Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
File:                     U9L19sohYsiL85oPnekm9CPlMQQ.mft (raw, json)
Hash identifier:          hcrj+LNumasmRHAVnN8AT8CtHhHiToaCbjknCb2DqII=
Subject key identifier:   D2:D0:AD:E5:EE:FE:68:27:A8:50:19:50:CF:E6:74:BD:97:61:88:29
Authority key identifier: 53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04
Certificate issuer:       /CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
Certificate serial:       0199FBEB894090C041A2DCD98F3C6A7340D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
Manifest number:          1049
Signing time:             Sun 19 Oct 2025 10:02:21 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:21 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:21 +0000
Files and hashes:         1: U9L19sohYsiL85oPnekm9CPlMQQ.crl (hash: NzEGa6RRZ3JYh1sfg/v7XoHs5rg9QeNizzcdAutwooc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:89:40:90:c0:41:a2:dc:d9:8f:3c:6a:73:40:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
        Validity
            Not Before: Oct 19 10:02:21 2025 GMT
            Not After : Oct 20 10:02:21 2025 GMT
        Subject: CN=d2d0ade5eefe6827a8501950cfe674bd97618829
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:cc:cc:33:7f:28:99:56:24:e9:24:27:2f:8b:
                    6c:df:94:96:8c:ef:03:57:51:cf:fd:0f:98:55:36:
                    88:28:81:1d:0e:34:33:29:3f:87:25:74:34:bb:57:
                    a0:fb:78:14:e7:f7:87:8a:e6:4a:2a:80:9b:c1:1d:
                    c4:4e:b8:23:b0:15:54:26:c9:ea:72:fc:13:45:be:
                    37:c2:b3:12:07:21:f7:49:43:69:ea:70:a1:09:81:
                    ce:b8:01:5a:e5:79:53:98:d5:9d:a6:ed:0d:a9:bb:
                    78:50:67:d5:7d:8e:41:22:45:f7:57:ce:db:40:12:
                    6c:03:fe:12:43:02:45:51:d0:cb:b6:93:b2:92:da:
                    74:ed:2d:f4:46:42:8a:7d:9a:db:37:5a:27:dd:7d:
                    c7:86:8c:50:66:79:90:76:be:96:a3:b2:81:57:7b:
                    8a:0e:cc:ba:a2:8f:a3:b7:ee:ca:78:08:d7:a4:82:
                    f1:61:a2:c0:b6:10:2b:ed:03:e9:aa:5c:c9:8e:f7:
                    a7:0b:7a:b2:f8:3b:30:1d:1d:e2:0f:b7:8d:b5:8b:
                    67:94:9a:d7:c8:6d:11:4f:c5:81:6b:c5:54:11:81:
                    61:62:cb:40:cf:e4:e7:dd:eb:c4:a8:4b:72:d9:ba:
                    70:0f:2f:96:79:ca:43:24:ba:49:15:3e:50:42:e6:
                    1a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:D0:AD:E5:EE:FE:68:27:A8:50:19:50:CF:E6:74:BD:97:61:88:29
            X509v3 Authority Key Identifier:
                keyid:53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:89:aa:76:7d:e7:d7:9e:fb:37:5e:d1:72:ac:f2:53:e8:6d:
         45:b7:42:c6:f7:d2:52:17:01:f0:2b:4d:33:f9:a0:5d:58:7e:
         aa:68:35:9f:56:03:b7:5e:a9:38:50:09:f2:30:b8:f8:8d:0b:
         17:16:a9:d7:4b:66:69:a8:45:a1:31:9d:2e:bb:51:5e:5d:66:
         60:b4:37:41:65:d5:b5:a6:32:01:ac:bb:73:77:87:1a:a8:b1:
         c3:0e:5c:68:e9:e8:d9:d8:23:41:fc:9f:d4:7e:07:f4:8c:49:
         d7:34:38:8f:f7:96:cc:eb:4a:4c:32:af:c5:72:4c:16:d2:1c:
         40:82:61:fb:69:dc:d3:b6:a8:d9:03:16:f9:ee:e9:7b:d5:bb:
         0d:a2:ad:32:1e:aa:98:4c:fd:52:d0:f0:b1:de:74:81:be:e4:
         a1:e5:6c:04:2f:d2:cc:bf:40:78:8a:ae:2a:fd:80:7a:c0:7d:
         a8:87:10:a0:6b:fd:77:db:47:ba:33:1c:7a:d6:4d:9e:10:eb:
         32:9d:13:7b:df:a6:01:bb:31:99:b5:11:f7:30:0c:9c:14:ad:
         41:77:90:01:08:e3:d1:32:04:9b:eb:3f:44:13:50:83:ad:93:
         56:a9:3f:76:f0:1e:7d:8a:4f:93:68:58:f4:c9:66:f5:15:ae:
         08:69:23:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn764lAkMBBotzZjzxqc0DYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDJmNWY2Y2EyMTYyYzg4YmYzOWEwZjlkZTkyNmY0MjNl
NTMxMDQwHhcNMjUxMDE5MTAwMjIxWhcNMjUxMDIwMTAwMjIxWjAzMTEwLwYDVQQD
EyhkMmQwYWRlNWVlZmU2ODI3YTg1MDE5NTBjZmU2NzRiZDk3NjE4ODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmszMM38omVYk6SQnL4ts35SWjO8D
V1HP/Q+YVTaIKIEdDjQzKT+HJXQ0u1eg+3gU5/eHiuZKKoCbwR3ETrgjsBVUJsnq
cvwTRb43wrMSByH3SUNp6nChCYHOuAFa5XlTmNWdpu0Nqbt4UGfVfY5BIkX3V87b
QBJsA/4SQwJFUdDLtpOyktp07S30RkKKfZrbN1on3X3HhoxQZnmQdr6Wo7KBV3uK
Dsy6oo+jt+7KeAjXpILxYaLAthAr7QPpqlzJjvenC3qy+DswHR3iD7eNtYtnlJrX
yG0RT8WBa8VUEYFhYstAz+Tn3evEqEty2bpwDy+WecpDJLpJFT5QQuYaTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLQreXu/mgnqFAZUM/mdL2XYYgpMB8GA1UdIwQY
MBaAFFPS9fbKIWLIi/OaD53pJvQj5TEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYt
YTZmY2FkMTlhZWYyLzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYtYTZmY2FkMTlhZWYy
LzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAComqdn3n
1577N17RcqzyU+htRbdCxvfSUhcB8CtNM/mgXVh+qmg1n1YDt16pOFAJ8jC4+I0L
Fxap10tmaahFoTGdLrtRXl1mYLQ3QWXVtaYyAay7c3eHGqixww5caOno2dgjQfyf
1H4H9IxJ1zQ4j/eWzOtKTDKvxXJMFtIcQIJh+2nc07ao2QMW+e7pe9W7DaKtMh6q
mEz9UtDwsd50gb7koeVsBC/SzL9AeIquKv2AesB9qIcQoGv9d9tHujMcetZNnhDr
Mp0Te9+mAbsxmbUR9zAMnBStQXeQAQjj0TIEm+s/RBNQg62TVqk/dvAefYpPk2hY
9Mlm9RWuCGkjuw==
-----END CERTIFICATE-----