Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          gvkcbYaAf/0O2ZZZ8RDaz/RNnKN0S0mbkM90RwYqQYI=
Subject key identifier:   8D:A6:BE:D9:9D:8F:38:1C:FD:7B:CD:FD:D2:C4:D1:61:FC:BE:9F:39
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       0198D583C9B4F953DA654AF9C93967332C9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          0376
Signing time:             Sat 23 Aug 2025 06:00:40 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:40 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:40 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: 201o+YjXdUCeRpUdK+rtWAKyJioPTMQm4rVfVIU4S+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:c9:b4:f9:53:da:65:4a:f9:c9:39:67:33:2c:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Aug 23 06:00:40 2025 GMT
            Not After : Aug 24 06:00:40 2025 GMT
        Subject: CN=8da6bed99d8f381cfd7bcdfdd2c4d161fcbe9f39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8f:95:b3:66:92:ff:84:49:71:d8:46:ef:16:
                    e5:08:74:7f:1c:56:e5:4e:72:b0:13:27:40:4a:e9:
                    74:12:78:33:23:bb:2f:e4:b5:3e:b3:90:d9:ce:9f:
                    f9:0a:a4:88:dc:ec:67:d6:ff:1f:df:33:53:a4:73:
                    2a:b2:57:ee:1b:7a:98:2c:ff:12:57:83:0a:e3:aa:
                    67:52:a6:dc:29:0e:32:3c:06:ce:36:34:06:c9:39:
                    c7:25:a2:d1:11:08:0d:5d:38:9d:50:55:8b:9f:80:
                    e3:12:21:3a:03:5d:c0:c9:20:d6:8f:81:e2:28:2c:
                    d9:45:0d:1d:2e:ba:91:5c:2e:33:ab:ed:df:d8:dc:
                    ce:4b:7b:09:89:88:99:9f:50:1a:dd:62:19:fa:87:
                    bd:fc:cd:cf:f5:f3:98:c2:ca:07:ea:2c:ce:d1:aa:
                    d0:e0:93:f2:c1:41:97:24:9f:bf:01:61:ed:76:71:
                    5f:fe:85:f3:e4:08:9d:f1:f7:a1:bc:72:43:cf:2f:
                    db:58:12:b4:7a:2e:14:d8:6f:28:c2:28:03:3f:17:
                    95:b9:40:ed:f7:64:b4:44:c5:8b:8e:d3:d2:db:01:
                    03:58:07:25:65:f4:9f:3c:ee:e5:ae:76:91:b3:84:
                    2a:37:ef:64:66:1e:20:24:07:a0:1b:cb:df:d8:9e:
                    7d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:A6:BE:D9:9D:8F:38:1C:FD:7B:CD:FD:D2:C4:D1:61:FC:BE:9F:39
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:86:d2:df:ba:03:53:c8:a5:49:33:43:e6:8e:0d:eb:4f:f7:
         dc:b0:d6:42:58:56:7b:c3:44:d8:ae:a0:89:af:62:da:86:d7:
         31:06:62:39:a3:3c:b7:f6:7b:6e:08:8b:17:68:10:9e:1a:96:
         13:69:9b:58:97:aa:29:0a:d7:32:40:db:65:0c:e8:67:54:0a:
         4d:9d:8a:5a:a5:d2:17:23:68:3a:99:68:39:52:ef:ff:3c:f7:
         1e:9e:e5:40:f5:da:8c:5a:ab:ac:15:fb:22:42:8e:2e:45:3b:
         ab:80:26:bb:09:d2:92:7d:28:d6:f2:63:03:36:3d:2c:8f:ac:
         7e:c3:7a:26:9e:2c:63:ca:1d:37:4f:44:ed:e9:b1:26:87:a8:
         dd:2b:5e:69:f5:8a:cf:a9:94:bf:6e:da:7d:e8:e0:5f:55:aa:
         19:22:a6:64:58:06:40:00:1d:a3:c0:02:d3:dc:9c:7d:c7:26:
         a2:3b:34:76:1c:c9:56:6d:6a:27:b7:9c:c5:37:d3:a9:74:ed:
         38:a8:90:64:f5:00:a2:39:bb:8b:fb:8e:01:e0:77:a3:81:01:
         38:59:6f:0c:92:01:00:52:14:e9:f1:d0:18:ba:5c:d3:ff:27:
         ef:c2:89:6a:b0:56:22:3d:62:22:f1:e1:33:8e:b0:40:9f:74:
         8f:7c:a9:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg8m0+VPaZUr5yTlnMyydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjUwODIzMDYwMDQwWhcNMjUwODI0MDYwMDQwWjAzMTEwLwYDVQQD
Eyg4ZGE2YmVkOTlkOGYzODFjZmQ3YmNkZmRkMmM0ZDE2MWZjYmU5ZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY+Vs2aS/4RJcdhG7xblCHR/HFbl
TnKwEydASul0EngzI7sv5LU+s5DZzp/5CqSI3Oxn1v8f3zNTpHMqslfuG3qYLP8S
V4MK46pnUqbcKQ4yPAbONjQGyTnHJaLREQgNXTidUFWLn4DjEiE6A13AySDWj4Hi
KCzZRQ0dLrqRXC4zq+3f2NzOS3sJiYiZn1Aa3WIZ+oe9/M3P9fOYwsoH6izO0arQ
4JPywUGXJJ+/AWHtdnFf/oXz5Aid8fehvHJDzy/bWBK0ei4U2G8owigDPxeVuUDt
92S0RMWLjtPS2wEDWAclZfSfPO7lrnaRs4QqN+9kZh4gJAegG8vf2J59vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2mvtmdjzgc/XvN/dLE0WH8vp85MB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAYbS37oD
U8ilSTND5o4N60/33LDWQlhWe8NE2K6gia9i2obXMQZiOaM8t/Z7bgiLF2gQnhqW
E2mbWJeqKQrXMkDbZQzoZ1QKTZ2KWqXSFyNoOploOVLv/zz3Hp7lQPXajFqrrBX7
IkKOLkU7q4AmuwnSkn0o1vJjAzY9LI+sfsN6Jp4sY8odN09E7emxJoeo3SteafWK
z6mUv27afejgX1WqGSKmZFgGQAAdo8AC09ycfccmojs0dhzJVm1qJ7ecxTfTqXTt
OKiQZPUAojm7i/uOAeB3o4EBOFlvDJIBAFIU6fHQGLpc0/8n78KJarBWIj1iIvHh
M46wQJ90j3ypsw==
-----END CERTIFICATE-----