Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft
File:                     uXhT3Vdz8qawcYefW567Dm9Ofao.mft (raw, json)
Hash identifier:          23QkUcZad6ORP8BvszyDdSo/MVsLSvcgy1W+YSyxXGc=
Subject key identifier:   02:C2:05:C8:1D:C0:81:84:2E:B0:1B:3F:5E:83:10:76:6F:74:C7:8D
Authority key identifier: B9:78:53:DD:57:73:F2:A6:B0:71:87:9F:5B:9E:BB:0E:6F:4E:7D:AA
Certificate issuer:       /CN=b97853dd5773f2a6b071879f5b9ebb0e6f4e7daa
Certificate serial:       0199FC58B1C61CB09EC7307A70D99F4DB033
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uXhT3Vdz8qawcYefW567Dm9Ofao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft
Manifest number:          1674
Signing time:             Sun 19 Oct 2025 12:01:35 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:35 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:35 +0000
Files and hashes:         1: uXhT3Vdz8qawcYefW567Dm9Ofao.crl (hash: EatmQM455ZZU2cofHDEUAPC3b5gkIvqmLMXn35QmQLg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uXhT3Vdz8qawcYefW567Dm9Ofao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:b1:c6:1c:b0:9e:c7:30:7a:70:d9:9f:4d:b0:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b97853dd5773f2a6b071879f5b9ebb0e6f4e7daa
        Validity
            Not Before: Oct 19 12:01:35 2025 GMT
            Not After : Oct 20 12:01:35 2025 GMT
        Subject: CN=02c205c81dc081842eb01b3f5e8310766f74c78d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:28:3d:72:2c:47:35:5f:3f:83:2f:8d:a9:69:
                    38:df:5b:0b:ed:9e:fb:86:88:72:cf:26:e4:e5:d4:
                    e5:94:8f:67:1f:a3:c3:23:55:d5:a3:41:0d:8e:c8:
                    51:f3:86:0d:d4:8b:4c:31:34:be:f9:82:fa:e4:ce:
                    6a:51:c9:e0:70:cb:bf:e7:7d:3e:0b:f3:e8:57:4b:
                    00:a2:47:cb:35:d3:92:d6:44:fc:e3:f3:cf:67:27:
                    22:87:bf:91:c1:f6:98:1b:bb:6d:b2:94:88:ec:dd:
                    eb:48:7b:c1:97:d3:38:6a:44:55:a2:2e:ce:f0:8f:
                    fe:04:a5:cc:aa:4a:a3:2f:67:f5:67:97:ef:b6:36:
                    51:b8:85:d5:c9:f9:7f:02:20:dc:7e:6f:db:e3:d2:
                    7c:e7:cc:ca:04:14:26:56:0b:7e:92:e5:77:65:7a:
                    67:a1:35:2d:71:64:82:6c:fc:cd:f9:4a:d9:41:2c:
                    79:1f:30:6e:c5:af:f9:25:23:d8:bb:65:c8:76:fd:
                    8d:79:25:08:38:76:47:03:48:d4:42:8f:8c:20:e1:
                    27:e8:9c:18:23:44:77:7b:49:e2:f5:d2:3a:9a:5b:
                    88:bd:58:bb:da:bd:0c:5c:f9:fa:34:75:d5:84:30:
                    18:31:1c:5e:6d:cf:d8:7c:94:63:5b:58:93:c6:da:
                    6e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:C2:05:C8:1D:C0:81:84:2E:B0:1B:3F:5E:83:10:76:6F:74:C7:8D
            X509v3 Authority Key Identifier:
