Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
File:                     U1zc9HjqgOsXXEwwd-efy3DF0jA.mft (raw, json)
Hash identifier:          C6L42K3fHPPUFeRuvvw2Kz0x+6JgPaBERdtYT66ia2Q=
Subject key identifier:   0C:DA:8F:AE:B9:88:C7:1C:96:1D:FA:24:49:A7:D6:4D:8D:5A:3B:01
Authority key identifier: 53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30
Certificate issuer:       /CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
Certificate serial:       0198D84F3E7BBFE9E0A951D7EA1A949B4195
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
Manifest number:          0AA2
Signing time:             Sat 23 Aug 2025 19:02:08 +0000
Manifest this update:     Sat 23 Aug 2025 19:02:08 +0000
Manifest next update:     Sun 24 Aug 2025 19:02:08 +0000
Files and hashes:         1: U1zc9HjqgOsXXEwwd-efy3DF0jA.crl (hash: IcjspMK/6KT0lFW/PbXwAaiqlNtZMFDybtAoWM8TqZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 17:19:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:4f:3e:7b:bf:e9:e0:a9:51:d7:ea:1a:94:9b:41:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
        Validity
            Not Before: Aug 23 19:02:08 2025 GMT
            Not After : Aug 24 19:02:08 2025 GMT
        Subject: CN=0cda8faeb988c71c961dfa2449a7d64d8d5a3b01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:20:cc:85:d7:99:d7:c7:93:63:22:a7:df:d3:
                    19:7f:5f:bc:fd:9b:a3:cb:f6:06:97:e9:aa:ce:5f:
                    e6:dd:ff:bf:51:7a:9b:a4:7c:6d:da:0f:cd:f8:01:
                    d7:78:8b:39:b5:6f:4c:45:51:89:dc:c4:6d:e6:4f:
                    85:7e:94:e5:96:4e:a3:de:9d:bf:10:1b:a7:fd:4e:
                    d8:2d:d3:c2:b9:84:31:38:93:c3:93:23:66:97:68:
                    b0:39:fa:cd:7e:08:19:fb:52:12:f7:83:d6:af:48:
                    b0:84:9c:9f:64:18:5b:09:f7:1c:9a:2f:ce:4b:d0:
                    2c:d2:bc:ce:5d:9d:00:6e:79:a7:ba:fe:9e:af:72:
                    4f:57:1e:3f:17:72:4c:ee:7d:25:3b:57:cb:e0:96:
                    8e:4a:b7:00:25:83:ff:88:6e:22:bb:2c:3f:d3:53:
                    b5:7c:7f:cf:a3:a2:9d:cd:36:84:91:04:03:38:58:
                    b9:54:da:cc:3c:8f:23:b1:8a:0a:0b:12:62:b7:02:
                    89:ec:ce:d1:79:11:0f:a2:0b:15:d3:30:80:e3:95:
                    88:d3:63:01:84:30:6c:5c:a1:a9:fa:2a:bc:4b:55:
                    35:db:b1:96:3f:2f:7a:3c:26:e4:39:33:04:15:0b:
                    90:99:90:7f:d6:54:0c:14:1c:63:ac:e2:30:ba:c7:
                    3d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:DA:8F:AE:B9:88:C7:1C:96:1D:FA:24:49:A7:D6:4D:8D:5A:3B:01
            X509v3 Authority Key Identifier:
                keyid:53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:45:e3:1a:9a:8a:a6:cb:cc:e7:a2:98:61:b7:84:1f:cf:2d:
         75:78:09:a4:2a:ce:0a:bc:20:23:24:9d:27:39:91:d1:e7:cb:
         30:0f:cc:8d:96:27:80:9c:33:84:1f:22:c5:72:13:c7:7d:4b:
         f3:f9:f9:e3:14:67:cf:c9:e6:ea:b6:f4:d6:78:67:16:44:a3:
         6a:a3:df:fb:24:03:37:04:87:3b:03:f1:37:a3:0f:e2:3f:5b:
         4f:c6:bb:dc:79:9e:37:b6:33:36:93:34:76:c4:b1:14:25:8d:
         a8:82:87:06:b1:43:68:11:bb:09:3d:3e:60:d6:52:1c:fb:bb:
         4e:ed:31:d5:a5:5d:12:28:de:ca:96:e0:eb:a8:b4:44:17:f3:
         55:4b:94:01:eb:eb:a6:36:97:cc:0a:98:5e:0c:4a:30:8d:e1:
         2f:56:25:b3:50:1f:e5:38:2b:26:ad:24:f4:e0:9e:63:5a:8a:
         32:fa:ac:56:48:78:65:0c:00:7a:85:32:64:56:1e:99:a8:db:
         b8:8e:c2:9c:60:1f:ea:2c:15:cc:d9:71:81:6d:f7:44:b5:0f:
         a3:1c:94:5d:7a:c4:e3:e4:66:96:47:87:14:ec:8a:5c:19:2b:
         56:ca:94:7b:bb:70:6a:12:d1:a1:be:47:52:0c:71:5c:97:5d:
         b6:72:87:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYTz57v+ngqVHX6hqUm0GVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWNkY2Y0NzhlYTgwZWIxNzVjNGMzMDc3ZTc5ZmNiNzBj
NWQyMzAwHhcNMjUwODIzMTkwMjA4WhcNMjUwODI0MTkwMjA4WjAzMTEwLwYDVQQD
EygwY2RhOGZhZWI5ODhjNzFjOTYxZGZhMjQ0OWE3ZDY0ZDhkNWEzYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCDMhdeZ18eTYyKn39MZf1+8/Zuj
y/YGl+mqzl/m3f+/UXqbpHxt2g/N+AHXeIs5tW9MRVGJ3MRt5k+FfpTllk6j3p2/
EBun/U7YLdPCuYQxOJPDkyNml2iwOfrNfggZ+1IS94PWr0iwhJyfZBhbCfccmi/O
S9As0rzOXZ0Abnmnuv6er3JPVx4/F3JM7n0lO1fL4JaOSrcAJYP/iG4iuyw/01O1
fH/Po6KdzTaEkQQDOFi5VNrMPI8jsYoKCxJitwKJ7M7ReREPogsV0zCA45WI02MB
hDBsXKGp+iq8S1U127GWPy96PCbkOTMEFQuQmZB/1lQMFBxjrOIwusc9XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzaj665iMcclh36JEmn1k2NWjsBMB8GA1UdIwQY
MBaAFFNc3PR46oDrF1xMMHfnn8twxdIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAt
OTg5ZjUzYjJjYWUwLzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAtOTg5ZjUzYjJjYWUw
LzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUUXjGpqK
psvM56KYYbeEH88tdXgJpCrOCrwgIySdJzmR0efLMA/MjZYngJwzhB8ixXITx31L
8/n54xRnz8nm6rb01nhnFkSjaqPf+yQDNwSHOwPxN6MP4j9bT8a73HmeN7YzNpM0
dsSxFCWNqIKHBrFDaBG7CT0+YNZSHPu7Tu0x1aVdEijeypbg66i0RBfzVUuUAevr
pjaXzAqYXgxKMI3hL1Yls1Af5TgrJq0k9OCeY1qKMvqsVkh4ZQwAeoUyZFYemajb
uI7CnGAf6iwVzNlxgW33RLUPoxyUXXrE4+RmlkeHFOyKXBkrVsqUe7twahLRob5H
UgxxXJddtnKHSA==
-----END CERTIFICATE-----