Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft
File:                     U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft (raw, json)
Hash identifier:          ltd4JJNOCTJVvzVjT29aS56O5AXJRK93hMoVBsv7AkY=
Subject key identifier:   ED:A6:90:DD:38:25:8C:D4:00:A0:CD:D5:71:86:B2:FE:46:5B:2E:49
Authority key identifier: 53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1
Certificate issuer:       /CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1
Certificate serial:       0198D5BBBC7334AAD6320C7E063DB99F492D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 07:01:47 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:47 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:47 +0000
Files and hashes:         1: U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl (hash: EIs+ghp4PoRj4AseO5yL/Ss+QpSfidSPPgWu+ZEKY0A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:bc:73:34:aa:d6:32:0c:7e:06:3d:b9:9f:49:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1
        Validity
            Not Before: Aug 23 07:01:47 2025 GMT
            Not After : Aug 24 07:01:47 2025 GMT
        Subject: CN=eda690dd38258cd400a0cdd57186b2fe465b2e49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:1b:42:50:5a:3a:2e:60:af:2f:a0:84:6b:17:
                    c2:d3:72:3e:61:d4:3b:68:a8:82:98:48:79:49:66:
                    d0:f8:22:fc:00:64:8f:e5:78:0a:62:6c:f2:0c:62:
                    d9:bc:79:c2:30:89:84:f0:44:e7:d4:91:07:c2:12:
                    eb:6b:af:eb:bf:9f:73:34:6e:08:e1:66:f2:34:2e:
                    4b:07:fc:d2:59:7e:54:db:b4:3d:fa:0f:a4:d1:5d:
                    ed:4e:7f:44:e4:ac:fb:47:50:9e:f5:c4:7d:d4:bf:
                    df:16:77:a2:c2:5f:f3:0d:61:3b:d8:6c:ad:f3:27:
                    4e:66:8a:5f:ac:a0:f2:39:03:56:f2:3e:69:b9:32:
                    55:b9:3a:67:d5:3d:ba:83:64:a7:b2:37:4a:42:f8:
                    1e:30:c6:e5:2a:02:22:c3:fc:57:99:3e:38:97:c3:
                    6a:18:99:a1:56:bf:5b:55:37:0d:c9:23:c7:81:90:
                    9c:25:2a:a4:25:be:13:0d:e3:c7:4b:3e:7f:8b:68:
                    9f:1a:b6:72:5a:b8:53:27:81:3a:4e:2e:8c:23:30:
                    f0:b9:0a:58:ec:9c:5b:f4:67:1a:53:17:23:5d:65:
                    46:68:7b:37:b4:8f:6b:dd:66:73:29:a2:39:86:15:
                    9d:28:0d:35:ff:30:c7:1b:0a:b2:8a:ae:29:5a:55:
                    5c:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:A6:90:DD:38:25:8C:D4:00:A0:CD:D5:71:86:B2:FE:46:5B:2E:49
            X509v3 Authority Key Identifier:
                keyid:53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:b7:4c:19:9d:43:95:60:3f:60:5c:d6:72:0e:eb:c8:7c:a9:
         7a:ae:70:b2:60:7b:24:2f:c8:f6:18:7d:e1:2f:12:1a:8d:fe:
         f9:54:25:e3:67:ce:1e:66:fe:03:88:0b:ca:3d:ca:0e:f8:99:
         f8:8e:ff:c1:eb:78:9d:19:af:1f:ce:7e:4f:b6:e0:dc:aa:af:
         8d:5b:ec:4b:6b:22:44:8c:cb:21:ac:95:4a:bf:2f:4f:33:6e:
         18:36:f2:d3:e7:b7:80:a1:c0:40:7f:ec:e2:8e:13:8e:59:5f:
         1a:49:b3:bf:5c:8b:4b:7b:4e:14:07:fc:28:3c:36:02:c4:0a:
         36:a0:1e:48:66:ce:79:f5:58:31:3c:07:d4:bb:f5:49:24:0c:
         59:ad:9f:80:65:a7:08:e1:af:22:5f:fe:34:30:bd:1c:92:6f:
         47:43:0c:7d:c8:72:2c:a2:22:ce:e3:4c:57:08:51:05:0a:a5:
         9c:82:a7:a0:57:08:fa:b1:36:88:6b:dd:e1:5e:5f:74:dd:df:
         cb:28:71:f3:da:d7:e2:91:10:26:b6:ba:37:45:cf:48:5b:0d:
         40:ad:ea:37:52:45:ee:c2:fe:5e:be:c3:46:5d:fc:52:ea:37:
         76:ca:06:f1:56:3f:b7:ea:39:df:55:a1:de:47:c9:ea:1f:d1:
         4b:6c:09:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu7xzNKrWMgx+Bj25n0ktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNjU4M2RlODM2ZmNjMjhlNzBiZjY2ZWFkYjhkMzhmM2Y2
NGY0ZTEwHhcNMjUwODIzMDcwMTQ3WhcNMjUwODI0MDcwMTQ3WjAzMTEwLwYDVQQD
EyhlZGE2OTBkZDM4MjU4Y2Q0MDBhMGNkZDU3MTg2YjJmZTQ2NWIyZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhtCUFo6LmCvL6CEaxfC03I+YdQ7
aKiCmEh5SWbQ+CL8AGSP5XgKYmzyDGLZvHnCMImE8ETn1JEHwhLra6/rv59zNG4I
4WbyNC5LB/zSWX5U27Q9+g+k0V3tTn9E5Kz7R1Ce9cR91L/fFneiwl/zDWE72Gyt
8ydOZopfrKDyOQNW8j5puTJVuTpn1T26g2SnsjdKQvgeMMblKgIiw/xXmT44l8Nq
GJmhVr9bVTcNySPHgZCcJSqkJb4TDePHSz5/i2ifGrZyWrhTJ4E6Ti6MIzDwuQpY
7Jxb9GcaUxcjXWVGaHs3tI9r3WZzKaI5hhWdKA01/zDHGwqyiq4pWlVcHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2mkN04JYzUAKDN1XGGsv5GWy5JMB8GA1UdIwQY
MBaAFFNlg96Db8wo5wv2bq24048/ZPThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2Et
ODJhNjk5MGRmMzhkLzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2EtODJhNjk5MGRmMzhk
LzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOrdMGZ1D
lWA/YFzWcg7ryHypeq5wsmB7JC/I9hh94S8SGo3++VQl42fOHmb+A4gLyj3KDviZ
+I7/wet4nRmvH85+T7bg3KqvjVvsS2siRIzLIayVSr8vTzNuGDby0+e3gKHAQH/s
4o4TjllfGkmzv1yLS3tOFAf8KDw2AsQKNqAeSGbOefVYMTwH1Lv1SSQMWa2fgGWn
COGvIl/+NDC9HJJvR0MMfchyLKIizuNMVwhRBQqlnIKnoFcI+rE2iGvd4V5fdN3f
yyhx89rX4pEQJra6N0XPSFsNQK3qN1JF7sL+Xr7DRl38Uuo3dsoG8VY/t+o531Wh
3kfJ6h/RS2wJew==
-----END CERTIFICATE-----