Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
File:                     UdspKXLBDGn5fs0k8vtptPZ3beg.mft (raw, json)
Hash identifier:          C84c+JPzCNLk2RZiP9RCiU9+f3qFknzudxpW6O7Y8wA=
Subject key identifier:   D8:82:53:EB:74:63:62:ED:91:77:9D:98:06:A7:59:E3:8A:E5:A9:D2
Authority key identifier: 51:DB:29:29:72:C1:0C:69:F9:7E:CD:24:F2:FB:69:B4:F6:77:6D:E8
Certificate issuer:       /CN=51db292972c10c69f97ecd24f2fb69b4f6776de8
Certificate serial:       0199FBEBA44FAF5F90ACFD9EC8820C1FEA33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:28 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:28 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:28 +0000
Files and hashes:         1: UdspKXLBDGn5fs0k8vtptPZ3beg.crl (hash: O68B5ymIUbacINNpjb2jzRpa3xMzb02/W0QcuM9HLk8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:a4:4f:af:5f:90:ac:fd:9e:c8:82:0c:1f:ea:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51db292972c10c69f97ecd24f2fb69b4f6776de8
        Validity
            Not Before: Oct 19 10:02:28 2025 GMT
            Not After : Oct 20 10:02:28 2025 GMT
        Subject: CN=d88253eb746362ed91779d9806a759e38ae5a9d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:0b:81:1f:e0:2e:02:5d:4b:81:19:44:83:34:
                    15:dd:37:ab:f9:08:26:44:f6:96:df:6a:9b:33:b3:
                    f5:ba:20:1c:c0:4a:55:90:41:da:85:9e:19:22:99:
                    0f:45:c3:aa:8d:9c:ce:3a:81:84:f6:9a:97:b8:a1:
                    56:66:4a:ce:25:db:2c:7e:4d:b1:1d:45:dc:03:da:
                    19:b8:cc:35:32:f4:ad:4b:45:b6:02:51:9d:f6:b8:
                    26:0b:3c:38:97:9c:7d:7d:2f:72:12:73:d8:de:49:
                    5c:bb:81:cf:a7:1d:a6:6a:14:cd:7e:d6:8b:11:91:
                    08:a2:f2:cb:5c:0c:a9:0a:35:1a:c7:ee:22:35:49:
                    30:ae:d2:ce:b0:23:fe:ef:5b:61:12:5a:89:9d:c3:
                    27:52:6a:21:08:ab:c5:d8:b1:55:ca:52:09:97:62:
                    08:b6:98:02:fa:f4:4a:16:c3:7e:50:eb:6c:92:e5:
                    c5:c8:a4:89:d4:fa:f9:71:06:82:14:28:0e:c5:9e:
                    f8:8b:e4:aa:8f:21:6a:9a:a6:9d:52:c2:25:9f:ca:
                    b3:65:7d:cf:00:d2:11:61:bd:ac:ba:90:2d:10:3f:
                    10:02:5e:62:f1:fe:83:8d:43:23:6c:6c:11:ad:64:
                    a3:be:ec:62:99:bb:13:cd:af:27:2a:e7:cc:c0:5e:
                    ec:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:82:53:EB:74:63:62:ED:91:77:9D:98:06:A7:59:E3:8A:E5:A9:D2
            X509v3 Authority Key Identifier:
