Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft
File:                     UEwHY-3Lox64nwmD3djdGIkYwu4.mft (raw, json)
Hash identifier:          QVI3OS2+R2mb5TNBVquqBA/Hgr/ZPfyExf4C01u+CMk=
Subject key identifier:   B2:FA:FE:91:AF:EC:4D:37:63:42:82:6E:33:6C:26:63:D0:74:EE:A4
Authority key identifier: 50:4C:07:63:ED:CB:A3:1E:B8:9F:09:83:DD:D8:DD:18:89:18:C2:EE
Certificate issuer:       /CN=504c0763edcba31eb89f0983ddd8dd188918c2ee
Certificate serial:       0198D515F156BB67F66BA53BEDEF6E5C3505
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UEwHY-3Lox64nwmD3djdGIkYwu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft
Manifest number:          0972
Signing time:             Sat 23 Aug 2025 04:00:41 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:41 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:41 +0000
Files and hashes:         1: UEwHY-3Lox64nwmD3djdGIkYwu4.crl (hash: BgkJBrum+X3I7RaDlfef9RZEyEtKyYz9773YwPeUhvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UEwHY-3Lox64nwmD3djdGIkYwu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:f1:56:bb:67:f6:6b:a5:3b:ed:ef:6e:5c:35:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=504c0763edcba31eb89f0983ddd8dd188918c2ee
        Validity
            Not Before: Aug 23 04:00:41 2025 GMT
            Not After : Aug 24 04:00:41 2025 GMT
        Subject: CN=b2fafe91afec4d376342826e336c2663d074eea4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:77:5c:ae:43:c2:ce:62:0b:70:47:ea:f6:e2:
                    45:68:5c:bc:c8:33:3c:51:40:38:95:76:19:3b:58:
                    86:04:ce:c9:ad:70:f7:f1:ca:a3:0e:dc:b1:4d:ce:
                    68:14:3e:5f:d7:83:ad:30:a4:ea:1a:e7:b0:ae:f2:
                    3c:66:10:62:f3:ac:6f:90:b8:d2:95:11:76:7d:e7:
                    ab:a2:64:3b:31:a7:6c:5e:94:49:92:6d:70:f8:a0:
                    10:67:61:8e:68:85:e1:42:aa:13:46:4e:ba:98:30:
                    f5:38:3b:52:0e:1a:9a:5f:9f:2d:9c:d8:c7:12:2c:
                    81:4e:50:1d:5e:66:8f:2d:c3:ab:00:42:cc:2a:3f:
                    52:9c:fc:1b:8b:29:d1:7b:fa:d9:32:4f:56:ea:6e:
                    bb:a7:ab:2d:4b:3b:2d:85:c2:60:8c:73:2e:20:d6:
                    9a:17:72:97:28:1e:36:31:bb:4f:12:1b:47:97:22:
                    47:42:19:a4:a4:eb:0c:d3:da:9f:42:21:6f:cf:3f:
                    1d:84:db:ab:2e:5e:9f:45:28:ab:9f:2a:d5:b7:5e:
                    ae:ae:ea:83:42:23:84:59:f8:33:74:34:0b:55:ff:
                    39:f8:a6:e0:1d:97:21:7d:0c:7c:c3:9b:aa:10:ba:
                    e7:b8:bc:23:f5:10:46:0f:89:55:e3:21:35:55:03:
                    9b:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:FA:FE:91:AF:EC:4D:37:63:42:82:6E:33:6C:26:63:D0:74:EE:A4
            X509v3 Authority Key Identifier:
