Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
File:                     uvzQImt58j3kemr95RRLGynii1w.mft (raw, json)
Hash identifier:          3+1WkCuvnAfbR801G9oJ1A/tfonQB0EQHNzy54sDTbc=
Subject key identifier:   94:7B:9B:8A:B0:71:D3:0F:2E:F3:55:A8:FC:04:16:0A:63:B6:73:CD
Authority key identifier: BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C
Certificate issuer:       /CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
Certificate serial:       0198D705BC36AE02D4236968AAA91BF9520D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
Manifest number:          0821
Signing time:             Sat 23 Aug 2025 13:02:13 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:13 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:13 +0000
Files and hashes:         1: uvzQImt58j3kemr95RRLGynii1w.crl (hash: EdHKefHxxLz4GngWrVU8msRTPfTMcIlgBvVuAInJmH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:bc:36:ae:02:d4:23:69:68:aa:a9:1b:f9:52:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bafcd0226b79f23de47a6afde5144b1b29e28b5c
        Validity
            Not Before: Aug 23 13:02:13 2025 GMT
            Not After : Aug 24 13:02:13 2025 GMT
        Subject: CN=947b9b8ab071d30f2ef355a8fc04160a63b673cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:36:f9:4e:e3:2d:e5:74:51:c1:9a:38:c6:84:
                    03:57:08:bb:f8:5e:97:40:20:77:10:f9:3f:e5:42:
                    37:0f:84:31:08:60:57:22:21:3d:47:48:0c:30:0c:
                    6a:2a:0f:67:8d:49:d7:dc:4a:26:e8:e2:ed:a1:5f:
                    63:e0:af:71:76:6d:d8:f6:e2:65:c1:67:59:f0:2b:
                    ea:ea:ff:5a:bb:00:6b:56:d0:6a:93:ba:6e:5c:a8:
                    34:61:e8:55:2b:3b:69:bd:0b:68:65:dd:00:e6:9c:
                    dd:f2:28:9d:74:e0:42:55:49:60:0a:d3:09:b8:44:
                    ec:0e:89:fe:eb:33:1f:9b:40:be:ae:3b:8e:2c:54:
                    b0:03:78:70:6f:87:10:a4:c7:48:ee:93:83:2d:66:
                    09:c4:20:4f:a3:9c:bf:e3:ad:d9:2a:19:e4:13:95:
                    e6:86:70:68:95:7d:80:11:d2:8d:01:4a:73:97:23:
                    75:df:23:97:ca:f1:e2:91:d0:1f:cd:0e:7e:8e:7f:
                    41:16:7c:e9:ad:f9:46:e1:e4:ca:b9:0c:80:04:bc:
                    d6:f6:15:d3:b3:24:8b:e1:17:ba:03:76:2b:c2:3d:
                    a5:8a:0f:c3:6c:78:c6:a3:32:cb:cf:fc:36:0f:0e:
                    37:74:f8:09:bd:7e:a8:ce:46:e4:29:99:b0:1d:40:
                    87:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:7B:9B:8A:B0:71:D3:0F:2E:F3:55:A8:FC:04:16:0A:63:B6:73:CD
            X509v3 Authority Key Identifier:
