Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
File:                     uvzQImt58j3kemr95RRLGynii1w.mft (raw, json)
Hash identifier:          QpySrvNkvMdHJpX7rA/s+iuBEe/TJZXf2Tjsu98UMXo=
Subject key identifier:   77:D0:D2:80:C0:80:A2:59:60:08:29:E2:EA:00:E3:0E:70:8B:0A:72
Authority key identifier: BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C
Certificate issuer:       /CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
Certificate serial:       0199FAA0CEC7F6360C6D20EB3509F02F560F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
Manifest number:          08B8
Signing time:             Sun 19 Oct 2025 04:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 04:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 04:01:06 +0000
Files and hashes:         1: uvzQImt58j3kemr95RRLGynii1w.crl (hash: 6IZBS0fCiNumj9YAVU7elESe+KD9t4OX9CJGTMpmjFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 04:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:a0:ce:c7:f6:36:0c:6d:20:eb:35:09:f0:2f:56:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
        Validity
            Not Before: Oct 19 04:01:06 2025 GMT
            Not After : Oct 20 04:01:06 2025 GMT
        Subject: CN=77d0d280c080a259600829e2ea00e30e708b0a72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:d3:17:9a:82:22:8f:41:d5:d5:33:80:10:e6:
                    dc:d7:25:09:df:88:d3:61:e0:21:64:74:36:bf:76:
                    e9:5c:07:d5:7c:df:87:62:34:69:ad:9c:cf:7e:6d:
                    e1:90:2b:75:bf:0d:13:22:cf:d3:61:bc:4f:ee:88:
                    f0:cb:0e:9a:a4:3a:f9:56:16:f3:62:14:48:77:33:
                    86:43:0b:39:b2:66:f3:6c:ce:82:2b:e8:18:a7:26:
                    26:9a:6f:8f:c5:ae:da:61:83:3e:3e:aa:1b:be:2c:
                    2c:bc:7a:b1:23:f9:be:d9:88:d6:a8:58:4e:f6:68:
                    82:51:e1:fd:c8:0d:5e:1d:94:5e:af:07:0a:61:5f:
                    8f:c7:b2:f3:49:99:89:1d:de:20:4b:f7:e1:da:aa:
                    01:d0:99:29:7d:41:52:2b:c1:9e:a0:fa:52:f9:ab:
                    4c:69:5c:e9:24:1b:a5:2a:29:b5:82:84:fe:92:54:
                    e9:6c:bc:b1:af:a1:44:b1:63:6b:e6:45:6e:6c:43:
                    d9:3d:1c:52:95:6c:4c:1c:f5:cb:27:cf:c0:d9:00:
                    c0:38:c0:9d:bd:48:d7:b0:1f:e7:02:eb:5a:4d:bc:
                    21:73:b9:cf:10:ab:aa:18:5a:a0:76:0e:7a:c5:ce:
                    7f:ab:ce:b4:95:0d:c5:41:4a:9b:c7:c1:f4:e8:8d:
                    2a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:D0:D2:80:C0:80:A2:59:60:08:29:E2:EA:00:E3:0E:70:8B:0A:72
            X509v3 Authority Key Identifier:
                keyid:BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:02:59:ae:61:95:7c:42:93:37:74:a8:ff:fc:b1:03:c8:e0:
         8e:45:72:58:e2:7e:2d:25:06:30:fa:be:80:12:e1:80:c8:21:
         17:03:c9:1c:92:bc:a0:c3:e3:fe:30:17:a0:b8:42:15:15:19:
         bc:73:be:7e:2e:9b:1f:89:60:2c:aa:66:0a:29:c7:ec:61:f4:
         26:34:9d:c6:db:77:95:eb:55:e3:86:45:e5:68:6d:79:a5:0a:
         83:e5:9d:b1:5f:d7:af:7e:a5:6d:ab:73:d6:3b:38:2a:86:52:
         2f:2a:bd:94:55:d4:07:7c:47:7d:30:4d:4e:78:a1:b7:88:05:
         66:cf:c0:c2:fa:b1:76:bf:d0:ea:4f:22:c9:2e:a5:2c:c7:5c:
         a8:c7:5f:33:74:e8:83:5f:76:02:05:69:83:c6:d1:16:82:ca:
         a8:6e:11:14:2f:44:64:e7:97:79:8a:79:38:99:fe:be:0f:ad:
         dd:2d:78:58:bd:37:f9:f5:40:8b:65:d8:da:88:9c:d5:38:be:
         ee:09:77:07:d4:02:ce:45:1a:3e:34:0f:8f:1d:03:45:70:5b:
         e0:5f:1b:93:28:12:6b:7d:05:12:e5:c9:d9:48:8a:a2:be:3a:
         af:5b:5c:96:a6:00:bf:45:0e:d8:f7:cf:0a:d0:e5:b3:99:3a:
         c2:81:92:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oM7H9jYMbSDrNQnwL1YPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhZmNkMDIyNmI3OWYyM2RlNDdhNmFmZGU1MTQ0YjFiMjll
MjhiNWMwHhcNMjUxMDE5MDQwMTA2WhcNMjUxMDIwMDQwMTA2WjAzMTEwLwYDVQQD
Eyg3N2QwZDI4MGMwODBhMjU5NjAwODI5ZTJlYTAwZTMwZTcwOGIwYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktMXmoIij0HV1TOAEObc1yUJ34jT
YeAhZHQ2v3bpXAfVfN+HYjRprZzPfm3hkCt1vw0TIs/TYbxP7ojwyw6apDr5Vhbz
YhRIdzOGQws5smbzbM6CK+gYpyYmmm+Pxa7aYYM+PqobviwsvHqxI/m+2YjWqFhO
9miCUeH9yA1eHZRerwcKYV+Px7LzSZmJHd4gS/fh2qoB0JkpfUFSK8GeoPpS+atM
aVzpJBulKim1goT+klTpbLyxr6FEsWNr5kVubEPZPRxSlWxMHPXLJ8/A2QDAOMCd
vUjXsB/nAutaTbwhc7nPEKuqGFqgdg56xc5/q860lQ3FQUqbx8H06I0qmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfQ0oDAgKJZYAgp4uoA4w5wiwpyMB8GA1UdIwQY
MBaAFLr80CJrefI95Hpq/eUUSxsp4otcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82YTEyY2UtYWZiYy00NTgzLTk3NzMt
YzE4MTM5NDdlMjMzLzEvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82YTEyY2UtYWZiYy00NTgzLTk3NzMtYzE4MTM5NDdlMjMz
LzEvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGAJZrmGV
fEKTN3So//yxA8jgjkVyWOJ+LSUGMPq+gBLhgMghFwPJHJK8oMPj/jAXoLhCFRUZ
vHO+fi6bH4lgLKpmCinH7GH0JjSdxtt3letV44ZF5WhteaUKg+WdsV/Xr36lbatz
1js4KoZSLyq9lFXUB3xHfTBNTniht4gFZs/Awvqxdr/Q6k8iyS6lLMdcqMdfM3To
g192AgVpg8bRFoLKqG4RFC9EZOeXeYp5OJn+vg+t3S14WL03+fVAi2XY2oic1Ti+
7gl3B9QCzkUaPjQPjx0DRXBb4F8bkygSa30FEuXJ2UiKor46r1tclqYAv0UO2PfP
CtDls5k6woGSsQ==
-----END CERTIFICATE-----