                keyid:50:4C:07:63:ED:CB:A3:1E:B8:9F:09:83:DD:D8:DD:18:89:18:C2:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UEwHY-3Lox64nwmD3djdGIkYwu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:7d:f1:30:ad:0f:0d:13:75:28:de:e9:f4:80:fc:2c:f2:25:
         36:80:6c:a4:ee:42:28:06:7e:2c:a7:74:35:37:2c:68:05:34:
         1e:20:c2:21:ff:81:90:17:3f:3f:0b:d8:d5:19:73:c0:5b:2b:
         22:6d:1d:30:7c:d5:d8:b3:01:aa:de:e5:b3:4b:3f:bc:1e:d2:
         ea:bf:a0:d8:72:da:c5:fb:35:6b:7e:9d:96:4a:bd:ef:df:68:
         f5:0a:4a:84:f2:30:32:af:64:39:06:3b:8a:a5:55:94:43:06:
         89:35:84:fd:12:42:f3:08:4d:10:5e:87:6a:2d:72:2b:34:7a:
         76:4a:85:24:57:d2:f6:58:24:03:6f:59:c4:85:8d:e1:e2:0f:
         a2:d3:70:fa:51:05:f1:43:9d:a1:9e:22:07:5b:53:3c:7b:4a:
         11:87:49:d2:ae:2b:e4:38:5b:75:5f:15:ee:ee:6e:7d:02:c1:
         b0:c6:29:5c:e1:56:39:a0:6b:15:51:04:4f:66:8e:24:60:77:
         a6:dd:ef:e6:8d:32:62:ff:c1:fe:30:b0:42:62:2e:05:1c:e5:
         27:6f:b7:a2:0d:b5:f5:cb:45:36:ea:69:dc:e2:9a:64:b5:a8:
         e5:df:3b:03:e9:95:d6:78:86:38:e4:12:ad:65:ef:78:8e:3f:
         5a:73:3b:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFfFWu2f2a6U77e9uXDUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNGMwNzYzZWRjYmEzMWViODlmMDk4M2RkZDhkZDE4ODkx
OGMyZWUwHhcNMjUwODIzMDQwMDQxWhcNMjUwODI0MDQwMDQxWjAzMTEwLwYDVQQD
EyhiMmZhZmU5MWFmZWM0ZDM3NjM0MjgyNmUzMzZjMjY2M2QwNzRlZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3dcrkPCzmILcEfq9uJFaFy8yDM8
UUA4lXYZO1iGBM7JrXD38cqjDtyxTc5oFD5f14OtMKTqGuewrvI8ZhBi86xvkLjS
lRF2feeromQ7MadsXpRJkm1w+KAQZ2GOaIXhQqoTRk66mDD1ODtSDhqaX58tnNjH
EiyBTlAdXmaPLcOrAELMKj9SnPwbiynRe/rZMk9W6m67p6stSzsthcJgjHMuINaa
F3KXKB42MbtPEhtHlyJHQhmkpOsM09qfQiFvzz8dhNurLl6fRSirnyrVt16uruqD
QiOEWfgzdDQLVf85+KbgHZchfQx8w5uqELrnuLwj9RBGD4lV4yE1VQOb5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLL6/pGv7E03Y0KCbjNsJmPQdO6kMB8GA1UdIwQY
MBaAFFBMB2Pty6MeuJ8Jg93Y3RiJGMLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUV3SFktM0xveDY0bndtRDNkamRHSWtZd3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lMTlhM2YtMDVhYy00ZGNhLWE4OTUt
ODY2MmM3MTE4NmM2LzEvVUV3SFktM0xveDY0bndtRDNkamRHSWtZd3U0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lMTlhM2YtMDVhYy00ZGNhLWE4OTUtODY2MmM3MTE4NmM2
LzEvVUV3SFktM0xveDY0bndtRDNkamRHSWtZd3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASH3xMK0P
DRN1KN7p9ID8LPIlNoBspO5CKAZ+LKd0NTcsaAU0HiDCIf+BkBc/PwvY1RlzwFsr
Im0dMHzV2LMBqt7ls0s/vB7S6r+g2HLaxfs1a36dlkq9799o9QpKhPIwMq9kOQY7
iqVVlEMGiTWE/RJC8whNEF6Hai1yKzR6dkqFJFfS9lgkA29ZxIWN4eIPotNw+lEF
8UOdoZ4iB1tTPHtKEYdJ0q4r5DhbdV8V7u5ufQLBsMYpXOFWOaBrFVEET2aOJGB3
pt3v5o0yYv/B/jCwQmIuBRzlJ2+3og219ctFNupp3OKaZLWo5d87A+mV1niGOOQS
rWXveI4/WnM7vw==
-----END CERTIFICATE-----