Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
File:                     UdspKXLBDGn5fs0k8vtptPZ3beg.mft (raw, json)
Hash identifier:          vRJxGLtaQ+Xe4tAO2vEPnw1oIPzxTDyzkbbYhyZpLw4=
Subject key identifier:   C3:16:2E:8B:75:55:A5:A9:7B:A8:D2:F9:EB:DA:AD:28:77:F0:5E:40
Authority key identifier: 51:DB:29:29:72:C1:0C:69:F9:7E:CD:24:F2:FB:69:B4:F6:77:6D:E8
Certificate issuer:       /CN=51db292972c10c69f97ecd24f2fb69b4f6776de8
Certificate serial:       0198D4748AB76F18130D5FE1BA5973CF8B0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 01:04:24 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:24 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:24 +0000
Files and hashes:         1: UdspKXLBDGn5fs0k8vtptPZ3beg.crl (hash: Hh4ex/T8WIAAnvVN07lTAjdx9tBqyn3emm9tHX8YXwE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:04:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:8a:b7:6f:18:13:0d:5f:e1:ba:59:73:cf:8b:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51db292972c10c69f97ecd24f2fb69b4f6776de8
        Validity
            Not Before: Aug 23 01:04:24 2025 GMT
            Not After : Aug 24 01:04:24 2025 GMT
        Subject: CN=c3162e8b7555a5a97ba8d2f9ebdaad2877f05e40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:38:92:bf:53:b8:8b:f3:6d:a1:37:0e:dc:fb:
                    1f:25:e4:0b:92:65:06:64:58:5f:d1:46:7c:7b:6c:
                    96:f0:8c:72:49:59:3a:6d:e9:d7:fa:b5:41:34:1c:
                    74:63:ac:a1:94:ff:6e:d0:19:a0:75:14:e6:b4:d3:
                    e2:43:42:6a:19:54:00:8e:c2:36:fc:51:de:91:1d:
                    e7:e2:40:8f:e2:f1:f3:4d:51:cd:60:46:0c:55:70:
                    0d:03:2d:84:36:4d:e9:d1:cb:49:55:6a:4d:0d:cf:
                    30:cf:a3:4a:25:09:93:b8:9e:3a:51:26:f0:9e:28:
                    f4:f6:66:dd:dc:7a:1e:cc:88:8d:fb:5d:3b:91:f2:
                    e5:4d:7e:9a:ec:44:8b:9b:e3:32:df:61:f2:cd:83:
                    fa:59:10:e1:3e:77:ad:51:1f:14:f7:d6:87:d6:b0:
                    b7:a3:a4:c6:a4:f0:d5:67:9a:67:1f:00:bf:d5:0a:
                    56:da:30:dc:63:e8:13:e4:d5:04:74:27:a0:8f:3b:
                    69:dd:7c:b1:e5:34:06:3f:11:25:4a:8f:a9:ef:39:
                    da:a5:52:5b:64:78:7c:00:9c:9c:58:64:5b:47:23:
                    58:61:af:6f:ea:6f:90:90:9b:12:fb:16:5c:27:22:
                    39:fb:19:9d:4e:a9:ff:c4:b2:41:66:d6:9e:80:3e:
                    3a:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:16:2E:8B:75:55:A5:A9:7B:A8:D2:F9:EB:DA:AD:28:77:F0:5E:40
