Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
File:                     U3YJ5EhhINufF7bT10v4VfJxV18.mft (raw, json)
Hash identifier:          RXLVUS7Auhq4ZCPpFT7CWecqLZKjU7Oft+IdAAS2a80=
Subject key identifier:   72:40:AC:5C:E8:17:38:C7:87:29:AF:6C:C3:21:21:EC:2F:A0:B3:1E
Authority key identifier: 53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F
Certificate issuer:       /CN=537609e4486120db9f17b6d3d74bf855f271575f
Certificate serial:       0199FFC72E14AD10CB6FBECE6EC4E3B7C5D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
Manifest number:          0D62
Signing time:             Mon 20 Oct 2025 04:01:07 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:07 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:07 +0000
Files and hashes:         1: U3YJ5EhhINufF7bT10v4VfJxV18.crl (hash: zfR7D3B4BT6ZDr2A8+p+oy3LjvSFesfuLr2q/OxkNdg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:2e:14:ad:10:cb:6f:be:ce:6e:c4:e3:b7:c5:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537609e4486120db9f17b6d3d74bf855f271575f
        Validity
            Not Before: Oct 20 04:01:07 2025 GMT
            Not After : Oct 21 04:01:07 2025 GMT
        Subject: CN=7240ac5ce81738c78729af6cc32121ec2fa0b31e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e5:a1:eb:a8:57:d8:17:c6:7a:a6:8b:8f:16:
                    72:aa:79:d4:79:d2:d0:f2:4d:c2:36:4f:17:6b:c5:
                    fd:20:10:b7:35:d4:f8:c3:a6:86:b6:b7:7a:3b:bf:
                    a0:e3:4f:95:0d:94:52:3f:ac:f3:e8:b3:b7:90:7a:
                    2b:6c:8b:b2:92:67:ce:75:c2:59:86:0e:10:4c:f9:
                    50:f6:ec:17:43:8b:64:32:87:43:75:46:8f:6d:d0:
                    0a:ad:82:a1:3e:ec:eb:bb:e7:da:6c:be:0a:3a:45:
                    95:8e:1f:89:1e:83:ea:58:aa:2f:22:78:e5:bb:84:
                    98:42:85:33:89:ed:14:af:36:b2:bf:b0:5f:ee:85:
                    33:f1:da:78:9e:f8:20:7c:7d:1a:56:ec:2d:33:c1:
                    02:99:a3:ab:d8:41:7a:d9:21:92:2a:6d:85:5e:8a:
                    fd:47:46:5f:34:b2:fa:d8:e1:0e:27:64:c2:fe:d9:
                    00:fc:b9:b9:a5:74:af:dc:3e:84:17:e8:db:dc:e4:
                    7d:74:d3:c9:2d:97:a8:68:4b:35:d6:55:bf:15:96:
                    3e:2c:b9:16:ba:1b:b8:61:36:ce:5f:28:b7:90:bf:
                    84:aa:5c:40:25:03:e3:0c:29:e2:00:09:46:dd:83:
                    83:8d:34:da:f1:ba:96:c9:b0:e9:9d:09:ad:e6:c4:
                    f4:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:40:AC:5C:E8:17:38:C7:87:29:AF:6C:C3:21:21:EC:2F:A0:B3:1E
            X509v3 Authority Key Identifier:
                keyid:53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:cf:9f:f3:90:c5:3e:68:ff:28:52:60:f6:c9:a3:72:cf:cc:
         62:4e:d2:c1:99:21:9c:8a:e6:a0:24:23:35:67:35:c0:c6:ee:
         27:b8:f3:9b:1f:56:f8:4c:b9:93:68:2d:56:a2:26:f0:ee:5d:
         8d:0c:4b:43:f7:90:09:37:63:1f:d4:67:92:dc:de:c9:c8:0a:
         92:58:44:58:8c:78:7d:04:fc:42:2f:8c:43:bd:e9:10:96:5c:
         3e:30:75:2a:fe:55:63:5d:13:02:30:54:9f:0c:63:7d:8c:5b:
         38:bf:cc:cd:2d:e7:f0:bb:f9:9d:ef:70:0a:ea:51:1c:63:c9:
         76:c0:e1:bd:91:f4:fd:f7:d5:ff:14:28:e9:9a:49:81:d9:56:
         77:c6:02:3c:92:f6:58:25:9b:b1:fe:5d:b0:88:74:20:70:fe:
         75:3f:42:f1:0b:52:37:a5:7a:7b:0c:53:50:37:4e:ec:c6:46:
         aa:da:c1:ed:bb:c0:b8:b0:2f:f4:1a:64:d7:c1:ab:8d:11:60:
         a7:a3:a0:ae:4b:ff:6a:47:ef:85:e3:ac:30:80:1b:82:a1:a2:
         aa:e2:e0:62:b8:75:0f:b0:2b:e7:4d:af:49:d1:36:1d:d9:79:
         ef:ea:aa:03:88:df:02:4a:61:4d:de:80:fc:b8:3f:97:d2:ea:
         9f:f9:2a:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/xy4UrRDLb77ObsTjt8XUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzYwOWU0NDg2MTIwZGI5ZjE3YjZkM2Q3NGJmODU1ZjI3
MTU3NWYwHhcNMjUxMDIwMDQwMTA3WhcNMjUxMDIxMDQwMTA3WjAzMTEwLwYDVQQD
Eyg3MjQwYWM1Y2U4MTczOGM3ODcyOWFmNmNjMzIxMjFlYzJmYTBiMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveWh66hX2BfGeqaLjxZyqnnUedLQ
8k3CNk8Xa8X9IBC3NdT4w6aGtrd6O7+g40+VDZRSP6zz6LO3kHorbIuykmfOdcJZ
hg4QTPlQ9uwXQ4tkModDdUaPbdAKrYKhPuzru+fabL4KOkWVjh+JHoPqWKovInjl
u4SYQoUzie0Urzayv7Bf7oUz8dp4nvggfH0aVuwtM8ECmaOr2EF62SGSKm2FXor9
R0ZfNLL62OEOJ2TC/tkA/Lm5pXSv3D6EF+jb3OR9dNPJLZeoaEs11lW/FZY+LLkW
uhu4YTbOXyi3kL+EqlxAJQPjDCniAAlG3YODjTTa8bqWybDpnQmt5sT0VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJArFzoFzjHhymvbMMhIewvoLMeMB8GA1UdIwQY
MBaAFFN2CeRIYSDbnxe209dL+FXycVdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYt
ZDRkNDRiZDkxYWZlLzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYtZDRkNDRiZDkxYWZl
LzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd8+f85DF
Pmj/KFJg9smjcs/MYk7SwZkhnIrmoCQjNWc1wMbuJ7jzmx9W+Ey5k2gtVqIm8O5d
jQxLQ/eQCTdjH9RnktzeycgKklhEWIx4fQT8Qi+MQ73pEJZcPjB1Kv5VY10TAjBU
nwxjfYxbOL/MzS3n8Lv5ne9wCupRHGPJdsDhvZH0/ffV/xQo6ZpJgdlWd8YCPJL2
WCWbsf5dsIh0IHD+dT9C8QtSN6V6ewxTUDdO7MZGqtrB7bvAuLAv9Bpk18GrjRFg
p6Ogrkv/akfvheOsMIAbgqGiquLgYrh1D7Ar502vSdE2Hdl57+qqA4jfAkphTd6A
/Lg/l9Lqn/kqwA==
-----END CERTIFICATE-----