Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
File:                     U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft (raw, json)
Hash identifier:          MddCmvtB+9BzlDqj+O2QswxuOq2QwyAEDLLSIqDfGTs=
Subject key identifier:   C2:38:D6:84:B7:DB:45:3A:CE:F7:29:F9:EB:45:D8:1B:B2:B9:A2:8E
Authority key identifier: 53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6
Certificate issuer:       /CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
Certificate serial:       0199FE7E1662D669A3C50DE2A778D8966394
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
Manifest number:          1406
Signing time:             Sun 19 Oct 2025 22:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:39 +0000
Files and hashes:         1: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl (hash: gKG2sKGRSC0rqAdmEAo9aIIy3f/Ea2CXRBOJDgJMWgg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7e:16:62:d6:69:a3:c5:0d:e2:a7:78:d8:96:63:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
        Validity
            Not Before: Oct 19 22:01:39 2025 GMT
            Not After : Oct 20 22:01:39 2025 GMT
        Subject: CN=c238d684b7db453acef729f9eb45d81bb2b9a28e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:72:21:ce:e7:48:21:1e:50:52:ad:eb:e2:33:
                    26:6b:49:20:b4:48:22:3c:ae:a6:bf:0a:d9:82:03:
                    95:27:ff:ff:9a:59:57:c6:d9:1b:07:ae:03:07:b2:
                    c4:9c:99:4c:93:e2:8c:79:a2:fe:3f:b1:3b:07:67:
                    24:bf:45:03:30:44:28:c5:23:4e:66:c9:27:cc:39:
                    3d:38:26:51:3b:e7:44:5b:36:a3:fb:77:8b:90:5c:
                    ee:11:cb:52:3b:5d:af:88:15:6d:1c:3f:8c:6e:a0:
                    7d:47:a3:b2:58:3f:62:97:bb:62:98:e3:d4:2b:1d:
                    14:61:eb:8a:cc:c4:19:6c:d6:0a:a0:38:3d:97:37:
                    41:71:44:1a:17:6c:9b:88:5f:f0:4f:ab:b5:33:a6:
                    50:b8:eb:56:5c:19:09:94:0d:09:dd:ad:fc:2d:8b:
                    e7:36:4d:e3:b2:8e:5d:d0:ef:f9:ae:85:1c:f6:d5:
                    81:aa:a3:8d:80:65:bf:50:62:89:a5:0c:20:eb:9c:
                    b0:01:79:03:e3:c5:38:ba:f8:24:a1:50:ca:81:bf:
                    32:96:93:0b:b2:60:bd:ff:e0:91:e1:ec:d0:15:17:
                    36:b1:ff:4b:fe:be:a5:46:98:08:01:76:32:a8:d4:
                    bc:74:04:f7:b7:e6:a1:e4:14:e8:64:8e:90:ab:3f:
                    37:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:38:D6:84:B7:DB:45:3A:CE:F7:29:F9:EB:45:D8:1B:B2:B9:A2:8E
            X509v3 Authority Key Identifier:
                keyid:53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:c6:39:85:9d:88:f2:bf:7b:b0:11:d4:70:82:a8:4d:41:09:
         ef:80:e4:a2:3b:78:95:f1:c3:63:ab:00:b8:f6:f4:37:4a:ea:
         30:6b:12:40:c0:e8:08:84:c3:af:06:bb:07:a3:06:0f:1d:9a:
         13:71:7d:17:f2:cf:3f:bb:aa:a8:2e:1e:a7:9b:db:04:b6:96:
         99:ba:d4:94:39:74:32:07:9c:b6:b1:54:58:e4:9c:c7:13:8a:
         b8:5e:fb:13:54:ba:4a:45:4b:79:da:4e:3c:ff:db:0d:39:7f:
         6a:c2:25:7d:f4:0f:68:9c:3a:2d:69:04:91:1c:5a:91:4f:e2:
         c7:e8:f0:35:9b:cb:c6:eb:2e:eb:68:9c:cc:35:3c:86:5c:43:
         79:01:74:27:5d:a9:62:4d:d5:34:f0:20:f6:1f:23:52:66:f6:
         09:64:88:bd:50:b6:46:2e:6c:a5:84:08:6e:a4:fc:60:ef:76:
         9c:63:27:2b:0e:30:63:cd:3a:0a:25:09:0a:51:93:7c:0a:d4:
         4f:d5:1c:b5:ca:28:a3:da:45:53:f4:53:4e:45:9f:65:6c:6c:
         fc:f3:36:18:a5:d5:8d:d5:1f:39:74:74:1b:58:7d:a9:78:80:
         04:be:22:90:aa:2e:81:ef:47:37:f1:ae:6d:6b:c5:1d:d9:b8:
         36:b3:39:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fhZi1mmjxQ3ip3jYlmOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYTNjNGVlNjcwZGNlYTY4YjRkNzllYTZjMzE4NWZlMDI5
ZDk3YjYwHhcNMjUxMDE5MjIwMTM5WhcNMjUxMDIwMjIwMTM5WjAzMTEwLwYDVQQD
EyhjMjM4ZDY4NGI3ZGI0NTNhY2VmNzI5ZjllYjQ1ZDgxYmIyYjlhMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXIhzudIIR5QUq3r4jMma0kgtEgi
PK6mvwrZggOVJ///mllXxtkbB64DB7LEnJlMk+KMeaL+P7E7B2ckv0UDMEQoxSNO
ZsknzDk9OCZRO+dEWzaj+3eLkFzuEctSO12viBVtHD+MbqB9R6OyWD9il7timOPU
Kx0UYeuKzMQZbNYKoDg9lzdBcUQaF2ybiF/wT6u1M6ZQuOtWXBkJlA0J3a38LYvn
Nk3jso5d0O/5roUc9tWBqqONgGW/UGKJpQwg65ywAXkD48U4uvgkoVDKgb8ylpML
smC9/+CR4ezQFRc2sf9L/r6lRpgIAXYyqNS8dAT3t+ah5BToZI6Qqz83zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMI41oS320U6zvcp+etF2BuyuaKOMB8GA1UdIwQY
MBaAFFOjxO5nDc6mi0156mwxhf4CnZe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjIt
MDQ0YzMyNTMxYWQzLzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjItMDQ0YzMyNTMxYWQz
LzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA8Y5hZ2I
8r97sBHUcIKoTUEJ74Dkojt4lfHDY6sAuPb0N0rqMGsSQMDoCITDrwa7B6MGDx2a
E3F9F/LPP7uqqC4ep5vbBLaWmbrUlDl0MgectrFUWOScxxOKuF77E1S6SkVLedpO
PP/bDTl/asIlffQPaJw6LWkEkRxakU/ix+jwNZvLxusu62iczDU8hlxDeQF0J12p
Yk3VNPAg9h8jUmb2CWSIvVC2Ri5spYQIbqT8YO92nGMnKw4wY806CiUJClGTfArU
T9Uctcooo9pFU/RTTkWfZWxs/PM2GKXVjdUfOXR0G1h9qXiABL4ikKouge9HN/Gu
bWvFHdm4NrM58A==
-----END CERTIFICATE-----