Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
File:                     UDCmlphoVt51uCLWrpX-ATE4IK8.mft (raw, json)
Hash identifier:          xaG8FCNeSCC79zfx//QiX7Fj43Arm8e7HQiingzbuGk=
Subject key identifier:   45:51:B0:A0:6E:E4:2A:70:F5:2B:9B:C9:7C:1F:57:11:92:14:E2:98
Authority key identifier: 50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF
Certificate issuer:       /CN=5030a696986856de75b822d6ae95fe01313820af
Certificate serial:       0199FB45BEDD242924816E7A6192CE133A41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
Manifest number:          10DA
Signing time:             Sun 19 Oct 2025 07:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:16 +0000
Files and hashes:         1: UDCmlphoVt51uCLWrpX-ATE4IK8.crl (hash: jJvdluKzdVFq+kBeVZlvrTxEsf3RAEDlvV9MK6Kvbuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:be:dd:24:29:24:81:6e:7a:61:92:ce:13:3a:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5030a696986856de75b822d6ae95fe01313820af
        Validity
            Not Before: Oct 19 07:01:16 2025 GMT
            Not After : Oct 20 07:01:16 2025 GMT
        Subject: CN=4551b0a06ee42a70f52b9bc97c1f57119214e298
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:ba:ab:ac:b0:65:52:71:99:bb:6a:d5:59:26:
                    63:e8:54:73:34:51:d2:a3:0c:fd:db:a8:97:66:69:
                    9d:96:fb:4b:d4:ea:85:fa:2e:61:22:5e:15:ee:6c:
                    83:50:97:cf:48:1c:4b:5a:42:57:4c:21:6e:2e:80:
                    9b:ea:f5:f7:07:2e:8e:6d:5e:85:74:57:f6:a0:c5:
                    8e:c6:2f:d1:51:37:fb:23:f8:b1:92:fb:f0:91:14:
                    d0:f8:83:43:89:1a:ac:71:ac:e3:92:27:0d:ed:f6:
                    a0:0a:57:32:f0:52:f7:fd:23:15:aa:b9:c8:e6:bb:
                    48:6e:14:da:1f:40:17:71:8a:60:84:bf:cc:d4:d9:
                    1f:c6:31:c9:ab:0c:d7:af:fa:c3:d2:f6:50:20:4f:
                    96:2f:7a:0e:21:0b:32:c2:a8:f2:d3:45:88:78:59:
                    d7:be:93:01:0f:a4:14:a1:01:e3:e5:31:c2:d1:b1:
                    67:fb:c3:39:36:70:a2:c6:45:b8:b2:27:c9:0e:f9:
                    15:32:81:2e:51:18:89:f1:5f:82:13:47:5e:20:10:
                    c2:cb:bc:cd:c5:bd:24:39:ba:78:21:b0:99:de:97:
                    fc:87:7a:d2:61:e5:27:45:4c:b7:ad:ce:03:92:f9:
                    e1:69:34:3b:d1:8a:84:2d:2a:be:76:14:bd:b2:6a:
                    77:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:51:B0:A0:6E:E4:2A:70:F5:2B:9B:C9:7C:1F:57:11:92:14:E2:98
            X509v3 Authority Key Identifier:
                keyid:50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:68:e8:75:16:39:34:3a:89:df:66:c2:eb:a1:74:be:80:11:
         a1:66:92:31:46:3a:74:bc:87:91:5e:23:d6:ce:ab:f9:3b:32:
         cb:61:f2:26:06:65:5c:27:d6:de:ef:b9:6e:d0:f1:b8:e0:40:
         0b:5d:e8:6f:61:ce:7f:35:09:7c:c4:20:ce:1b:92:bf:2b:4b:
         ed:08:26:88:ef:ae:1a:b7:78:7e:44:5f:b3:a7:3c:d6:3d:7e:
         b7:e2:89:13:ee:c9:3c:10:9a:98:58:41:0d:43:ea:e8:da:fa:
         71:54:02:35:3b:e4:3d:01:53:ae:d2:8a:ad:7f:d5:7d:e0:77:
         df:34:af:c8:cf:7b:eb:57:84:58:2d:92:62:f7:63:f1:78:db:
         7d:d0:67:1a:97:70:58:93:f0:e3:45:02:79:b3:68:2d:21:4b:
         43:dc:34:a2:26:fb:2d:5b:64:e8:85:fd:9a:77:e6:09:61:21:
         34:a2:6a:b6:96:05:39:3e:5f:9e:dc:2a:5f:dc:88:ba:b5:66:
         10:4e:00:f8:81:32:69:e3:c4:fe:7d:73:06:ea:63:20:30:29:
         a0:77:ac:80:2b:94:27:e7:c3:20:ba:62:11:a5:36:16:cd:b2:
         da:5c:64:4c:f3:61:72:07:f1:69:77:0a:95:28:3e:a1:bb:29:
         05:1f:47:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Rb7dJCkkgW56YZLOEzpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMzBhNjk2OTg2ODU2ZGU3NWI4MjJkNmFlOTVmZTAxMzEz
ODIwYWYwHhcNMjUxMDE5MDcwMTE2WhcNMjUxMDIwMDcwMTE2WjAzMTEwLwYDVQQD
Eyg0NTUxYjBhMDZlZTQyYTcwZjUyYjliYzk3YzFmNTcxMTkyMTRlMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbqrrLBlUnGZu2rVWSZj6FRzNFHS
owz926iXZmmdlvtL1OqF+i5hIl4V7myDUJfPSBxLWkJXTCFuLoCb6vX3By6ObV6F
dFf2oMWOxi/RUTf7I/ixkvvwkRTQ+INDiRqscazjkicN7fagClcy8FL3/SMVqrnI
5rtIbhTaH0AXcYpghL/M1NkfxjHJqwzXr/rD0vZQIE+WL3oOIQsywqjy00WIeFnX
vpMBD6QUoQHj5THC0bFn+8M5NnCixkW4sifJDvkVMoEuURiJ8V+CE0deIBDCy7zN
xb0kObp4IbCZ3pf8h3rSYeUnRUy3rc4DkvnhaTQ70YqELSq+dhS9smp3YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVRsKBu5Cpw9SubyXwfVxGSFOKYMB8GA1UdIwQY
MBaAFFAwppaYaFbedbgi1q6V/gExOCCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUt
ZTUyNTI1ZGIxMmRiLzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUtZTUyNTI1ZGIxMmRi
LzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiGjodRY5
NDqJ32bC66F0voARoWaSMUY6dLyHkV4j1s6r+Tsyy2HyJgZlXCfW3u+5btDxuOBA
C13ob2HOfzUJfMQgzhuSvytL7QgmiO+uGrd4fkRfs6c81j1+t+KJE+7JPBCamFhB
DUPq6Nr6cVQCNTvkPQFTrtKKrX/VfeB33zSvyM9761eEWC2SYvdj8XjbfdBnGpdw
WJPw40UCebNoLSFLQ9w0oib7LVtk6IX9mnfmCWEhNKJqtpYFOT5fntwqX9yIurVm
EE4A+IEyaePE/n1zBupjIDApoHesgCuUJ+fDILpiEaU2Fs2y2lxkTPNhcgfxaXcK
lSg+obspBR9H/g==
-----END CERTIFICATE-----