Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft
File:                     U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft (raw, json)
Hash identifier:          w0sbD/iO+NHXB/9ORdBnSiVJ0Iev/7UAsNJjruufmoc=
Subject key identifier:   2A:7A:3F:BD:34:18:27:F1:FC:9A:71:9E:15:08:60:4B:8D:E4:91:3C
Authority key identifier: 53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1
Certificate issuer:       /CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1
Certificate serial:       019A04ED1196B0451A3D7C83C40264FE1003
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft
Manifest number:          16E4
Signing time:             Tue 21 Oct 2025 04:00:36 +0000
Manifest this update:     Tue 21 Oct 2025 04:00:36 +0000
Manifest next update:     Wed 22 Oct 2025 04:00:36 +0000
Files and hashes:         1: U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl (hash: KhuVOtKpRMh52anpRVc+oBVgA2FCkuqyR4aQt6qOJ50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 Oct 2025 04:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:04:ed:11:96:b0:45:1a:3d:7c:83:c4:02:64:fe:10:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1
        Validity
            Not Before: Oct 21 04:00:36 2025 GMT
            Not After : Oct 22 04:00:36 2025 GMT
        Subject: CN=2a7a3fbd341827f1fc9a719e1508604b8de4913c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e4:00:4f:db:8c:69:7e:58:b0:3b:51:a6:99:
                    e9:74:95:d6:3e:08:6c:c2:a6:5e:3e:29:f8:f4:99:
                    32:fe:cc:bb:40:8d:46:bc:41:09:c8:0f:b2:c6:1e:
                    11:95:4b:06:66:08:ca:b9:df:fd:61:f6:9c:31:8a:
                    c9:46:67:cc:76:3a:d3:6a:96:df:9a:0f:98:d8:9a:
                    d7:8e:91:be:b2:18:fc:53:2d:1d:d7:b2:e9:2e:ef:
                    5f:d3:86:ba:51:ff:50:74:f4:d5:af:94:f5:ca:90:
                    cc:d6:19:eb:cb:0f:99:fa:28:b4:e3:4c:31:d1:fe:
                    c3:82:9c:56:49:cd:b2:b2:08:21:9c:98:03:26:7f:
                    db:a5:a6:0e:c4:55:29:65:63:17:f9:5d:73:e8:ed:
                    91:b4:01:c4:66:2e:f1:ad:db:5b:e2:81:b0:42:de:
                    6e:10:c5:6e:c5:92:dc:9a:73:90:e3:19:90:67:eb:
                    3a:89:41:3f:e0:9f:00:18:d0:45:c6:19:c3:8e:80:
                    53:d2:13:93:61:ad:b6:75:f4:4f:67:71:dc:0d:34:
                    fc:0d:8e:f7:b9:80:45:dd:12:4d:f6:3a:4f:f2:af:
                    43:89:c9:a6:b2:1c:38:c0:14:0b:44:a0:c2:6d:e5:
                    98:60:d1:fa:3b:6e:4d:66:c4:d8:d3:86:ec:9d:36:
                    b0:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:7A:3F:BD:34:18:27:F1:FC:9A:71:9E:15:08:60:4B:8D:E4:91:3C
            X509v3 Authority Key Identifier:
                keyid:53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:00:2f:8c:6f:71:fc:e3:a5:ee:2e:bd:2b:8b:3f:5c:ad:c6:
         00:62:14:db:1e:d0:7a:08:96:98:ff:80:6b:7a:2f:c3:b0:1c:
         cb:57:6c:6d:70:91:6a:86:b4:00:24:c2:92:15:b0:77:b5:19:
         2f:88:3d:6a:6b:49:bb:29:95:fb:b8:77:13:44:3a:52:fb:03:
         7f:fc:2e:7e:30:84:c2:4b:27:ad:e5:80:b3:0f:91:29:45:e8:
         22:a0:2c:7e:d1:1d:a2:d1:ac:ee:a1:17:7c:3e:2c:43:f2:ab:
         bf:29:03:60:3a:9f:10:d6:f4:62:f6:0a:df:13:d2:85:98:ea:
         10:70:1c:de:a4:f8:13:ac:91:6d:8b:a5:ad:04:50:87:ea:27:
         ca:df:10:43:00:ef:54:04:61:de:2f:dc:07:3a:6a:80:21:0c:
         6c:ae:9d:eb:52:34:d8:46:53:7e:56:cf:ed:8b:e3:da:ed:db:
         63:76:8a:3e:aa:bf:31:0e:f2:f2:1e:c4:c9:3e:22:ac:b7:f7:
         ef:11:cc:53:d3:a2:b1:ca:f9:7e:6d:63:54:78:2d:11:80:a1:
         5f:ae:3f:21:96:e0:9f:f4:c6:02:7e:2a:4a:7d:94:26:32:3b:
         01:7e:60:b2:0d:08:52:88:35:30:bb:a3:38:89:ef:01:3d:4f:
         ed:f7:60:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoE7RGWsEUaPXyDxAJk/hADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNjU4M2RlODM2ZmNjMjhlNzBiZjY2ZWFkYjhkMzhmM2Y2
NGY0ZTEwHhcNMjUxMDIxMDQwMDM2WhcNMjUxMDIyMDQwMDM2WjAzMTEwLwYDVQQD
EygyYTdhM2ZiZDM0MTgyN2YxZmM5YTcxOWUxNTA4NjA0YjhkZTQ5MTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+QAT9uMaX5YsDtRppnpdJXWPghs
wqZePin49Jky/sy7QI1GvEEJyA+yxh4RlUsGZgjKud/9YfacMYrJRmfMdjrTapbf
mg+Y2JrXjpG+shj8Uy0d17LpLu9f04a6Uf9QdPTVr5T1ypDM1hnryw+Z+ii040wx
0f7DgpxWSc2ysgghnJgDJn/bpaYOxFUpZWMX+V1z6O2RtAHEZi7xrdtb4oGwQt5u
EMVuxZLcmnOQ4xmQZ+s6iUE/4J8AGNBFxhnDjoBT0hOTYa22dfRPZ3HcDTT8DY73
uYBF3RJN9jpP8q9Dicmmshw4wBQLRKDCbeWYYNH6O25NZsTY04bsnTaw6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCp6P700GCfx/JpxnhUIYEuN5JE8MB8GA1UdIwQY
MBaAFFNlg96Db8wo5wv2bq24048/ZPThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2Et
ODJhNjk5MGRmMzhkLzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2EtODJhNjk5MGRmMzhk
LzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwAvjG9x
/OOl7i69K4s/XK3GAGIU2x7QegiWmP+Aa3ovw7Acy1dsbXCRaoa0ACTCkhWwd7UZ
L4g9amtJuymV+7h3E0Q6UvsDf/wufjCEwksnreWAsw+RKUXoIqAsftEdotGs7qEX
fD4sQ/KrvykDYDqfENb0YvYK3xPShZjqEHAc3qT4E6yRbYulrQRQh+onyt8QQwDv
VARh3i/cBzpqgCEMbK6d61I02EZTflbP7Yvj2u3bY3aKPqq/MQ7y8h7EyT4irLf3
7xHMU9Oiscr5fm1jVHgtEYChX64/IZbgn/TGAn4qSn2UJjI7AX5gsg0IUog1MLuj
OInvAT1P7fdgIg==
-----END CERTIFICATE-----