Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft
File:                     U1wJpqvN8dobR6tK8_-O_KWBRF0.mft (raw, json)
Hash identifier:          D4XGzed55q+3ppdJQ6wwP81wanCvU5tJXIBOxPlmb6E=
Subject key identifier:   20:61:53:A6:AA:D8:2D:EA:54:8E:00:93:5E:D0:4D:1A:75:A7:29:DC
Authority key identifier: 53:5C:09:A6:AB:CD:F1:DA:1B:47:AB:4A:F3:FF:8E:FC:A5:81:44:5D
Certificate issuer:       /CN=535c09a6abcdf1da1b47ab4af3ff8efca581445d
Certificate serial:       0198D4738323495462157D14B046400CEA1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1wJpqvN8dobR6tK8_-O_KWBRF0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft
Manifest number:          05AD
Signing time:             Sat 23 Aug 2025 01:03:16 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:16 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:16 +0000
Files and hashes:         1: U1wJpqvN8dobR6tK8_-O_KWBRF0.crl (hash: sysX9hxrKbrN6kftOLJn8ZkyqBuAoId2IHKK7kp66xM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1wJpqvN8dobR6tK8_-O_KWBRF0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:83:23:49:54:62:15:7d:14:b0:46:40:0c:ea:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535c09a6abcdf1da1b47ab4af3ff8efca581445d
        Validity
            Not Before: Aug 23 01:03:16 2025 GMT
            Not After : Aug 24 01:03:16 2025 GMT
        Subject: CN=206153a6aad82dea548e00935ed04d1a75a729dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:1c:ec:c5:87:4d:2e:10:1c:80:75:20:a2:09:
                    74:b4:bc:77:81:d3:d7:da:8d:59:88:e5:c4:f5:ab:
                    94:59:b9:70:2e:9d:00:32:22:6c:f6:95:05:d7:10:
                    90:d4:05:31:13:c8:22:59:76:ff:b8:74:d7:bf:43:
                    38:b5:0b:45:c3:99:93:7e:c6:0e:36:71:7e:84:3c:
                    f3:61:df:90:9a:47:de:e0:8f:1d:84:29:b9:4c:ca:
                    de:7a:ee:9f:79:ab:6d:ee:55:0f:81:0a:45:59:59:
                    5a:d0:e1:1b:a8:c7:08:74:84:75:5e:50:7c:ae:36:
                    5d:bf:21:3e:b5:96:42:e7:c2:f9:c0:71:57:0f:54:
                    e6:e8:e2:30:af:22:14:0f:4c:06:7a:66:85:34:a3:
                    ad:6e:18:f1:9f:5d:f3:96:e2:f1:b2:ff:8d:07:66:
                    b5:b7:33:18:ed:d9:cb:52:8d:9f:50:0a:6b:82:7a:
                    ed:3f:41:7b:fd:a8:f7:87:31:bb:92:89:ce:54:71:
                    e8:56:b5:10:f4:13:bf:64:c3:b5:ec:5e:dc:f4:7c:
                    ef:bd:7c:60:a9:ce:a5:c7:dd:fb:49:33:31:4c:53:
                    6e:cf:93:66:68:14:3f:f9:d9:79:bc:14:35:d6:d1:
                    ec:be:bc:ad:19:f9:ac:67:79:29:91:80:a4:3c:79:
                    03:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:61:53:A6:AA:D8:2D:EA:54:8E:00:93:5E:D0:4D:1A:75:A7:29:DC
            X509v3 Authority Key Identifier:
