Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
File:                     U1zc9HjqgOsXXEwwd-efy3DF0jA.mft (raw, json)
Hash identifier:          2zxtXqjqwp6FFlMNzZaSD6hcXpt6LDyNuM1DGCSPaik=
Subject key identifier:   4F:96:F5:54:7F:6F:B3:9A:B8:33:7C:B3:79:F7:80:29:B1:09:86:B8
Authority key identifier: 53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30
Certificate issuer:       /CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
Certificate serial:       0199FFC8D029D4B7B1853BE3034E2D89D2AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
Manifest number:          0B3B
Signing time:             Mon 20 Oct 2025 04:02:54 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:54 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:54 +0000
Files and hashes:         1: U1zc9HjqgOsXXEwwd-efy3DF0jA.crl (hash: VsvIcE4LAbH6Qj/xFtOqL2osruN9Qw91gQdLEdzVAzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:d0:29:d4:b7:b1:85:3b:e3:03:4e:2d:89:d2:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
        Validity
            Not Before: Oct 20 04:02:54 2025 GMT
            Not After : Oct 21 04:02:54 2025 GMT
        Subject: CN=4f96f5547f6fb39ab8337cb379f78029b10986b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9d:1e:5e:65:84:3c:ae:61:37:b4:35:b9:31:
                    ec:ab:17:1a:97:e6:b3:ca:0a:49:7a:c3:18:8f:ed:
                    94:30:16:34:00:a0:1e:ae:b3:99:fc:be:1d:5f:a6:
                    4b:10:76:4d:ba:92:d2:fd:7d:0d:db:6b:08:72:e7:
                    da:0c:3e:03:23:76:4c:a2:00:da:56:75:10:67:03:
                    ca:10:61:3a:a3:31:2d:87:36:c8:27:8a:e3:93:91:
                    64:4e:bc:eb:72:fe:bf:6c:38:80:d2:8c:03:5f:2f:
                    f5:e9:9b:27:01:da:a6:a9:e5:70:50:17:9d:6b:89:
                    93:05:a8:00:c3:aa:22:1f:ce:91:f9:7b:a3:e4:bc:
                    dc:16:4b:d7:b3:ca:e4:46:ca:a9:6c:7f:0a:18:79:
                    9c:a3:a6:a3:ed:43:a8:bc:71:b8:03:f8:9b:60:aa:
                    13:96:36:96:36:a1:f6:86:2e:30:62:9e:1d:30:c3:
                    22:50:88:28:38:1c:b1:39:0f:b3:08:54:6b:a7:ab:
                    f5:cc:3b:fa:54:52:8a:7e:ed:a4:ea:60:87:a8:e7:
                    78:04:c5:3e:9e:d2:68:79:55:be:a7:b3:7e:da:6e:
                    3b:6e:8b:ad:96:a0:60:86:e9:93:cb:73:25:64:a3:
                    27:29:e5:75:1c:b3:4e:46:de:11:95:d4:ed:d8:1c:
                    12:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:96:F5:54:7F:6F:B3:9A:B8:33:7C:B3:79:F7:80:29:B1:09:86:B8
            X509v3 Authority Key Identifier:
                keyid:53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:8a:51:e6:be:9f:bf:07:ca:b0:73:6f:67:f4:98:ed:f1:8b:
         dd:b7:56:ab:af:26:56:9b:ca:85:4d:82:cc:01:71:d9:35:bb:
         87:a5:06:25:02:8d:3f:1b:2e:51:8d:81:c5:67:38:aa:35:46:
         65:50:d7:97:c2:31:27:e3:d6:b5:55:25:2b:89:21:37:a6:16:
         db:00:b2:85:d6:76:c1:1b:ca:c8:7b:45:f0:33:e9:c8:dc:87:
         7f:04:e8:6e:20:46:df:ed:d2:38:40:54:e1:c4:04:d7:16:f0:
         ef:bf:bd:7e:06:90:c3:cc:43:29:a3:17:96:ad:f6:e6:9f:62:
         34:b7:ae:24:68:a7:15:94:e1:ed:85:54:07:43:95:4d:b6:33:
         8a:6c:30:ac:cd:dc:aa:d2:f0:1c:a5:4c:1f:48:fe:f4:24:74:
         4c:45:b4:06:81:4e:46:56:3b:a8:2a:59:4c:2e:57:27:7f:27:
         83:25:01:bf:ac:3c:e4:3c:ec:c4:e6:6e:11:25:79:9b:b9:46:
         80:4e:09:8f:e8:e6:72:a5:43:0b:2f:f2:f1:f6:79:e2:f4:54:
         83:7e:2a:4a:d6:66:a3:3b:a8:ae:fc:fb:17:a0:bc:a3:d0:0e:
         fb:64:8b:36:89:61:99:7b:49:ca:e8:27:ed:82:44:bf:2e:9a:
         ea:05:a7:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yNAp1LexhTvjA04tidKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWNkY2Y0NzhlYTgwZWIxNzVjNGMzMDc3ZTc5ZmNiNzBj
NWQyMzAwHhcNMjUxMDIwMDQwMjU0WhcNMjUxMDIxMDQwMjU0WjAzMTEwLwYDVQQD
Eyg0Zjk2ZjU1NDdmNmZiMzlhYjgzMzdjYjM3OWY3ODAyOWIxMDk4NmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ0eXmWEPK5hN7Q1uTHsqxcal+az
ygpJesMYj+2UMBY0AKAerrOZ/L4dX6ZLEHZNupLS/X0N22sIcufaDD4DI3ZMogDa
VnUQZwPKEGE6ozEthzbIJ4rjk5FkTrzrcv6/bDiA0owDXy/16ZsnAdqmqeVwUBed
a4mTBagAw6oiH86R+Xuj5LzcFkvXs8rkRsqpbH8KGHmco6aj7UOovHG4A/ibYKoT
ljaWNqH2hi4wYp4dMMMiUIgoOByxOQ+zCFRrp6v1zDv6VFKKfu2k6mCHqOd4BMU+
ntJoeVW+p7N+2m47boutlqBghumTy3MlZKMnKeV1HLNORt4RldTt2BwSpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+W9VR/b7OauDN8s3n3gCmxCYa4MB8GA1UdIwQY
MBaAFFNc3PR46oDrF1xMMHfnn8twxdIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAt
OTg5ZjUzYjJjYWUwLzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAtOTg5ZjUzYjJjYWUw
LzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIpR5r6f
vwfKsHNvZ/SY7fGL3bdWq68mVpvKhU2CzAFx2TW7h6UGJQKNPxsuUY2BxWc4qjVG
ZVDXl8IxJ+PWtVUlK4khN6YW2wCyhdZ2wRvKyHtF8DPpyNyHfwTobiBG3+3SOEBU
4cQE1xbw77+9fgaQw8xDKaMXlq325p9iNLeuJGinFZTh7YVUB0OVTbYzimwwrM3c
qtLwHKVMH0j+9CR0TEW0BoFORlY7qCpZTC5XJ38ngyUBv6w85DzsxOZuESV5m7lG
gE4Jj+jmcqVDCy/y8fZ54vRUg34qStZmozuorvz7F6C8o9AO+2SLNolhmXtJyugn
7YJEvy6a6gWnnw==
-----END CERTIFICATE-----