Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
File:                     uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json)
Hash identifier:          DfLS608MmVPEbMYtMWja02xRLwR6ymYHtENFsnOw9lM=
Subject key identifier:   8F:42:32:D0:A9:18:5F:A1:23:E9:8F:A2:2F:57:CC:59:FC:3F:D1:BB
Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E
Certificate issuer:       /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
Certificate serial:       0199FCFD6E186DAF47DA6A1AE40A3A2151EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
Manifest number:          0664
Signing time:             Sun 19 Oct 2025 15:01:31 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:31 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:31 +0000
Files and hashes:         1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: EWQAmzfgXxz87lRzR9wH62C9nuA+ysaBT/L3SXRAqyY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:6e:18:6d:af:47:da:6a:1a:e4:0a:3a:21:51:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
        Validity
            Not Before: Oct 19 15:01:31 2025 GMT
            Not After : Oct 20 15:01:31 2025 GMT
        Subject: CN=8f4232d0a9185fa123e98fa22f57cc59fc3fd1bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6b:a1:ad:59:d0:44:5b:cb:60:15:cb:62:f6:
                    90:dd:23:51:bd:7d:d9:82:aa:24:58:49:b0:aa:ac:
                    d4:f1:d7:b4:9f:4a:fb:c1:3f:f1:1f:e8:95:dc:ee:
                    aa:16:26:89:70:9d:8d:45:70:02:6b:eb:af:57:79:
                    62:2e:21:5b:59:65:01:d6:49:05:b0:8f:e5:58:98:
                    de:75:8b:ce:48:11:cc:d3:e8:04:2f:34:8e:90:49:
                    b8:dc:32:03:64:31:43:c1:dd:c1:17:f4:60:2c:e3:
                    24:73:8f:80:7a:cd:37:3a:7a:7b:b8:11:d2:d9:88:
                    76:ad:d5:58:fa:6b:83:7b:2e:c3:bb:1c:89:a2:a8:
                    10:23:55:21:2b:8c:4d:c5:d7:44:00:99:7d:ad:da:
                    30:6b:f4:2e:ef:b2:8a:c0:4e:10:1a:97:88:fa:3d:
                    15:3a:c3:9b:cf:00:c8:a9:4f:84:73:59:2a:c6:ff:
                    d7:62:ed:13:09:38:f1:7f:f8:d0:1f:2e:e8:49:b8:
                    22:12:f6:4c:9b:8e:14:48:74:c4:6d:fe:aa:9f:18:
                    5f:7e:6a:ec:11:8a:00:75:72:1a:a4:56:33:f6:f1:
                    f5:d2:0e:50:c0:e1:da:ad:fc:5d:89:5d:12:d4:3b:
                    21:18:ec:25:04:ec:90:55:d3:de:e3:a6:f6:dc:be:
                    e9:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:42:32:D0:A9:18:5F:A1:23:E9:8F:A2:2F:57:CC:59:FC:3F:D1:BB
            X509v3 Authority Key Identifier:
                keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:8e:22:ec:44:d1:16:55:c0:98:db:55:4c:5a:4f:5c:15:f9:
         db:f1:ed:c7:ab:d9:3d:95:da:dd:6a:d0:21:f2:d9:8e:64:ce:
         48:a5:9f:7c:6a:ba:29:28:0e:7a:6b:3f:af:cb:22:9d:f8:06:
         72:86:f4:89:3f:7a:d3:65:61:02:09:18:8d:16:5d:8f:83:9d:
         af:9c:c3:1b:a6:9e:2a:d4:88:41:f6:e1:0f:be:82:6a:3f:34:
         99:81:09:70:47:ad:25:00:86:e6:39:5c:32:23:5f:0f:60:a1:
         e6:c3:8b:d2:cb:8b:4d:27:35:e1:a0:1d:e0:58:6a:4c:a2:e1:
         3b:89:58:e1:0d:38:b2:c8:c0:1e:84:4c:ba:01:31:d4:4a:8f:
         68:ff:a3:17:63:1f:c0:fc:d5:26:c8:bc:b7:45:75:f6:e0:b4:
         e4:0b:b1:b2:4d:cb:21:77:c9:f1:98:ba:27:3a:d2:6e:8a:4a:
         c1:82:58:6a:9b:9b:45:9f:f3:f1:ef:37:39:4c:f2:b9:42:9e:
         8a:0a:7f:f4:d0:73:be:c8:6e:02:07:62:7b:14:1f:2c:cb:9e:
         26:53:f0:ee:b1:ff:30:dd:d3:b8:39:db:f8:c5:0a:c5:07:55:
         ca:0b:45:fd:5a:83:9a:3e:88:ed:2c:f4:d4:27:b1:9b:47:e5:
         d3:0f:ad:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/W4Yba9H2moa5Ao6IVHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2
ODExOGUwHhcNMjUxMDE5MTUwMTMxWhcNMjUxMDIwMTUwMTMxWjAzMTEwLwYDVQQD
Eyg4ZjQyMzJkMGE5MTg1ZmExMjNlOThmYTIyZjU3Y2M1OWZjM2ZkMWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmuhrVnQRFvLYBXLYvaQ3SNRvX3Z
gqokWEmwqqzU8de0n0r7wT/xH+iV3O6qFiaJcJ2NRXACa+uvV3liLiFbWWUB1kkF
sI/lWJjedYvOSBHM0+gELzSOkEm43DIDZDFDwd3BF/RgLOMkc4+Aes03Onp7uBHS
2Yh2rdVY+muDey7DuxyJoqgQI1UhK4xNxddEAJl9rdowa/Qu77KKwE4QGpeI+j0V
OsObzwDIqU+Ec1kqxv/XYu0TCTjxf/jQHy7oSbgiEvZMm44USHTEbf6qnxhffmrs
EYoAdXIapFYz9vH10g5QwOHarfxdiV0S1DshGOwlBOyQVdPe46b23L7pcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9CMtCpGF+hI+mPoi9XzFn8P9G7MB8GA1UdIwQY
MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt
YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj
LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPo4i7ETR
FlXAmNtVTFpPXBX52/Htx6vZPZXa3WrQIfLZjmTOSKWffGq6KSgOems/r8sinfgG
cob0iT9602VhAgkYjRZdj4Odr5zDG6aeKtSIQfbhD76Caj80mYEJcEetJQCG5jlc
MiNfD2Ch5sOL0suLTSc14aAd4FhqTKLhO4lY4Q04ssjAHoRMugEx1EqPaP+jF2Mf
wPzVJsi8t0V19uC05Auxsk3LIXfJ8Zi6JzrSbopKwYJYapubRZ/z8e83OUzyuUKe
igp/9NBzvshuAgdiexQfLMueJlPw7rH/MN3TuDnb+MUKxQdVygtF/VqDmj6I7Sz0
1Cexm0fl0w+tXQ==
-----END CERTIFICATE-----