Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          +18G7Pqzg8aID3Mf38GLa88L3oa9B0fjyHlQ0Vk3dPo=
Subject key identifier:   56:8D:95:27:27:51:3E:DA:A0:09:AA:E8:93:BE:C6:42:7D:48:86:8E
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       0199FB0EEB19C7357C97ECDE6D8BD659DEE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          040E
Signing time:             Sun 19 Oct 2025 06:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 06:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 06:01:22 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: SeUnYKuZgk87tYz8LgffUROcA4nCLmWTu/b7PfTLgnc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:0e:eb:19:c7:35:7c:97:ec:de:6d:8b:d6:59:de:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Oct 19 06:01:22 2025 GMT
            Not After : Oct 20 06:01:22 2025 GMT
        Subject: CN=568d952727513edaa009aae893bec6427d48868e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:db:a0:4a:9b:a3:53:bb:ab:5e:0d:26:29:1a:
                    ed:ee:80:bd:18:0e:69:e3:6d:a7:7b:d6:70:95:d2:
                    d6:5b:71:bd:9f:33:b7:e2:34:da:46:73:69:06:56:
                    1a:39:5e:d1:53:fa:60:50:5f:0c:5b:32:cb:1a:39:
                    92:43:03:00:10:b9:e5:4a:9b:2a:4e:51:86:99:7c:
                    da:8f:5c:0f:87:3b:1e:52:bf:ea:1a:25:61:96:b0:
                    1e:53:09:f0:a5:dd:4e:85:9c:e1:99:fa:74:89:75:
                    3a:6f:15:57:e0:62:ab:ab:ea:67:d2:08:4b:3e:41:
                    75:dd:44:9f:64:85:5c:31:ec:28:f5:55:dd:0b:18:
                    fe:04:5b:24:3c:6d:86:3c:4e:c1:80:07:be:dd:85:
                    37:38:45:a8:b8:1e:06:a2:72:a7:b1:cf:75:8e:1e:
                    08:44:63:f1:df:8d:11:b1:8d:7f:ae:b7:66:17:39:
                    fe:2e:c2:7b:44:8b:ee:d6:46:26:fc:07:c7:3c:25:
                    dc:4f:67:11:f3:35:0f:6f:c2:12:6e:73:f9:04:c4:
                    d9:00:bf:7b:7d:cd:8e:eb:88:9e:ae:ae:06:0d:02:
                    9a:5c:02:10:84:c3:a4:e9:34:ea:b0:18:55:41:f0:
                    aa:34:87:6e:6e:80:d0:03:e6:2c:58:7f:85:d2:e7:
                    40:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:8D:95:27:27:51:3E:DA:A0:09:AA:E8:93:BE:C6:42:7D:48:86:8E
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:85:c3:27:4b:69:4f:3c:e3:ad:10:3f:da:14:c4:37:a7:0b:
         c3:5b:3d:e0:d2:88:72:04:2a:61:df:6d:03:c6:e0:45:8b:ba:
         47:79:cb:0b:94:02:e5:bf:ef:77:12:f9:bb:8f:51:fa:d5:10:
         0b:18:41:4e:bb:97:09:4d:70:92:32:16:98:de:f0:62:6c:2f:
         4d:4f:41:00:bf:9b:47:bc:f1:9d:f2:52:ef:17:4b:e8:c4:13:
         ec:48:a5:7f:35:b0:3f:cf:fb:a3:de:bb:71:32:a4:c7:21:50:
         e8:c7:87:f5:7f:1b:13:52:45:21:f4:a3:43:55:2c:d3:35:c0:
         40:00:34:7b:7c:e2:41:c4:4e:89:1e:d1:cc:f2:c2:94:af:69:
         b8:ab:17:ed:ce:5c:85:8b:34:c6:23:d9:e4:a5:9e:4d:3e:7e:
         93:cd:4f:48:22:83:43:73:75:16:07:98:70:c1:bb:62:f9:0a:
         24:f3:04:96:fb:55:29:a6:61:68:bc:57:7e:a1:c6:5a:25:36:
         4d:47:72:d2:5f:76:e2:e4:50:b5:09:fa:c3:f9:29:3f:91:2c:
         db:40:8b:a5:28:18:8c:e9:dc:57:2d:4c:d8:d3:95:22:05:3a:
         f8:94:72:22:c2:35:a2:e4:f5:3f:18:9c:5d:0d:72:3d:fc:a7:
         32:a7:d9:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7DusZxzV8l+zebYvWWd7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjUxMDE5MDYwMTIyWhcNMjUxMDIwMDYwMTIyWjAzMTEwLwYDVQQD
Eyg1NjhkOTUyNzI3NTEzZWRhYTAwOWFhZTg5M2JlYzY0MjdkNDg4NjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9ugSpujU7urXg0mKRrt7oC9GA5p
422ne9ZwldLWW3G9nzO34jTaRnNpBlYaOV7RU/pgUF8MWzLLGjmSQwMAELnlSpsq
TlGGmXzaj1wPhzseUr/qGiVhlrAeUwnwpd1OhZzhmfp0iXU6bxVX4GKrq+pn0ghL
PkF13USfZIVcMewo9VXdCxj+BFskPG2GPE7BgAe+3YU3OEWouB4GonKnsc91jh4I
RGPx340RsY1/rrdmFzn+LsJ7RIvu1kYm/AfHPCXcT2cR8zUPb8ISbnP5BMTZAL97
fc2O64ierq4GDQKaXAIQhMOk6TTqsBhVQfCqNIduboDQA+YsWH+F0udAPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFaNlScnUT7aoAmq6JO+xkJ9SIaOMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAoXDJ0tp
TzzjrRA/2hTEN6cLw1s94NKIcgQqYd9tA8bgRYu6R3nLC5QC5b/vdxL5u49R+tUQ
CxhBTruXCU1wkjIWmN7wYmwvTU9BAL+bR7zxnfJS7xdL6MQT7EilfzWwP8/7o967
cTKkxyFQ6MeH9X8bE1JFIfSjQ1Us0zXAQAA0e3ziQcROiR7RzPLClK9puKsX7c5c
hYs0xiPZ5KWeTT5+k81PSCKDQ3N1FgeYcMG7YvkKJPMElvtVKaZhaLxXfqHGWiU2
TUdy0l924uRQtQn6w/kpP5Es20CLpSgYjOncVy1M2NOVIgU6+JRyIsI1ouT1Pxic
XQ1yPfynMqfZeg==
-----END CERTIFICATE-----