Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft
File:                     U1wJpqvN8dobR6tK8_-O_KWBRF0.mft (raw, json)
Hash identifier:          mxg0A4r50rm52T+gPjri4IgL6lm/vkwx3adaCyNjLu4=
Subject key identifier:   67:87:E3:7B:CE:FF:ED:23:CB:AB:F0:7E:2F:DF:62:45:33:3A:5F:D1
Authority key identifier: 53:5C:09:A6:AB:CD:F1:DA:1B:47:AB:4A:F3:FF:8E:FC:A5:81:44:5D
Certificate issuer:       /CN=535c09a6abcdf1da1b47ab4af3ff8efca581445d
Certificate serial:       019A01B52589872E1E5F0DE57CB52E0A2E5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1wJpqvN8dobR6tK8_-O_KWBRF0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft
Manifest number:          0649
Signing time:             Mon 20 Oct 2025 13:00:40 +0000
Manifest this update:     Mon 20 Oct 2025 13:00:40 +0000
Manifest next update:     Tue 21 Oct 2025 13:00:40 +0000
Files and hashes:         1: U1wJpqvN8dobR6tK8_-O_KWBRF0.crl (hash: iufYonIVG2X6Pji/lgZVTIiz6eGUQ9/aBuj9RUCTIyU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1wJpqvN8dobR6tK8_-O_KWBRF0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:b5:25:89:87:2e:1e:5f:0d:e5:7c:b5:2e:0a:2e:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535c09a6abcdf1da1b47ab4af3ff8efca581445d
        Validity
            Not Before: Oct 20 13:00:40 2025 GMT
            Not After : Oct 21 13:00:40 2025 GMT
        Subject: CN=6787e37bceffed23cbabf07e2fdf6245333a5fd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7e:ec:e0:97:12:ad:c4:58:46:25:da:70:28:
                    ce:21:9c:d3:20:c4:83:c2:c4:8c:10:f7:91:14:2c:
                    da:d3:76:3d:c1:c9:fc:06:dd:77:7b:e6:5b:11:5d:
                    73:26:36:6f:e4:0a:a5:6c:b1:ab:48:5b:38:79:9c:
                    db:b4:d6:eb:9f:a3:22:a9:62:90:2d:7a:8f:72:50:
                    f6:da:2e:17:10:bc:93:fa:67:8b:e9:09:6f:c4:06:
                    13:dd:8b:69:62:4b:12:d3:f0:09:a3:9d:3d:d8:de:
                    d8:62:8a:37:99:63:5c:e1:c4:f2:10:f4:18:e2:ff:
                    43:46:71:ce:65:d1:c3:b9:66:d1:1a:93:9e:f4:f8:
                    38:0e:3b:b5:3b:e7:ee:d8:9d:2d:24:7a:b8:a5:90:
                    cb:05:bd:80:63:7d:b4:16:d8:2e:f6:da:17:1f:6d:
                    17:e3:7b:ff:2e:66:a6:78:35:f7:c9:46:06:7d:13:
                    b5:3a:3d:73:e5:0c:e2:fd:50:b0:5b:6a:82:9d:36:
                    da:1d:53:52:ba:78:ea:9b:b4:4f:57:fe:1c:84:ec:
                    82:20:a6:19:f9:a6:e6:34:56:cc:35:66:2a:02:2f:
                    d7:d4:08:24:fd:84:6a:7d:f5:96:94:cb:46:00:9c:
                    dd:f2:f1:7d:bd:61:c9:56:ed:0b:64:b2:93:b3:48:
                    7d:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:87:E3:7B:CE:FF:ED:23:CB:AB:F0:7E:2F:DF:62:45:33:3A:5F:D1
            X509v3 Authority Key Identifier:
