Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
File:                     UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft (raw, json)
Hash identifier:          GZ1YdcJVwa2Pf7ZQRbmXPNdZmGP3vFOQ9BSviALgSAU=
Subject key identifier:   56:E8:C2:90:B1:1B:C6:15:55:5A:DC:13:FA:5B:60:F0:DD:05:A6:84
Authority key identifier: 52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D
Certificate issuer:       /CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
Certificate serial:       0198D54DCFBBB2AFADBFD81C2840ED596633
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
Manifest number:          15A7
Signing time:             Sat 23 Aug 2025 05:01:43 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:43 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:43 +0000
Files and hashes:         1: UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl (hash: 4Jh1f9XHJAOWzAVKSekpOt2byLtNoXFGbctDKW0XDgU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:cf:bb:b2:af:ad:bf:d8:1c:28:40:ed:59:66:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
        Validity
            Not Before: Aug 23 05:01:43 2025 GMT
            Not After : Aug 24 05:01:43 2025 GMT
        Subject: CN=56e8c290b11bc615555adc13fa5b60f0dd05a684
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b7:be:5b:8e:6e:06:6b:d0:d5:a6:c4:ec:7d:
                    d9:25:13:6d:fb:29:03:a0:17:7e:60:7e:b3:88:ab:
                    e3:18:f6:ea:8f:9f:e8:2f:b2:00:b3:dd:c9:5a:a2:
                    be:f6:db:09:6b:7c:84:62:be:18:a5:65:68:c2:83:
                    39:c1:d0:b0:35:87:ec:f5:c1:f4:2d:05:75:98:b0:
                    e9:81:ef:b2:8e:d7:d8:92:50:72:3d:b9:45:4c:ce:
                    22:de:60:c9:95:8a:f2:a1:59:78:8a:ea:48:0c:66:
                    66:b2:59:0e:18:86:91:7c:fd:98:f7:39:45:fb:77:
                    e4:b7:5f:a6:dd:8c:79:c3:72:65:02:d9:68:b7:02:
                    8f:49:8a:9f:05:80:77:69:4b:f4:bf:6e:49:46:f7:
                    3a:91:97:75:7b:39:65:ce:ef:5c:cb:3e:bd:52:04:
                    91:40:23:b6:76:c3:41:e8:7b:10:e0:c7:4d:d2:6b:
                    b5:11:0c:c5:32:78:1e:5a:11:df:a7:75:f7:04:39:
                    8e:30:cd:4f:a3:2b:2e:85:fc:87:e2:7a:ac:43:94:
                    f0:0d:2d:cb:7a:6e:ce:4d:8c:9c:bb:fc:4c:3b:b8:
                    61:0c:39:17:90:6f:c3:bd:71:78:8f:33:f6:41:57:
                    5a:13:7c:6c:9a:6e:59:29:51:db:8b:88:90:a2:2f:
                    f6:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:E8:C2:90:B1:1B:C6:15:55:5A:DC:13:FA:5B:60:F0:DD:05:A6:84
            X509v3 Authority Key Identifier:
                keyid:52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:cf:28:52:76:15:eb:35:5f:7d:a2:bf:b5:ca:03:5e:f2:99:
         58:5c:92:fe:1e:dd:46:4c:67:67:b6:2b:06:01:94:9b:36:38:
         35:26:31:98:45:fe:ed:16:84:c0:88:8f:50:7d:14:8c:ea:8a:
         a7:a3:91:53:b5:8c:f1:7f:93:31:17:0c:0d:de:fa:17:e0:00:
         c4:bd:ec:28:cb:ce:88:65:be:12:cc:88:9b:19:17:1b:66:36:
         2e:c1:b6:bb:ef:ee:27:85:d7:d3:a5:8f:7e:e3:b6:76:a7:17:
         ea:8c:e8:8d:3f:90:cc:d2:73:6b:44:b2:a5:1d:53:20:f5:00:
         ab:5a:32:49:01:2b:f1:20:ab:9d:d5:97:54:09:39:4b:62:29:
         40:74:ad:32:ee:a7:5b:99:5f:40:a1:53:99:49:99:b1:6b:12:
         cd:5b:bc:ed:9b:bc:4d:23:30:d5:28:72:98:79:74:96:ca:9a:
         3f:94:db:1e:63:7a:c5:b5:10:0b:08:44:a7:d2:dd:f8:e1:da:
         0b:f8:a0:91:57:de:a6:a3:4d:db:32:e2:2c:7d:b1:c7:70:1c:
         b8:0f:1b:e5:15:bc:dd:ad:b5:94:c3:f4:62:18:eb:31:2c:9c:
         18:c5:b7:81:3e:4b:b9:08:5e:b7:0d:bf:b1:9e:ba:c4:34:17:
         9d:ab:c8:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTc+7sq+tv9gcKEDtWWYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjJkM2YyN2NjMDViZTU5MjRiYjdiZDg5MGY3ZTZkZWZm
YjQ5N2QwHhcNMjUwODIzMDUwMTQzWhcNMjUwODI0MDUwMTQzWjAzMTEwLwYDVQQD
Eyg1NmU4YzI5MGIxMWJjNjE1NTU1YWRjMTNmYTViNjBmMGRkMDVhNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLe+W45uBmvQ1abE7H3ZJRNt+ykD
oBd+YH6ziKvjGPbqj5/oL7IAs93JWqK+9tsJa3yEYr4YpWVowoM5wdCwNYfs9cH0
LQV1mLDpge+yjtfYklByPblFTM4i3mDJlYryoVl4iupIDGZmslkOGIaRfP2Y9zlF
+3fkt1+m3Yx5w3JlAtlotwKPSYqfBYB3aUv0v25JRvc6kZd1ezllzu9cyz69UgSR
QCO2dsNB6HsQ4MdN0mu1EQzFMngeWhHfp3X3BDmOMM1PoysuhfyH4nqsQ5TwDS3L
em7OTYycu/xMO7hhDDkXkG/DvXF4jzP2QVdaE3xsmm5ZKVHbi4iQoi/2mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFbowpCxG8YVVVrcE/pbYPDdBaaEMB8GA1UdIwQY
MBaAFFJi0/J8wFvlkku3vYkPfm3v+0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2Et
N2FlNTk4N2JlZTYyLzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2EtN2FlNTk4N2JlZTYy
LzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv88oUnYV
6zVffaK/tcoDXvKZWFyS/h7dRkxnZ7YrBgGUmzY4NSYxmEX+7RaEwIiPUH0UjOqK
p6ORU7WM8X+TMRcMDd76F+AAxL3sKMvOiGW+EsyImxkXG2Y2LsG2u+/uJ4XX06WP
fuO2dqcX6ozojT+QzNJza0SypR1TIPUAq1oySQEr8SCrndWXVAk5S2IpQHStMu6n
W5lfQKFTmUmZsWsSzVu87Zu8TSMw1ShymHl0lsqaP5TbHmN6xbUQCwhEp9Ld+OHa
C/igkVfepqNN2zLiLH2xx3AcuA8b5RW83a21lMP0YhjrMSycGMW3gT5LuQhetw2/
sZ66xDQXnavIvw==
-----END CERTIFICATE-----