                keyid:BA:FC:D0:22:6B:79:F2:3D:E4:7A:6A:FD:E5:14:4B:1B:29:E2:8B:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uvzQImt58j3kemr95RRLGynii1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a12ce-afbc-4583-9773-c1813947e233/1/uvzQImt58j3kemr95RRLGynii1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:21:b3:b4:d4:d2:5d:2e:f2:f3:3f:8e:fe:95:cb:2a:0d:03:
         fc:1e:ac:a2:ea:e8:15:b6:12:fa:a3:10:c0:0c:1e:2e:49:3b:
         8e:29:4c:17:fa:41:2e:5c:78:59:b2:22:fd:ca:34:d7:2d:02:
         fa:27:5e:af:03:0a:73:ed:78:99:26:98:bb:49:71:90:dd:85:
         31:fe:54:d5:3a:9b:40:77:7b:d2:28:37:de:7d:46:2b:ed:e7:
         8d:95:5b:30:19:73:02:94:68:48:b5:5c:df:6f:0a:da:4a:5c:
         85:9e:88:e6:ab:37:d6:7b:e8:fc:b6:83:8f:37:8a:61:32:c6:
         50:f6:65:5b:52:1d:74:e6:e0:e2:d1:d5:d9:9e:ed:b7:cc:fc:
         01:f1:14:cb:3b:29:fa:0b:34:4b:5c:65:c5:30:52:52:91:d2:
         a9:52:ed:02:68:3f:ae:8b:63:a4:ad:3b:cb:29:77:7a:3a:1f:
         30:08:0e:dc:82:1d:35:bf:7e:a9:58:0e:b0:b7:89:6e:94:b9:
         af:36:77:f4:72:71:50:32:c9:0b:c2:dc:e2:1d:45:4d:b1:a4:
         54:ef:74:46:dd:59:71:ac:e7:05:a8:6f:66:39:7c:a1:ad:66:
         68:2e:fe:e3:c8:90:c3:56:ee:93:f6:08:0e:c4:42:a6:70:90:
         e9:22:d6:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBbw2rgLUI2loqqkb+VINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhZmNkMDIyNmI3OWYyM2RlNDdhNmFmZGU1MTQ0YjFiMjll
MjhiNWMwHhcNMjUwODIzMTMwMjEzWhcNMjUwODI0MTMwMjEzWjAzMTEwLwYDVQQD
Eyg5NDdiOWI4YWIwNzFkMzBmMmVmMzU1YThmYzA0MTYwYTYzYjY3M2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjb5TuMt5XRRwZo4xoQDVwi7+F6X
QCB3EPk/5UI3D4QxCGBXIiE9R0gMMAxqKg9njUnX3Eom6OLtoV9j4K9xdm3Y9uJl
wWdZ8Cvq6v9auwBrVtBqk7puXKg0YehVKztpvQtoZd0A5pzd8iiddOBCVUlgCtMJ
uETsDon+6zMfm0C+rjuOLFSwA3hwb4cQpMdI7pODLWYJxCBPo5y/463ZKhnkE5Xm
hnBolX2AEdKNAUpzlyN13yOXyvHikdAfzQ5+jn9BFnzprflG4eTKuQyABLzW9hXT
sySL4Re6A3Yrwj2lig/DbHjGozLLz/w2Dw43dPgJvX6ozkbkKZmwHUCHnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJR7m4qwcdMPLvNVqPwEFgpjtnPNMB8GA1UdIwQY
MBaAFLr80CJrefI95Hpq/eUUSxsp4otcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82YTEyY2UtYWZiYy00NTgzLTk3NzMt
YzE4MTM5NDdlMjMzLzEvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82YTEyY2UtYWZiYy00NTgzLTk3NzMtYzE4MTM5NDdlMjMz
LzEvdXZ6UUltdDU4ajNrZW1yOTVSUkxHeW5paTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhCGztNTS
XS7y8z+O/pXLKg0D/B6souroFbYS+qMQwAweLkk7jilMF/pBLlx4WbIi/co01y0C
+iderwMKc+14mSaYu0lxkN2FMf5U1TqbQHd70ig33n1GK+3njZVbMBlzApRoSLVc
328K2kpchZ6I5qs31nvo/LaDjzeKYTLGUPZlW1IddObg4tHV2Z7tt8z8AfEUyzsp
+gs0S1xlxTBSUpHSqVLtAmg/rotjpK07yyl3ejofMAgO3IIdNb9+qVgOsLeJbpS5
rzZ39HJxUDLJC8Lc4h1FTbGkVO90Rt1ZcaznBahvZjl8oa1maC7+48iQw1buk/YI
DsRCpnCQ6SLWSQ==
-----END CERTIFICATE-----