Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
File:                     UJFp9pOVg8wdvmUtulwMglBAoBI.mft (raw, json)
Hash identifier:          BFSYH6BhemFblNcM5o5rXCcCHmVsEhTrW8getS2q8cs=
Subject key identifier:   2C:89:01:C6:C5:EA:57:84:92:ED:F5:8E:0A:E1:44:C3:6F:88:59:3D
Authority key identifier: 50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12
Certificate issuer:       /CN=509169f6939583cc1dbe652dba5c0c825040a012
Certificate serial:       0199FDD90AB45561BDC017B48C81A4F207E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
Manifest number:          0387
Signing time:             Sun 19 Oct 2025 19:01:23 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:23 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:23 +0000
Files and hashes:         1: UJFp9pOVg8wdvmUtulwMglBAoBI.crl (hash: ALpGaupgssv4CVQuEEzXueagT0LPqgLlt9KwET1RGCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:0a:b4:55:61:bd:c0:17:b4:8c:81:a4:f2:07:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509169f6939583cc1dbe652dba5c0c825040a012
        Validity
            Not Before: Oct 19 19:01:23 2025 GMT
            Not After : Oct 20 19:01:23 2025 GMT
        Subject: CN=2c8901c6c5ea578492edf58e0ae144c36f88593d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:70:eb:80:bc:30:b5:37:63:b3:5f:0e:f6:6b:
                    5a:d7:4c:5c:fc:c3:f3:54:0a:d6:b5:bf:ab:93:42:
                    43:7d:df:79:08:9c:6b:b0:a4:93:34:d4:aa:65:07:
                    e5:9e:5b:76:b7:4c:29:e5:75:8f:a7:35:fd:19:c9:
                    58:9a:d2:01:0f:a3:51:fb:a3:b1:9b:d8:08:33:2d:
                    a1:cc:c5:ed:fd:3c:4e:98:99:b8:ec:64:b4:63:0c:
                    db:dd:10:d4:87:b3:bf:10:c6:31:92:91:6e:38:ed:
                    fb:b5:58:04:77:a2:01:d8:c9:0f:1b:12:a6:1e:8b:
                    23:be:58:78:a6:95:0c:0c:72:be:03:fc:58:43:79:
                    a0:7c:9c:5e:dc:c2:b0:9d:8c:5f:f8:cd:b3:62:60:
                    49:81:05:ce:89:57:9e:b5:fd:43:0d:7c:4d:21:76:
                    f5:db:97:54:8b:2e:0c:38:78:06:62:8a:7b:c3:5b:
                    aa:8c:5f:ba:85:e5:fb:ea:64:6f:6a:a7:c8:e1:19:
                    dc:8f:3d:75:95:55:1f:0e:eb:8f:f2:5e:57:45:b0:
                    8c:fa:79:80:85:bd:48:a8:0d:94:4b:cd:e8:87:69:
                    fe:16:d8:99:5f:9d:86:50:82:0d:72:9c:3b:73:07:
                    8b:fc:d5:50:9a:87:07:c1:16:ff:6e:ef:3c:97:b8:
                    1d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:89:01:C6:C5:EA:57:84:92:ED:F5:8E:0A:E1:44:C3:6F:88:59:3D
            X509v3 Authority Key Identifier:
                keyid:50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:ee:dc:45:2c:fa:94:65:cb:17:ca:a3:11:33:41:b9:d9:52:
         63:89:3b:06:e6:3f:15:c8:cc:f8:45:22:6f:9b:94:74:c1:cd:
         0d:48:4c:ef:43:ef:5e:8a:83:ca:c1:cb:f3:ba:18:46:0c:2e:
         b8:8c:71:99:e7:72:c7:b1:16:89:0f:76:09:b2:cf:0c:3e:f6:
         dd:5b:f6:05:50:32:e1:69:2c:5e:3e:37:3b:ec:16:52:23:79:
         20:93:31:ef:2d:6b:73:91:8b:80:53:14:aa:3b:4b:27:fd:35:
         d2:33:f1:18:8e:89:53:68:f6:2b:50:a9:e1:77:cd:d9:2d:ad:
         33:af:01:36:0d:bf:0d:64:a1:97:17:63:a4:75:ff:33:36:67:
         43:b7:fe:26:fc:11:7b:f1:82:22:83:16:85:c1:08:4e:57:9c:
         ef:ee:bf:ac:ce:ab:86:ae:b3:1b:16:41:72:d9:05:62:a3:13:
         b0:b4:ef:57:91:e3:64:17:01:c6:a2:f9:27:91:51:54:19:b6:
         a9:c2:38:d5:de:08:b0:23:61:63:a7:f1:1e:16:b4:c1:ab:5e:
         73:2d:c4:5e:9a:c3:1c:73:d8:e6:9f:9b:a0:8c:dc:16:1d:18:
         4b:a1:7c:74:59:16:fb:50:f0:5b:21:98:dd:3d:1d:75:a8:b9:
         22:3c:db:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92Qq0VWG9wBe0jIGk8gfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTE2OWY2OTM5NTgzY2MxZGJlNjUyZGJhNWMwYzgyNTA0
MGEwMTIwHhcNMjUxMDE5MTkwMTIzWhcNMjUxMDIwMTkwMTIzWjAzMTEwLwYDVQQD
EygyYzg5MDFjNmM1ZWE1Nzg0OTJlZGY1OGUwYWUxNDRjMzZmODg1OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXDrgLwwtTdjs18O9mta10xc/MPz
VArWtb+rk0JDfd95CJxrsKSTNNSqZQflnlt2t0wp5XWPpzX9GclYmtIBD6NR+6Ox
m9gIMy2hzMXt/TxOmJm47GS0Ywzb3RDUh7O/EMYxkpFuOO37tVgEd6IB2MkPGxKm
Hosjvlh4ppUMDHK+A/xYQ3mgfJxe3MKwnYxf+M2zYmBJgQXOiVeetf1DDXxNIXb1
25dUiy4MOHgGYop7w1uqjF+6heX76mRvaqfI4Rncjz11lVUfDuuP8l5XRbCM+nmA
hb1IqA2US83oh2n+FtiZX52GUIINcpw7cweL/NVQmocHwRb/bu88l7gdgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyJAcbF6leEku31jgrhRMNviFk9MB8GA1UdIwQY
MBaAFFCRafaTlYPMHb5lLbpcDIJQQKASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQt
NzU0NDEzYjk4ZGIyLzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQtNzU0NDEzYjk4ZGIy
LzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeu7cRSz6
lGXLF8qjETNBudlSY4k7BuY/FcjM+EUib5uUdMHNDUhM70PvXoqDysHL87oYRgwu
uIxxmedyx7EWiQ92CbLPDD723Vv2BVAy4WksXj43O+wWUiN5IJMx7y1rc5GLgFMU
qjtLJ/010jPxGI6JU2j2K1Cp4XfN2S2tM68BNg2/DWShlxdjpHX/MzZnQ7f+JvwR
e/GCIoMWhcEITlec7+6/rM6rhq6zGxZBctkFYqMTsLTvV5HjZBcBxqL5J5FRVBm2
qcI41d4IsCNhY6fxHha0watecy3EXprDHHPY5p+boIzcFh0YS6F8dFkW+1DwWyGY
3T0ddai5IjzbXg==
-----END CERTIFICATE-----