                keyid:53:5C:09:A6:AB:CD:F1:DA:1B:47:AB:4A:F3:FF:8E:FC:A5:81:44:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1wJpqvN8dobR6tK8_-O_KWBRF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/63622f-b464-407d-bcfd-c9491b4dfd76/1/U1wJpqvN8dobR6tK8_-O_KWBRF0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:d8:49:eb:0c:90:25:6d:aa:04:0f:28:87:c7:51:17:95:63:
         45:b5:20:45:0a:05:d3:e7:85:ed:fc:c4:12:8c:9f:3b:25:47:
         1a:b6:35:2b:1a:0f:ae:5e:60:d9:32:b9:9b:ad:7c:ab:33:0e:
         07:6f:37:5b:cc:df:24:88:52:68:4c:d8:62:29:ff:b0:95:75:
         c1:a1:5d:6b:cb:d2:aa:e6:bb:d6:d7:53:c4:b3:66:ab:48:61:
         45:5f:74:37:c3:e5:03:50:84:34:ad:4c:09:73:b3:a6:c2:0c:
         20:fa:a5:ac:f3:f5:7f:7d:0c:8c:38:0e:ca:a3:05:b5:32:55:
         32:89:1d:00:97:fe:46:65:b9:b3:35:35:d7:53:7c:4b:3f:66:
         c9:90:17:22:f4:53:9a:32:d1:8b:8a:9b:bc:97:aa:99:79:ed:
         52:0c:6d:a2:18:e0:06:40:cf:43:1a:5c:0c:4a:31:1e:73:2a:
         d7:f8:51:6d:8b:cd:2a:42:75:6e:4c:d1:ef:ae:62:8d:28:f3:
         76:c2:38:9d:41:21:cd:c3:21:c6:f6:3a:0c:c4:d6:30:f7:e4:
         e3:04:e7:a3:1a:b2:4f:8b:bc:29:b7:96:ec:f3:1d:a3:e6:79:
         0b:72:0d:14:ca:c3:07:c1:95:02:91:68:10:8c:97:d4:25:98:
         b1:4c:57:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc4MjSVRiFX0UsEZADOofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWMwOWE2YWJjZGYxZGExYjQ3YWI0YWYzZmY4ZWZjYTU4
MTQ0NWQwHhcNMjUwODIzMDEwMzE2WhcNMjUwODI0MDEwMzE2WjAzMTEwLwYDVQQD
EygyMDYxNTNhNmFhZDgyZGVhNTQ4ZTAwOTM1ZWQwNGQxYTc1YTcyOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BzsxYdNLhAcgHUgogl0tLx3gdPX
2o1ZiOXE9auUWblwLp0AMiJs9pUF1xCQ1AUxE8giWXb/uHTXv0M4tQtFw5mTfsYO
NnF+hDzzYd+Qmkfe4I8dhCm5TMreeu6featt7lUPgQpFWVla0OEbqMcIdIR1XlB8
rjZdvyE+tZZC58L5wHFXD1Tm6OIwryIUD0wGemaFNKOtbhjxn13zluLxsv+NB2a1
tzMY7dnLUo2fUAprgnrtP0F7/aj3hzG7konOVHHoVrUQ9BO/ZMO17F7c9HzvvXxg
qc6lx937STMxTFNuz5NmaBQ/+dl5vBQ11tHsvrytGfmsZ3kpkYCkPHkDmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCBhU6aq2C3qVI4Ak17QTRp1pyncMB8GA1UdIwQY
MBaAFFNcCaarzfHaG0erSvP/jvylgURdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF3SnBxdk44ZG9iUjZ0SzhfLU9fS1dCUkYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82MzYyMmYtYjQ2NC00MDdkLWJjZmQt
Yzk0OTFiNGRmZDc2LzEvVTF3SnBxdk44ZG9iUjZ0SzhfLU9fS1dCUkYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82MzYyMmYtYjQ2NC00MDdkLWJjZmQtYzk0OTFiNGRmZDc2
LzEvVTF3SnBxdk44ZG9iUjZ0SzhfLU9fS1dCUkYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdNhJ6wyQ
JW2qBA8oh8dRF5VjRbUgRQoF0+eF7fzEEoyfOyVHGrY1KxoPrl5g2TK5m618qzMO
B283W8zfJIhSaEzYYin/sJV1waFda8vSqua71tdTxLNmq0hhRV90N8PlA1CENK1M
CXOzpsIMIPqlrPP1f30MjDgOyqMFtTJVMokdAJf+RmW5szU111N8Sz9myZAXIvRT
mjLRi4qbvJeqmXntUgxtohjgBkDPQxpcDEoxHnMq1/hRbYvNKkJ1bkzR765ijSjz
dsI4nUEhzcMhxvY6DMTWMPfk4wTnoxqyT4u8KbeW7PMdo+Z5C3INFMrDB8GVApFo
EIyX1CWYsUxXfg==
-----END CERTIFICATE-----