Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
File:                     0_ULT8CViQuDHAPZliXA7lQZ01o.mft (raw, json)
Hash identifier:          MhxOxbIN1qinB96XOXnEXZ2t2nmsCe8fMPCnucsca2c=
Subject key identifier:   2D:A4:8A:5B:6E:64:B0:21:5C:64:87:AA:8F:4F:30:56:34:F5:CA:07
Authority key identifier: D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A
Certificate issuer:       /CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
Certificate serial:       0199FAD8222AE9B6E58A0ED0ED67FBB3820E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
Manifest number:          1593
Signing time:             Sun 19 Oct 2025 05:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:32 +0000
Files and hashes:         1: 0_ULT8CViQuDHAPZliXA7lQZ01o.crl (hash: YR2p31rQHINRwwXLvvVmIbagSzYKZnG0x9NjIkfss9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:22:2a:e9:b6:e5:8a:0e:d0:ed:67:fb:b3:82:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
        Validity
            Not Before: Oct 19 05:01:32 2025 GMT
            Not After : Oct 20 05:01:32 2025 GMT
        Subject: CN=2da48a5b6e64b0215c6487aa8f4f305634f5ca07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:4c:bf:21:05:86:fe:69:8b:fa:1b:ad:41:0a:
                    02:ff:97:61:70:08:f9:8d:bd:c1:9b:2c:16:75:a9:
                    5b:ba:6e:64:6f:01:ae:ff:16:f2:1e:ce:c9:3f:88:
                    22:77:61:d1:b8:df:6b:77:3f:36:db:95:12:41:0c:
                    08:97:89:7c:b7:75:ff:53:6f:a5:a9:74:5a:31:80:
                    a8:0f:91:fb:39:81:07:7f:f3:69:de:67:86:1e:47:
                    6c:9d:a3:ea:38:3a:de:db:25:d5:c4:4c:11:ed:db:
                    f0:ec:d7:2c:af:48:f1:cb:93:c1:34:9f:fc:53:a1:
                    6f:58:4b:b3:55:1c:0e:67:81:f5:95:46:77:d9:89:
                    2a:ff:b0:11:f7:8a:7e:85:ed:d9:f5:2a:b5:07:aa:
                    a4:f6:f0:f9:60:be:e2:6a:94:bd:f2:18:e5:79:cc:
                    a2:3f:c2:dd:15:bf:90:6c:e6:22:5d:79:ee:75:95:
                    bb:e5:6a:cc:a1:ea:2f:c7:7d:92:c6:6b:ca:7c:ec:
                    97:4e:21:f6:c8:48:d2:3e:7a:af:0f:73:0f:37:aa:
                    de:f1:e8:bf:b6:13:7d:db:91:bc:ac:92:ec:eb:c8:
                    d8:ed:0c:6e:85:1c:93:cb:6a:c0:7d:6d:70:06:8c:
                    03:46:10:4a:a4:9f:2c:ee:39:32:0a:e6:80:15:16:
                    19:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:A4:8A:5B:6E:64:B0:21:5C:64:87:AA:8F:4F:30:56:34:F5:CA:07
            X509v3 Authority Key Identifier:
                keyid:D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:cf:c8:4f:89:3d:ca:35:58:b2:00:a3:cb:39:eb:0a:be:09:
         40:e3:0a:e6:86:14:b1:e2:7f:7c:75:46:47:7f:0e:66:32:b0:
         87:b6:36:61:8a:90:60:ba:48:ee:8e:92:94:ac:e4:de:e3:4e:
         f8:ea:fa:dd:42:e5:10:0e:63:42:47:f8:a7:df:42:4a:d3:c3:
         2a:05:15:de:85:d6:b2:fc:b4:04:3c:ed:bf:d7:41:ad:25:3e:
         c8:de:c5:55:8b:d8:95:46:9b:bb:9c:55:20:7d:9f:9b:70:a2:
         b1:c6:03:ce:d5:8f:ec:c4:6e:d8:ed:8e:ac:0a:34:50:00:80:
         f4:af:04:13:5a:42:f1:f8:60:e4:34:3a:93:a6:69:e8:ae:75:
         02:8b:19:df:40:04:84:4f:c9:83:1e:8e:a9:c8:99:88:2c:07:
         7b:14:76:fe:00:91:bf:26:78:1e:df:4d:38:2b:62:2d:7e:79:
         fc:49:da:51:f3:0c:ee:fd:b6:30:38:ad:4d:b1:02:63:50:ab:
         55:1a:69:74:a6:3e:70:5a:ba:f1:57:7e:97:f8:6f:60:34:14:
         9d:b7:fc:28:af:c7:24:b2:7d:79:62:29:ab:14:82:71:93:57:
         6a:b1:78:b0:4b:20:23:fa:c9:df:2a:e7:0e:cc:ee:8e:5d:bb:
         8d:91:40:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62CIq6bblig7Q7Wf7s4IOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZjUwYjRmYzA5NTg5MGI4MzFjMDNkOTk2MjVjMGVlNTQx
OWQzNWEwHhcNMjUxMDE5MDUwMTMyWhcNMjUxMDIwMDUwMTMyWjAzMTEwLwYDVQQD
EygyZGE0OGE1YjZlNjRiMDIxNWM2NDg3YWE4ZjRmMzA1NjM0ZjVjYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10y/IQWG/mmL+hutQQoC/5dhcAj5
jb3BmywWdalbum5kbwGu/xbyHs7JP4gid2HRuN9rdz8225USQQwIl4l8t3X/U2+l
qXRaMYCoD5H7OYEHf/Np3meGHkdsnaPqODre2yXVxEwR7dvw7Ncsr0jxy5PBNJ/8
U6FvWEuzVRwOZ4H1lUZ32Ykq/7AR94p+he3Z9Sq1B6qk9vD5YL7iapS98hjlecyi
P8LdFb+QbOYiXXnudZW75WrMoeovx32SxmvKfOyXTiH2yEjSPnqvD3MPN6re8ei/
thN925G8rJLs68jY7QxuhRyTy2rAfW1wBowDRhBKpJ8s7jkyCuaAFRYZSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2kiltuZLAhXGSHqo9PMFY09coHMB8GA1UdIwQY
MBaAFNP1C0/AlYkLgxwD2ZYlwO5UGdNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQt
NzdlMzIxN2NkMzlmLzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQtNzdlMzIxN2NkMzlm
LzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMc/IT4k9
yjVYsgCjyznrCr4JQOMK5oYUseJ/fHVGR38OZjKwh7Y2YYqQYLpI7o6SlKzk3uNO
+Or63ULlEA5jQkf4p99CStPDKgUV3oXWsvy0BDztv9dBrSU+yN7FVYvYlUabu5xV
IH2fm3CiscYDztWP7MRu2O2OrAo0UACA9K8EE1pC8fhg5DQ6k6Zp6K51AosZ30AE
hE/Jgx6OqciZiCwHexR2/gCRvyZ4Ht9NOCtiLX55/EnaUfMM7v22MDitTbECY1Cr
VRppdKY+cFq68Vd+l/hvYDQUnbf8KK/HJLJ9eWIpqxSCcZNXarF4sEsgI/rJ3yrn
Dszujl27jZFAmg==
-----END CERTIFICATE-----