                keyid:B9:78:53:DD:57:73:F2:A6:B0:71:87:9F:5B:9E:BB:0E:6F:4E:7D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXhT3Vdz8qawcYefW567Dm9Ofao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:2c:91:a7:d7:df:d8:73:b1:02:44:43:17:7a:de:83:de:56:
         26:a1:b5:4d:a8:b7:a3:32:87:1c:80:02:28:82:c4:b1:75:82:
         56:04:3d:68:93:9c:98:d3:4c:b2:93:2a:5d:34:24:7d:6a:54:
         5f:3b:cc:29:d9:7b:11:27:04:dd:65:b9:88:87:1d:8f:65:cd:
         11:d3:a0:7e:3e:eb:07:2e:c1:a3:66:0e:00:ad:da:64:89:de:
         b9:b7:b4:10:77:4f:eb:9a:e0:4b:25:ce:25:05:ad:45:ef:af:
         e7:bc:69:f5:18:6e:3b:91:c4:85:cf:66:20:95:12:6c:20:01:
         ad:e9:c6:8a:a3:64:82:97:eb:52:9f:50:36:41:4d:24:27:11:
         1a:a3:ae:48:89:b3:84:f5:6d:da:c4:d6:6b:0e:b6:6f:5a:ca:
         6b:c5:2a:0b:fb:aa:96:84:e0:5e:75:75:b0:91:b5:db:a4:0d:
         e0:27:af:25:75:b4:f7:46:1e:ee:69:da:9b:05:a6:39:fb:57:
         e9:6d:8a:7c:6f:39:b2:41:9f:5f:55:ba:1c:2b:88:65:0c:c1:
         79:13:a2:2e:5a:d2:cc:4f:87:e7:e6:90:eb:88:7b:94:88:3e:
         7c:56:5c:bf:d7:fd:de:6c:d2:69:d4:1c:5c:c4:68:f1:94:41:
         11:e9:fc:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WLHGHLCexzB6cNmfTbAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Nzg1M2RkNTc3M2YyYTZiMDcxODc5ZjViOWViYjBlNmY0
ZTdkYWEwHhcNMjUxMDE5MTIwMTM1WhcNMjUxMDIwMTIwMTM1WjAzMTEwLwYDVQQD
EygwMmMyMDVjODFkYzA4MTg0MmViMDFiM2Y1ZTgzMTA3NjZmNzRjNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCg9cixHNV8/gy+NqWk431sL7Z77
hohyzybk5dTllI9nH6PDI1XVo0ENjshR84YN1ItMMTS++YL65M5qUcngcMu/530+
C/PoV0sAokfLNdOS1kT84/PPZycih7+RwfaYG7ttspSI7N3rSHvBl9M4akRVoi7O
8I/+BKXMqkqjL2f1Z5fvtjZRuIXVyfl/AiDcfm/b49J858zKBBQmVgt+kuV3ZXpn
oTUtcWSCbPzN+UrZQSx5HzBuxa/5JSPYu2XIdv2NeSUIOHZHA0jUQo+MIOEn6JwY
I0R3e0ni9dI6mluIvVi72r0MXPn6NHXVhDAYMRxebc/YfJRjW1iTxtpudwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALCBcgdwIGELrAbP16DEHZvdMeNMB8GA1UdIwQY
MBaAFLl4U91Xc/KmsHGHn1ueuw5vTn2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhoVDNWZHo4cWF3Y1llZlc1NjdEbTlPZmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTNiNjYtYWYzNS00OWQxLWJkNzgt
N2ZmODQ0M2Q5YzIxLzEvdVhoVDNWZHo4cWF3Y1llZlc1NjdEbTlPZmFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTNiNjYtYWYzNS00OWQxLWJkNzgtN2ZmODQ0M2Q5YzIx
LzEvdVhoVDNWZHo4cWF3Y1llZlc1NjdEbTlPZmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPyyRp9ff
2HOxAkRDF3reg95WJqG1Tai3ozKHHIACKILEsXWCVgQ9aJOcmNNMspMqXTQkfWpU
XzvMKdl7EScE3WW5iIcdj2XNEdOgfj7rBy7Bo2YOAK3aZIneube0EHdP65rgSyXO
JQWtRe+v57xp9RhuO5HEhc9mIJUSbCABrenGiqNkgpfrUp9QNkFNJCcRGqOuSImz
hPVt2sTWaw62b1rKa8UqC/uqloTgXnV1sJG126QN4CevJXW090Ye7mnamwWmOftX
6W2KfG85skGfX1W6HCuIZQzBeROiLlrSzE+H5+aQ64h7lIg+fFZcv9f93mzSadQc
XMRo8ZRBEen8VQ==
-----END CERTIFICATE-----