Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
File:                     UJFp9pOVg8wdvmUtulwMglBAoBI.mft (raw, json)
Hash identifier:          acDbR0Hu964t7RpxzTjMamI8z4tUK+xBpmH91D27y84=
Subject key identifier:   BA:64:85:45:F6:22:3E:C3:C3:6E:AC:69:0A:31:B8:89:8A:5D:05:11
Authority key identifier: 50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12
Certificate issuer:       /CN=509169f6939583cc1dbe652dba5c0c825040a012
Certificate serial:       0198D65F1A9BBCF9720A3EDFD5663DE9AC50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
Manifest number:          02EE
Signing time:             Sat 23 Aug 2025 10:00:13 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:13 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:13 +0000
Files and hashes:         1: UJFp9pOVg8wdvmUtulwMglBAoBI.crl (hash: 5W+ExOJx86+d9dWXUAsLJUehEMWzYQlRXRwhLumjVUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:1a:9b:bc:f9:72:0a:3e:df:d5:66:3d:e9:ac:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509169f6939583cc1dbe652dba5c0c825040a012
        Validity
            Not Before: Aug 23 10:00:13 2025 GMT
            Not After : Aug 24 10:00:13 2025 GMT
        Subject: CN=ba648545f6223ec3c36eac690a31b8898a5d0511
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d0:89:59:c9:92:e0:6b:23:ea:8e:09:63:80:
                    90:b9:dc:90:d5:42:2f:7e:90:e2:27:cd:30:0d:4d:
                    e5:f8:a9:2c:0f:98:ca:7d:7e:bb:6d:d0:b9:67:86:
                    52:28:59:ca:69:de:8f:1a:3e:e1:9f:4d:19:39:dc:
                    bc:00:12:d8:82:f9:b4:6d:6d:a9:56:70:b4:e2:60:
                    5c:e6:37:95:5f:19:cc:3f:9d:80:fc:52:a8:28:0f:
                    41:83:df:c6:0d:b7:de:3c:e8:19:46:92:b4:4e:02:
                    20:20:4d:14:a2:42:ca:9a:84:9e:78:6c:6c:9d:bb:
                    1b:84:fe:ae:85:8f:35:30:c6:5a:15:16:53:91:cf:
                    6e:69:64:49:bf:8f:ce:6e:97:b4:3c:82:6c:e9:00:
                    d0:76:4f:f0:4a:6c:ee:d9:64:55:04:72:32:a8:8e:
                    bb:5c:88:51:d0:fb:19:00:11:23:9b:80:26:92:9e:
                    36:b6:71:1b:f4:00:8e:09:f4:f2:f6:de:ba:01:28:
                    93:23:cb:52:46:3a:88:6c:8c:a0:db:f5:5b:53:97:
                    16:6e:78:aa:7e:a4:ad:06:c9:98:a1:6a:40:53:47:
                    54:84:7d:f0:1b:6c:b1:c1:29:f1:7c:60:41:f2:7c:
                    d8:ad:bc:5a:a6:32:a0:49:bc:34:7b:c5:b7:71:63:
                    42:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:64:85:45:F6:22:3E:C3:C3:6E:AC:69:0A:31:B8:89:8A:5D:05:11
            X509v3 Authority Key Identifier:
                keyid:50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:a4:d6:22:84:28:29:8d:a0:4f:bc:64:dc:58:71:de:5a:c1:
         d3:c7:82:05:71:0f:3f:49:a3:0c:a7:f4:8c:0c:90:b9:49:5b:
         9b:54:3c:48:3c:db:38:3e:f6:b4:7c:dd:65:e3:13:70:a3:1a:
         7a:cb:66:ac:97:64:c1:e0:14:e6:5c:ff:6c:30:69:c0:0f:7d:
         09:05:09:75:8d:46:c2:99:f8:48:a8:2f:8d:ce:c4:8b:fd:0d:
         62:5d:1c:36:34:c9:b1:52:ef:88:71:c9:f0:33:41:28:e6:33:
         5c:35:af:17:6c:3d:4f:54:92:71:0e:2e:87:74:1a:e0:65:51:
         ad:10:a9:49:a9:d5:36:7a:bb:0b:75:59:4c:e0:6c:cf:39:dd:
         8a:ce:f0:51:3f:3e:7d:ac:cb:42:34:23:86:54:3e:a8:04:73:
         eb:70:91:c3:6f:50:09:38:a4:29:5c:a6:dc:85:13:8a:e6:94:
         61:c2:56:3a:18:78:7e:b8:9e:78:f4:69:ca:d0:17:a9:54:c5:
         68:3d:0b:fd:5a:06:57:f9:99:94:59:27:e4:09:b9:5a:98:ea:
         37:5d:a6:94:62:d1:45:11:6f:a0:5b:c6:f4:f0:6e:47:23:b8:
         25:72:c7:9c:8a:07:f8:2e:4c:3a:f3:19:27:4a:95:58:bf:b4:
         6c:41:eb:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXxqbvPlyCj7f1WY96axQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTE2OWY2OTM5NTgzY2MxZGJlNjUyZGJhNWMwYzgyNTA0
MGEwMTIwHhcNMjUwODIzMTAwMDEzWhcNMjUwODI0MTAwMDEzWjAzMTEwLwYDVQQD
EyhiYTY0ODU0NWY2MjIzZWMzYzM2ZWFjNjkwYTMxYjg4OThhNWQwNTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotCJWcmS4Gsj6o4JY4CQudyQ1UIv
fpDiJ80wDU3l+KksD5jKfX67bdC5Z4ZSKFnKad6PGj7hn00ZOdy8ABLYgvm0bW2p
VnC04mBc5jeVXxnMP52A/FKoKA9Bg9/GDbfePOgZRpK0TgIgIE0UokLKmoSeeGxs
nbsbhP6uhY81MMZaFRZTkc9uaWRJv4/Obpe0PIJs6QDQdk/wSmzu2WRVBHIyqI67
XIhR0PsZABEjm4Amkp42tnEb9ACOCfTy9t66ASiTI8tSRjqIbIyg2/VbU5cWbniq
fqStBsmYoWpAU0dUhH3wG2yxwSnxfGBB8nzYrbxapjKgSbw0e8W3cWNCXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpkhUX2Ij7Dw26saQoxuImKXQURMB8GA1UdIwQY
MBaAFFCRafaTlYPMHb5lLbpcDIJQQKASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQt
NzU0NDEzYjk4ZGIyLzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQtNzU0NDEzYjk4ZGIy
LzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcKTWIoQo
KY2gT7xk3Fhx3lrB08eCBXEPP0mjDKf0jAyQuUlbm1Q8SDzbOD72tHzdZeMTcKMa
estmrJdkweAU5lz/bDBpwA99CQUJdY1Gwpn4SKgvjc7Ei/0NYl0cNjTJsVLviHHJ
8DNBKOYzXDWvF2w9T1SScQ4uh3Qa4GVRrRCpSanVNnq7C3VZTOBszzndis7wUT8+
fazLQjQjhlQ+qARz63CRw29QCTikKVym3IUTiuaUYcJWOhh4frieePRpytAXqVTF
aD0L/VoGV/mZlFkn5Am5WpjqN12mlGLRRRFvoFvG9PBuRyO4JXLHnIoH+C5MOvMZ
J0qVWL+0bEHrRw==
-----END CERTIFICATE-----