct 21 13:01:22 2025 GMT
        Subject: CN=658930c11b5a7bc8229c485cfec965ae2a72f40a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:39:db:6b:d3:9f:6d:81:e7:49:df:b2:35:dd:
                    b1:1a:5b:f1:33:57:d7:27:4d:86:15:30:51:37:b2:
                    bb:22:88:13:65:fa:7c:ab:4c:e4:dd:26:23:87:d2:
                    41:b2:70:be:10:f3:67:4a:c0:b2:4b:dd:e0:17:5b:
                    43:17:51:bd:4d:be:70:96:94:5b:55:cb:c2:49:0b:
                    50:69:a6:63:13:6a:d1:17:71:ae:ca:6e:e0:5e:d8:
                    78:d3:f8:e7:91:fc:6c:9e:61:1c:9e:e1:df:f3:e9:
                    7a:24:0f:65:cb:e3:2f:06:f5:ae:39:9d:09:f3:67:
                    9c:6b:a7:92:f5:0a:c7:51:00:92:84:3f:7f:07:8a:
                    52:41:db:35:27:a2:bd:ad:71:86:ec:e6:9f:6e:48:
                    d7:d9:a1:e8:b8:b5:90:34:65:f1:98:dc:07:86:b4:
                    c3:fe:d2:4b:0a:9b:08:b3:8a:a5:32:da:ec:ea:ac:
                    26:ee:29:23:69:a2:57:ad:b8:d1:2c:1f:1d:48:c1:
                    86:8d:ae:d9:94:c0:bd:5a:32:b5:f8:42:74:bc:7c:
                    24:b1:51:32:5a:a1:18:87:e6:b3:51:a2:eb:1c:a8:
                    c1:18:64:a0:72:82:59:51:de:11:66:1d:f7:34:21:
                    42:46:ef:9c:f2:e0:a2:28:85:1e:92:b5:25:40:73:
                    0f:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:89:30:C1:1B:5A:7B:C8:22:9C:48:5C:FE:C9:65:AE:2A:72:F4:0A
            X509v3 Authority Key Identifier:
                keyid:53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:53:17:a7:5b:26:42:6f:9d:2f:02:11:70:22:1c:dc:d7:fb:
         db:c5:6f:ce:69:80:6e:9d:38:75:8d:f2:f5:6f:a8:e5:c3:45:
         97:02:ad:bd:56:43:fd:4c:3e:33:d7:80:f3:f6:19:00:9c:1c:
         ac:fc:5d:1e:28:45:32:d7:9f:e1:52:c7:63:a4:0e:86:29:38:
         b2:13:6e:54:27:cd:b7:1b:26:57:46:51:f4:44:c2:8e:a2:0a:
         9a:f6:c3:e4:b4:8f:c0:18:1f:9b:82:cb:a2:31:44:6d:55:82:
         66:40:77:f6:f7:cc:4e:cf:82:d2:5e:67:4b:1e:8d:ec:6c:fc:
         0d:c5:bc:69:a9:44:f0:0b:af:8c:7f:93:50:0c:19:64:2b:26:
         6a:fa:4a:e2:94:e2:d9:cc:c3:cd:a4:a7:8c:ad:90:41:8b:6b:
         67:ae:62:d2:5c:69:f7:7b:19:be:be:bc:b8:40:78:91:68:64:
         d7:90:78:50:b4:91:d8:b8:9b:f6:48:e2:8b:86:12:1d:5d:47:
         b6:63:3f:38:41:8c:25:77:0c:1e:16:a1:b2:b6:8d:b0:f7:ed:
         d9:2e:66:ed:d5:58:c1:c5:9e:4c:27:09:a6:25:d9:ae:1f:7c:
         82:62:37:5c:b9:45:d7:7f:93:e8:48:a4:e7:6a:bf:7c:2d:dc:
         36:c8:6b:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtcoq5Gl0XHhLml/t+WNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZmI1MjQyZjk4Y2ZmOWRlYTliYWE4YzhhZTQ2NmE0MmI1
MzdjNWMwHhcNMjUxMDIwMTMwMTIyWhcNMjUxMDIxMTMwMTIyWjAzMTEwLwYDVQQD
Eyg2NTg5MzBjMTFiNWE3YmM4MjI5YzQ4NWNmZWM5NjVhZTJhNzJmNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Tnba9OfbYHnSd+yNd2xGlvxM1fX
J02GFTBRN7K7IogTZfp8q0zk3SYjh9JBsnC+EPNnSsCyS93gF1tDF1G9Tb5wlpRb
VcvCSQtQaaZjE2rRF3Guym7gXth40/jnkfxsnmEcnuHf8+l6JA9ly+MvBvWuOZ0J
82eca6eS9QrHUQCShD9/B4pSQds1J6K9rXGG7OafbkjX2aHouLWQNGXxmNwHhrTD
/tJLCpsIs4qlMtrs6qwm7ikjaaJXrbjRLB8dSMGGja7ZlMC9WjK1+EJ0vHwksVEy
WqEYh+azUaLrHKjBGGSgcoJZUd4RZh33NCFCRu+c8uCiKIUekrUlQHMPowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWJMMEbWnvIIpxIXP7JZa4qcvQKMB8GA1UdIwQY
MBaAFFP7UkL5jP+d6puqjIrkZqQrU3xcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lNGQ3YzYtYTI5OS00Yjg4LTgyNDct
OWM0MDMyOTYzZTE3LzEvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lNGQ3YzYtYTI5OS00Yjg4LTgyNDctOWM0MDMyOTYzZTE3
LzEvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhVMXp1sm
Qm+dLwIRcCIc3Nf728VvzmmAbp04dY3y9W+o5cNFlwKtvVZD/Uw+M9eA8/YZAJwc
rPxdHihFMtef4VLHY6QOhik4shNuVCfNtxsmV0ZR9ETCjqIKmvbD5LSPwBgfm4LL
ojFEbVWCZkB39vfMTs+C0l5nSx6N7Gz8DcW8aalE8AuvjH+TUAwZZCsmavpK4pTi
2czDzaSnjK2QQYtrZ65i0lxp93sZvr68uEB4kWhk15B4ULSR2Lib9kjii4YSHV1H
tmM/OEGMJXcMHhahsraNsPft2S5m7dVYwcWeTCcJpiXZrh98gmI3XLlF13+T6Eik
52q/fC3cNshrlA==
-----END CERTIFICATE-----