Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
File:                     uVZnsVy6fKp0FSdIRHOE--A7iTo.mft (raw, json)
Hash identifier:          Re/GOegV31zNE3woVhn6XjCcrec6eG1v7S1Ypj5iHMY=
Subject key identifier:   D8:52:91:16:2F:0A:B8:7B:28:C2:1F:BF:C8:81:25:C6:FC:95:92:16
Authority key identifier: B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A
Certificate issuer:       /CN=b95667b15cba7caa74152748447384fbe03b893a
Certificate serial:       0199FBEC09532555D6B63E8DDDF3FA85DCBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
Manifest number:          0993
Signing time:             Sun 19 Oct 2025 10:02:54 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:54 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:54 +0000
Files and hashes:         1: uVZnsVy6fKp0FSdIRHOE--A7iTo.crl (hash: /7ckuRUqj2cP3Oz7HnY6+5c2pcrQomprC1A8+8tTATo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:09:53:25:55:d6:b6:3e:8d:dd:f3:fa:85:dc:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b95667b15cba7caa74152748447384fbe03b893a
        Validity
            Not Before: Oct 19 10:02:54 2025 GMT
            Not After : Oct 20 10:02:54 2025 GMT
        Subject: CN=d85291162f0ab87b28c21fbfc88125c6fc959216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:af:c3:0e:4b:62:8c:d2:7d:f8:e3:e7:d7:c4:
                    55:c5:ac:e2:16:d1:1e:b5:80:25:b0:57:1f:02:ee:
                    98:ea:13:ae:41:dd:5a:eb:2b:44:d5:f2:af:81:9d:
                    5d:a8:d2:3a:13:75:7a:98:95:95:30:4b:1a:b6:61:
                    c4:79:a2:27:cc:e0:a4:5d:26:15:8f:48:19:cd:d5:
                    05:fd:27:33:82:dd:c1:77:96:a9:f3:58:da:9a:28:
                    a0:30:ba:08:13:03:bb:01:cd:35:b0:f6:72:3c:4f:
                    77:d8:45:ba:df:76:c7:fc:51:bb:30:2a:fb:5d:36:
                    2f:73:6e:4d:d3:37:4b:37:46:36:26:e3:f0:38:b5:
                    e8:2b:13:c3:98:b1:21:cd:21:5b:d0:11:6a:28:84:
                    73:0b:e4:87:3a:56:64:52:13:58:3d:b9:c0:51:51:
                    2f:31:e2:10:20:96:8f:1d:65:30:ea:8f:f6:42:1a:
                    8b:2b:79:84:1e:04:19:45:f5:b7:d4:62:f1:a5:86:
                    90:32:c2:ba:56:57:10:d3:48:38:20:5c:09:fe:ac:
                    a5:93:6d:fb:cc:23:af:c4:ce:30:3c:5d:95:05:79:
                    ea:52:c7:8a:4d:8a:58:5a:ac:ff:bf:69:f7:bd:3a:
                    03:b1:f8:2e:2e:0d:e7:47:43:1a:8a:f8:0e:b1:19:
                    31:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:52:91:16:2F:0A:B8:7B:28:C2:1F:BF:C8:81:25:C6:FC:95:92:16
            X509v3 Authority Key Identifier:
                keyid:B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:71:78:ff:b7:2f:ec:54:d9:2a:f3:d7:e3:41:d2:b6:bc:d1:
         54:bc:56:88:6c:aa:33:2e:0b:4c:e4:4e:42:3b:5b:e0:4b:9b:
         12:21:1d:4a:f8:1a:86:36:61:b8:1a:07:7a:ef:8a:d8:7a:6b:
         09:13:51:a1:f1:0b:13:50:23:e2:fe:ae:5c:12:ed:e3:e0:33:
         d8:c2:15:55:3c:43:af:f3:7f:49:5e:2f:a5:20:a3:e6:ff:64:
         e9:ee:ed:34:85:38:57:d9:4a:30:bc:b2:17:c8:71:2c:64:4c:
         d3:b1:2c:b9:7c:4d:60:d8:da:98:50:b5:fd:e2:df:8d:1e:c7:
         2a:d2:b2:3a:ff:1f:c6:a1:57:73:47:74:a9:fc:dd:1d:21:7f:
         fd:64:7e:df:f7:19:c6:a6:b4:c9:15:b5:d6:79:e7:a7:9b:51:
         77:e1:ce:d9:14:c0:73:19:7c:14:02:2e:28:a1:1e:f6:ce:6b:
         4b:a7:d9:f1:f6:74:c8:fe:06:c3:b8:e2:e2:af:c8:ab:44:6d:
         a1:5e:97:cf:6a:db:5e:ca:f2:14:6c:07:e7:4b:14:4e:b6:f2:
         70:13:d0:cf:59:1a:fc:b6:26:fe:a9:b7:e9:40:12:06:b9:1a:
         bd:5f:64:53:62:ec:7d:1d:bc:09:ff:2f:8f:5e:20:b3:27:0a:
         f1:61:14:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77AlTJVXWtj6N3fP6hdy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NTY2N2IxNWNiYTdjYWE3NDE1Mjc0ODQ0NzM4NGZiZTAz
Yjg5M2EwHhcNMjUxMDE5MTAwMjU0WhcNMjUxMDIwMTAwMjU0WjAzMTEwLwYDVQQD
EyhkODUyOTExNjJmMGFiODdiMjhjMjFmYmZjODgxMjVjNmZjOTU5MjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2q/DDktijNJ9+OPn18RVxaziFtEe
tYAlsFcfAu6Y6hOuQd1a6ytE1fKvgZ1dqNI6E3V6mJWVMEsatmHEeaInzOCkXSYV
j0gZzdUF/Sczgt3Bd5ap81jamiigMLoIEwO7Ac01sPZyPE932EW633bH/FG7MCr7
XTYvc25N0zdLN0Y2JuPwOLXoKxPDmLEhzSFb0BFqKIRzC+SHOlZkUhNYPbnAUVEv
MeIQIJaPHWUw6o/2QhqLK3mEHgQZRfW31GLxpYaQMsK6VlcQ00g4IFwJ/qylk237
zCOvxM4wPF2VBXnqUseKTYpYWqz/v2n3vToDsfguLg3nR0MaivgOsRkxHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhSkRYvCrh7KMIfv8iBJcb8lZIWMB8GA1UdIwQY
MBaAFLlWZ7FcunyqdBUnSERzhPvgO4k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEt
NzQ0ZGNkMDE0ZmE0LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEtNzQ0ZGNkMDE0ZmE0
LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoHF4/7cv
7FTZKvPX40HStrzRVLxWiGyqMy4LTOROQjtb4EubEiEdSvgahjZhuBoHeu+K2Hpr
CRNRofELE1Aj4v6uXBLt4+Az2MIVVTxDr/N/SV4vpSCj5v9k6e7tNIU4V9lKMLyy
F8hxLGRM07EsuXxNYNjamFC1/eLfjR7HKtKyOv8fxqFXc0d0qfzdHSF//WR+3/cZ
xqa0yRW11nnnp5tRd+HO2RTAcxl8FAIuKKEe9s5rS6fZ8fZ0yP4Gw7ji4q/Iq0Rt
oV6Xz2rbXsryFGwH50sUTrbycBPQz1ka/LYm/qm36UASBrkavV9kU2LsfR28Cf8v
j14gsycK8WEU1w==
-----END CERTIFICATE-----