Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
File:                     UDCmlphoVt51uCLWrpX-ATE4IK8.mft (raw, json)
Hash identifier:          E62JXgaePIppgzSlnfdUuNGIZyfYOaoZ5ORo+w1/UX0=
Subject key identifier:   D4:07:F8:9F:BA:23:2F:C1:1D:63:B5:0D:D4:40:8D:BC:DA:4B:5C:EF
Authority key identifier: 50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF
Certificate issuer:       /CN=5030a696986856de75b822d6ae95fe01313820af
Certificate serial:       0198D5BBCC953F1EC46C9056CD65F1878793
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
Manifest number:          1042
Signing time:             Sat 23 Aug 2025 07:01:51 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:51 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:51 +0000
Files and hashes:         1: UDCmlphoVt51uCLWrpX-ATE4IK8.crl (hash: MaDfiO8Ak04MvENlEJomMLqdG9QSqI81ByuNXs6qsZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:cc:95:3f:1e:c4:6c:90:56:cd:65:f1:87:87:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5030a696986856de75b822d6ae95fe01313820af
        Validity
            Not Before: Aug 23 07:01:51 2025 GMT
            Not After : Aug 24 07:01:51 2025 GMT
        Subject: CN=d407f89fba232fc11d63b50dd4408dbcda4b5cef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:18:fe:b0:24:53:f2:29:1a:3e:4e:95:2b:73:
                    7f:24:93:f7:38:2c:6c:68:de:3c:61:2f:c9:af:a0:
                    82:f6:3a:3a:e0:2b:4b:f4:c0:05:60:54:cb:2a:f3:
                    14:71:7b:36:b6:8b:9a:c5:e1:e0:60:1f:d8:12:a3:
                    fd:05:60:46:4e:38:0b:28:4d:e7:16:e8:33:7f:18:
                    75:1c:47:0c:0e:b1:24:6c:14:ee:a9:11:07:e3:dc:
                    b4:a1:19:7e:28:d4:4f:47:c8:c9:d0:47:eb:fd:63:
                    58:7e:6b:0f:7d:02:23:b8:95:2c:91:73:9d:2e:90:
                    fb:a1:a6:0b:55:b1:41:5b:c5:4d:6b:8c:10:59:22:
                    82:d7:6e:26:bf:dc:b4:7f:58:2d:2b:3f:d7:7a:f3:
                    72:1b:e9:3b:13:d3:59:da:a5:0f:a8:db:f1:2a:eb:
                    8f:56:ec:28:58:de:2f:f2:8a:6b:13:74:7a:bf:80:
                    d6:3b:f2:d1:3c:8a:47:88:9e:b8:65:2d:dd:7a:d9:
                    2b:12:2f:8f:70:b7:86:3f:cb:7c:bd:a6:36:c0:7b:
                    34:f6:38:0a:d5:2a:61:06:90:47:90:aa:e6:2b:29:
                    76:4c:e2:7f:9e:e2:6f:2a:b2:11:2e:84:2d:6c:1c:
                    47:c6:40:a2:86:f3:bc:52:aa:f3:d0:67:f8:40:1d:
                    67:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:07:F8:9F:BA:23:2F:C1:1D:63:B5:0D:D4:40:8D:BC:DA:4B:5C:EF
            X509v3 Authority Key Identifier:
                keyid:50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:47:cc:32:82:f0:ba:94:e8:92:85:04:71:0e:4f:be:5c:8b:
         f2:7e:cf:0b:c2:37:c1:16:b8:5e:b1:78:fe:87:dc:ef:c5:a4:
         89:ce:7f:36:a3:2e:ed:a6:9f:0b:d9:2c:e4:0f:34:58:bf:d2:
         19:83:1e:14:97:ed:f5:6a:87:32:ab:0c:57:c2:bd:1e:70:e4:
         50:7f:cd:64:ef:4f:d1:19:88:a3:ac:c2:39:b5:53:d7:24:85:
         ca:a7:c2:3a:a4:71:0e:7b:9d:ee:68:b5:86:2b:87:99:42:13:
         98:a6:47:49:7f:56:6e:33:d0:41:38:2c:42:e7:96:f7:35:f5:
         de:c6:8d:33:36:38:76:9e:e3:fb:26:32:5e:e3:1f:cf:bf:c5:
         70:a1:a2:0c:40:24:a0:4b:bd:ee:d8:2a:82:e6:30:ec:01:0d:
         10:bf:17:2e:67:e7:84:cd:2d:c8:b5:0f:6e:ad:16:a1:7c:2c:
         d5:6d:2a:9f:97:c3:51:33:62:b4:dd:84:00:cc:b4:11:2a:ca:
         a9:2c:9e:f0:b3:88:1f:04:9c:eb:70:9c:40:e1:b8:ca:e1:f9:
         a4:3c:80:7a:82:72:b8:73:8c:4a:70:bd:d4:14:58:f1:89:dc:
         ed:53:ae:29:18:b0:8f:50:ea:13:cc:41:05:4c:b8:44:8c:27:
         24:b3:99:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu8yVPx7EbJBWzWXxh4eTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMzBhNjk2OTg2ODU2ZGU3NWI4MjJkNmFlOTVmZTAxMzEz
ODIwYWYwHhcNMjUwODIzMDcwMTUxWhcNMjUwODI0MDcwMTUxWjAzMTEwLwYDVQQD
EyhkNDA3Zjg5ZmJhMjMyZmMxMWQ2M2I1MGRkNDQwOGRiY2RhNGI1Y2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihj+sCRT8ikaPk6VK3N/JJP3OCxs
aN48YS/Jr6CC9jo64CtL9MAFYFTLKvMUcXs2touaxeHgYB/YEqP9BWBGTjgLKE3n
Fugzfxh1HEcMDrEkbBTuqREH49y0oRl+KNRPR8jJ0Efr/WNYfmsPfQIjuJUskXOd
LpD7oaYLVbFBW8VNa4wQWSKC124mv9y0f1gtKz/XevNyG+k7E9NZ2qUPqNvxKuuP
VuwoWN4v8oprE3R6v4DWO/LRPIpHiJ64ZS3detkrEi+PcLeGP8t8vaY2wHs09jgK
1SphBpBHkKrmKyl2TOJ/nuJvKrIRLoQtbBxHxkCihvO8Uqrz0Gf4QB1npwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQH+J+6Iy/BHWO1DdRAjbzaS1zvMB8GA1UdIwQY
MBaAFFAwppaYaFbedbgi1q6V/gExOCCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUt
ZTUyNTI1ZGIxMmRiLzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUtZTUyNTI1ZGIxMmRi
LzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABkfMMoLw
upTokoUEcQ5PvlyL8n7PC8I3wRa4XrF4/ofc78Wkic5/NqMu7aafC9ks5A80WL/S
GYMeFJft9WqHMqsMV8K9HnDkUH/NZO9P0RmIo6zCObVT1ySFyqfCOqRxDnud7mi1
hiuHmUITmKZHSX9WbjPQQTgsQueW9zX13saNMzY4dp7j+yYyXuMfz7/FcKGiDEAk
oEu97tgqguYw7AENEL8XLmfnhM0tyLUPbq0WoXws1W0qn5fDUTNitN2EAMy0ESrK
qSye8LOIHwSc63CcQOG4yuH5pDyAeoJyuHOMSnC91BRY8Ync7VOuKRiwj1DqE8xB
BUy4RIwnJLOZ3Q==
-----END CERTIFICATE-----