            X509v3 Authority Key Identifier:
                keyid:51:DB:29:29:72:C1:0C:69:F9:7E:CD:24:F2:FB:69:B4:F6:77:6D:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:a9:d0:7f:84:25:3d:79:cc:c8:b5:54:34:7c:b7:5b:fd:f4:
         b6:d5:7f:fa:62:d0:77:3b:58:5d:73:d5:bc:1a:52:df:b0:48:
         72:40:05:f0:ac:a1:3c:ab:11:7f:9a:62:5e:63:b2:a7:4c:66:
         f5:7c:0f:b1:70:86:58:55:c7:71:63:cb:a2:13:0e:11:c9:aa:
         8b:c4:0d:8a:85:b2:b4:e5:53:55:8b:14:e7:82:fb:6f:21:60:
         92:ca:6c:dd:1f:26:75:b0:fa:4d:40:ea:01:8f:59:6e:9c:c4:
         8f:b4:b6:1f:4a:98:bc:1a:84:6f:a6:ac:12:0d:67:58:ad:ba:
         80:46:c6:d8:0e:31:7e:e9:e7:16:71:75:49:49:53:28:f9:38:
         d6:b0:ce:75:bc:43:cb:62:b0:41:61:39:d3:cf:78:08:d2:cf:
         95:24:51:c4:9a:13:aa:9b:d3:3f:ad:62:f7:3b:27:fc:8f:c9:
         a8:90:3f:0b:5c:5f:0f:07:3e:3b:ae:ec:ff:3f:b7:37:78:cd:
         67:a7:cf:7e:7a:d4:f0:92:d5:ce:7e:0c:77:4d:5c:ae:70:ac:
         7b:fa:e0:d1:e9:54:43:cc:10:2f:f5:d7:ed:23:aa:79:64:8e:
         4f:f9:fc:cd:27:c6:94:2f:b0:99:86:5b:e2:75:54:62:bb:f9:
         22:9d:e9:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdIq3bxgTDV/hullzz4sKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZGIyOTI5NzJjMTBjNjlmOTdlY2QyNGYyZmI2OWI0ZjY3
NzZkZTgwHhcNMjUwODIzMDEwNDI0WhcNMjUwODI0MDEwNDI0WjAzMTEwLwYDVQQD
EyhjMzE2MmU4Yjc1NTVhNWE5N2JhOGQyZjllYmRhYWQyODc3ZjA1ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDiSv1O4i/NtoTcO3PsfJeQLkmUG
ZFhf0UZ8e2yW8IxySVk6benX+rVBNBx0Y6yhlP9u0BmgdRTmtNPiQ0JqGVQAjsI2
/FHekR3n4kCP4vHzTVHNYEYMVXANAy2ENk3p0ctJVWpNDc8wz6NKJQmTuJ46USbw
nij09mbd3HoezIiN+107kfLlTX6a7ESLm+My32HyzYP6WRDhPnetUR8U99aH1rC3
o6TGpPDVZ5pnHwC/1QpW2jDcY+gT5NUEdCegjztp3Xyx5TQGPxElSo+p7znapVJb
ZHh8AJycWGRbRyNYYa9v6m+QkJsS+xZcJyI5+xmdTqn/xLJBZtaegD46KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMWLot1VaWpe6jS+evarSh38F5AMB8GA1UdIwQY
MBaAFFHbKSlywQxp+X7NJPL7abT2d23oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8wYmM5NTUtMjVkZS00Nzk4LWIzY2Ut
NmVhZjlkYWJhZTBmLzEvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8wYmM5NTUtMjVkZS00Nzk4LWIzY2UtNmVhZjlkYWJhZTBm
LzEvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVanQf4Ql
PXnMyLVUNHy3W/30ttV/+mLQdztYXXPVvBpS37BIckAF8KyhPKsRf5piXmOyp0xm
9XwPsXCGWFXHcWPLohMOEcmqi8QNioWytOVTVYsU54L7byFgksps3R8mdbD6TUDq
AY9ZbpzEj7S2H0qYvBqEb6asEg1nWK26gEbG2A4xfunnFnF1SUlTKPk41rDOdbxD
y2KwQWE50894CNLPlSRRxJoTqpvTP61i9zsn/I/JqJA/C1xfDwc+O67s/z+3N3jN
Z6fPfnrU8JLVzn4Md01crnCse/rg0elUQ8wQL/XX7SOqeWSOT/n8zSfGlC+wmYZb
4nVUYrv5Ip3pBw==
-----END CERTIFICATE-----