                keyid:51:DB:29:29:72:C1:0C:69:F9:7E:CD:24:F2:FB:69:B4:F6:77:6D:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:07:7e:27:a0:e7:57:3c:b5:f1:99:4f:7e:bb:85:fa:58:dc:
         91:b3:68:36:5d:d6:cf:11:f0:48:aa:55:3e:81:86:f8:ff:b0:
         b6:43:03:ea:cf:75:a6:be:df:4f:be:11:c7:a3:6e:78:b6:a3:
         9e:65:3c:ed:3a:9f:e3:81:e4:a2:d8:ac:67:20:61:56:0c:62:
         31:7d:bc:33:76:55:79:fe:fb:f1:16:eb:e4:42:ce:1c:88:6d:
         6e:27:38:1c:77:0c:4a:23:03:44:a8:1f:3b:b4:d9:6d:98:c0:
         a1:52:56:28:4e:5a:96:3f:67:50:2a:08:4d:66:cb:8d:01:1d:
         f3:9f:bc:15:78:46:83:f7:5a:c3:89:ad:9d:b0:c9:a4:ba:58:
         db:1d:4a:75:e7:08:28:fa:04:45:17:71:f4:86:96:6a:4d:7a:
         e6:6a:53:fc:62:61:16:39:a9:36:1d:71:01:48:c0:68:9f:da:
         2d:9c:9a:5b:40:bf:cf:77:1e:a2:c6:ee:c1:3b:73:7e:9f:2f:
         63:3e:e1:c7:fb:33:83:33:43:56:7d:42:2d:54:57:6d:72:4d:
         7a:41:04:a4:98:70:94:59:68:2e:52:91:b0:24:26:f5:ff:2b:
         44:6e:4f:6f:1e:56:f8:d5:e5:ff:74:d5:5f:39:09:03:db:b6:
         4c:7c:2f:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766RPr1+QrP2eyIIMH+ozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZGIyOTI5NzJjMTBjNjlmOTdlY2QyNGYyZmI2OWI0ZjY3
NzZkZTgwHhcNMjUxMDE5MTAwMjI4WhcNMjUxMDIwMTAwMjI4WjAzMTEwLwYDVQQD
EyhkODgyNTNlYjc0NjM2MmVkOTE3NzlkOTgwNmE3NTllMzhhZTVhOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAuBH+AuAl1LgRlEgzQV3Ter+Qgm
RPaW32qbM7P1uiAcwEpVkEHahZ4ZIpkPRcOqjZzOOoGE9pqXuKFWZkrOJdssfk2x
HUXcA9oZuMw1MvStS0W2AlGd9rgmCzw4l5x9fS9yEnPY3klcu4HPpx2mahTNftaL
EZEIovLLXAypCjUax+4iNUkwrtLOsCP+71thElqJncMnUmohCKvF2LFVylIJl2II
tpgC+vRKFsN+UOtskuXFyKSJ1Pr5cQaCFCgOxZ74i+SqjyFqmqadUsIln8qzZX3P
ANIRYb2supAtED8QAl5i8f6DjUMjbGwRrWSjvuximbsTza8nKufMwF7sEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNiCU+t0Y2LtkXedmAanWeOK5anSMB8GA1UdIwQY
MBaAFFHbKSlywQxp+X7NJPL7abT2d23oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8wYmM5NTUtMjVkZS00Nzk4LWIzY2Ut
NmVhZjlkYWJhZTBmLzEvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8wYmM5NTUtMjVkZS00Nzk4LWIzY2UtNmVhZjlkYWJhZTBm
LzEvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKQd+J6Dn
Vzy18ZlPfruF+ljckbNoNl3WzxHwSKpVPoGG+P+wtkMD6s91pr7fT74Rx6NueLaj
nmU87Tqf44HkotisZyBhVgxiMX28M3ZVef778Rbr5ELOHIhtbic4HHcMSiMDRKgf
O7TZbZjAoVJWKE5alj9nUCoITWbLjQEd85+8FXhGg/daw4mtnbDJpLpY2x1KdecI
KPoERRdx9IaWak165mpT/GJhFjmpNh1xAUjAaJ/aLZyaW0C/z3ceosbuwTtzfp8v
Yz7hx/szgzNDVn1CLVRXbXJNekEEpJhwlFloLlKRsCQm9f8rRG5Pbx5W+NXl/3TV
XzkJA9u2THwvpQ==
-----END CERTIFICATE-----