Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
File:                     uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft (raw, json)
Hash identifier:          YX+vKbyYwUZ2Mh8vXtNcVC5qTPGSFnq35kGJgGAc3/k=
Subject key identifier:   2D:6A:B0:AB:ED:E4:33:66:11:E7:84:A2:20:29:20:55:86:FB:E6:6A
Authority key identifier: B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D
Certificate issuer:       /CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
Certificate serial:       0199FBEBF4001E6B4C2B208FE6BDFEAE1F6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
Manifest number:          1048
Signing time:             Sun 19 Oct 2025 10:02:48 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:48 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:48 +0000
Files and hashes:         1: uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl (hash: xCG70XMiMTvt/3UIh2p4ub862R/k7LWjYlMJ3mjIdZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:f4:00:1e:6b:4c:2b:20:8f:e6:bd:fe:ae:1f:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
        Validity
            Not Before: Oct 19 10:02:48 2025 GMT
            Not After : Oct 20 10:02:48 2025 GMT
        Subject: CN=2d6ab0abede4336611e784a22029205586fbe66a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:cb:f1:64:21:af:52:38:47:68:2c:39:8c:51:
                    7a:3d:0e:33:cc:13:33:4b:a0:68:ae:7c:00:81:62:
                    7e:05:fe:29:88:c6:f0:96:c5:92:a3:18:a2:b1:d2:
                    e1:5c:83:35:fc:9d:13:b2:89:23:f3:10:bc:ee:be:
                    93:63:a4:74:9e:8a:35:90:20:b3:3c:01:e2:ae:cd:
                    c6:60:e0:3f:1e:73:be:34:85:44:47:e2:64:90:ad:
                    87:98:ef:f1:e7:51:af:5d:c1:b9:e1:ae:ed:e1:0d:
                    a2:6f:b4:18:a4:bc:62:00:d0:36:59:55:6f:57:98:
                    63:9a:22:d3:c6:4c:10:5a:87:5c:8b:b5:35:42:58:
                    f4:e3:51:83:99:e9:48:83:6b:b3:0f:d3:57:a3:d2:
                    d8:d0:82:a9:d9:93:a7:3f:4a:ae:45:6e:cd:49:24:
                    55:6f:88:29:7c:a3:15:34:9d:b7:25:64:95:f2:61:
                    91:a0:97:7c:b2:0f:29:6f:69:03:b6:a4:4f:eb:d7:
                    04:9a:ab:d4:14:34:cd:f3:91:f3:33:e2:bd:dc:89:
                    75:c3:5d:5c:ac:ab:e8:be:be:9e:de:d9:a6:e2:9c:
                    4e:0f:71:de:47:c6:cc:41:28:65:c9:84:49:9e:cf:
                    f6:ec:e2:5b:e8:48:ef:92:5e:8b:15:4d:b3:d2:51:
                    2a:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:6A:B0:AB:ED:E4:33:66:11:E7:84:A2:20:29:20:55:86:FB:E6:6A
            X509v3 Authority Key Identifier:
                keyid:B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:dc:15:6a:db:6a:37:7c:03:86:5b:4d:5f:97:6b:57:8e:7b:
         b0:ca:30:1a:b0:c6:b0:6e:54:0b:1e:ee:57:93:fd:02:ee:1c:
         cb:85:b2:61:6c:33:82:d3:3d:03:ee:9b:00:6a:7c:9c:a8:b4:
         da:94:59:90:17:c3:7b:ff:7a:39:18:6c:ae:71:1f:87:57:77:
         c7:20:ef:fe:75:72:c5:3b:7f:5e:16:74:55:aa:8b:9f:06:2b:
         eb:ae:d6:50:ce:4c:29:c8:48:1f:ba:15:7b:bd:e8:5d:04:49:
         a6:70:b3:b5:f8:b0:a0:3f:d1:f1:3c:b6:78:60:7c:87:fc:15:
         9c:0e:84:1e:ba:e1:93:e0:26:47:e8:54:93:46:dd:62:88:d2:
         0f:f9:d9:57:e8:31:c2:e4:57:5c:14:8e:43:77:ab:90:30:e9:
         b6:82:fe:8c:42:f3:e5:fc:bf:90:47:83:5f:ee:3b:20:0c:26:
         3f:e7:27:df:8e:e7:f2:8e:b6:1f:fd:c1:10:81:9c:c3:6e:33:
         0c:57:b7:d5:f9:0a:31:fe:d3:29:60:cf:fa:17:24:47:f0:ed:
         bc:de:ca:3d:6f:4e:c7:a3:b8:29:04:cb:7e:3b:46:d7:38:2d:
         86:ef:68:64:15:5d:2b:cb:1e:21:0c:f4:ee:c6:b1:da:62:66:
         b6:6e:ea:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76/QAHmtMKyCP5r3+rh9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4OGZmODZjNDcxN2UwZTM2NmYyOTBjZDBkNjI4YWZjNDZh
MzhmMGQwHhcNMjUxMDE5MTAwMjQ4WhcNMjUxMDIwMTAwMjQ4WjAzMTEwLwYDVQQD
EygyZDZhYjBhYmVkZTQzMzY2MTFlNzg0YTIyMDI5MjA1NTg2ZmJlNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksvxZCGvUjhHaCw5jFF6PQ4zzBMz
S6BornwAgWJ+Bf4piMbwlsWSoxiisdLhXIM1/J0Tsokj8xC87r6TY6R0noo1kCCz
PAHirs3GYOA/HnO+NIVER+JkkK2HmO/x51GvXcG54a7t4Q2ib7QYpLxiANA2WVVv
V5hjmiLTxkwQWodci7U1Qlj041GDmelIg2uzD9NXo9LY0IKp2ZOnP0quRW7NSSRV
b4gpfKMVNJ23JWSV8mGRoJd8sg8pb2kDtqRP69cEmqvUFDTN85HzM+K93Il1w11c
rKvovr6e3tmm4pxOD3HeR8bMQShlyYRJns/27OJb6Ejvkl6LFU2z0lEqNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1qsKvt5DNmEeeEoiApIFWG++ZqMB8GA1UdIwQY
MBaAFLiP+GxHF+DjZvKQzQ1iivxGo48NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAt
MTkxZDUzNGM5N2I5LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAtMTkxZDUzNGM5N2I5
LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAONwVattq
N3wDhltNX5drV457sMowGrDGsG5UCx7uV5P9Au4cy4WyYWwzgtM9A+6bAGp8nKi0
2pRZkBfDe/96ORhsrnEfh1d3xyDv/nVyxTt/XhZ0VaqLnwYr667WUM5MKchIH7oV
e73oXQRJpnCztfiwoD/R8Ty2eGB8h/wVnA6EHrrhk+AmR+hUk0bdYojSD/nZV+gx
wuRXXBSOQ3erkDDptoL+jELz5fy/kEeDX+47IAwmP+cn347n8o62H/3BEIGcw24z
DFe31fkKMf7TKWDP+hckR/DtvN7KPW9Ox6O4KQTLfjtG1zgthu9oZBVdK8seIQz0
7sax2mJmtm7qdQ==
-----END CERTIFICATE-----