                keyid:53:5C:09:A6:AB:CD:F1:DA:1B:47:AB:4A:F3:FF:8E:FC:A5:81:44:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1wJpqvN8dobR6tK8_-O_KWBRF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:a4:19:1f:67:e4:09:90:3a:4a:73:df:d7:b3:9c:4c:47:77:
         26:f9:a6:d3:f2:88:14:f9:23:48:60:b5:2e:e6:46:a9:bf:67:
         ff:ce:f8:c5:ff:07:6a:a8:6c:b2:9f:5e:c3:3d:ae:16:d2:29:
         8c:05:a7:03:43:89:fb:16:d4:32:f8:42:07:33:bc:78:03:57:
         e9:b3:5f:b0:03:8e:b9:8d:a3:e8:6c:93:4f:cf:51:f7:bd:44:
         c7:b0:cd:cb:dc:b2:13:de:86:41:51:e2:7a:8c:72:70:c0:8f:
         63:bf:9f:e4:16:0c:e8:19:e1:b3:3b:78:35:4f:5c:56:58:d0:
         88:98:dc:47:a4:c1:54:74:aa:00:4d:76:ab:60:46:6e:c0:ea:
         4b:f7:d7:8c:3c:0c:70:66:58:9b:b8:19:b9:0c:ee:b4:ff:0d:
         94:f2:3a:a4:bd:7e:04:7e:c8:68:06:27:be:11:18:00:94:3f:
         78:31:59:54:5f:35:6e:e9:7e:71:27:ed:36:6f:4f:81:d8:60:
         86:52:c5:45:37:75:c2:25:88:9f:b2:1d:cf:ee:d0:2b:f0:c6:
         2e:d4:6d:04:33:76:7e:cf:03:2c:72:0c:2d:a9:98:90:b2:f5:
         79:2b:55:ab:79:05:42:2d:7f:a6:a4:cd:3b:ed:ff:03:0a:be:
         8b:fe:62:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtSWJhy4eXw3lfLUuCi5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWMwOWE2YWJjZGYxZGExYjQ3YWI0YWYzZmY4ZWZjYTU4
MTQ0NWQwHhcNMjUxMDIwMTMwMDQwWhcNMjUxMDIxMTMwMDQwWjAzMTEwLwYDVQQD
Eyg2Nzg3ZTM3YmNlZmZlZDIzY2JhYmYwN2UyZmRmNjI0NTMzM2E1ZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH7s4JcSrcRYRiXacCjOIZzTIMSD
wsSMEPeRFCza03Y9wcn8Bt13e+ZbEV1zJjZv5AqlbLGrSFs4eZzbtNbrn6MiqWKQ
LXqPclD22i4XELyT+meL6QlvxAYT3YtpYksS0/AJo5092N7YYoo3mWNc4cTyEPQY
4v9DRnHOZdHDuWbRGpOe9Pg4Dju1O+fu2J0tJHq4pZDLBb2AY320Ftgu9toXH20X
43v/LmameDX3yUYGfRO1Oj1z5Qzi/VCwW2qCnTbaHVNSunjqm7RPV/4chOyCIKYZ
+abmNFbMNWYqAi/X1Agk/YRqffWWlMtGAJzd8vF9vWHJVu0LZLKTs0h92wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGeH43vO/+0jy6vwfi/fYkUzOl/RMB8GA1UdIwQY
MBaAFFNcCaarzfHaG0erSvP/jvylgURdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF3SnBxdk44ZG9iUjZ0SzhfLU9fS1dCUkYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82MzYyMmYtYjQ2NC00MDdkLWJjZmQt
Yzk0OTFiNGRmZDc2LzEvVTF3SnBxdk44ZG9iUjZ0SzhfLU9fS1dCUkYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82MzYyMmYtYjQ2NC00MDdkLWJjZmQtYzk0OTFiNGRmZDc2
LzEvVTF3SnBxdk44ZG9iUjZ0SzhfLU9fS1dCUkYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARqQZH2fk
CZA6SnPf17OcTEd3Jvmm0/KIFPkjSGC1LuZGqb9n/874xf8Haqhssp9ewz2uFtIp
jAWnA0OJ+xbUMvhCBzO8eANX6bNfsAOOuY2j6GyTT89R971Ex7DNy9yyE96GQVHi
eoxycMCPY7+f5BYM6Bnhszt4NU9cVljQiJjcR6TBVHSqAE12q2BGbsDqS/fXjDwM
cGZYm7gZuQzutP8NlPI6pL1+BH7IaAYnvhEYAJQ/eDFZVF81bul+cSftNm9Pgdhg
hlLFRTd1wiWIn7Idz+7QK/DGLtRtBDN2fs8DLHIMLamYkLL1eStVq3kFQi1/pqTN
O+3/Awq+i/5ing==
-----END CERTIFICATE-----