Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
File:                     UMrU5Xdbox7K4ibRBG89waEEgU0.mft (raw, json)
Hash identifier:          gZ7gp8ar3AY+ZtTvV3z01pFm/mr24UO2bYIW+Z9ffH8=
Subject key identifier:   2F:D2:74:70:25:98:13:E4:83:EE:52:08:34:8C:15:18:96:72:E8:B7
Authority key identifier: 50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D
Certificate issuer:       /CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
Certificate serial:       0198D5F1A996B3884802300B61EFA09EEFE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
Manifest number:          05DF
Signing time:             Sat 23 Aug 2025 08:00:41 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:41 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:41 +0000
Files and hashes:         1: UMrU5Xdbox7K4ibRBG89waEEgU0.crl (hash: 9bVZuVXAb6b/XLQPQNyqJS1d1RL23AqShzDxWsCZteA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:a9:96:b3:88:48:02:30:0b:61:ef:a0:9e:ef:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50cad4e5775ba31ecae226d1046f3dc1a104814d
        Validity
            Not Before: Aug 23 08:00:41 2025 GMT
            Not After : Aug 24 08:00:41 2025 GMT
        Subject: CN=2fd27470259813e483ee5208348c15189672e8b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b0:69:86:17:3c:1a:e3:9a:c3:9a:64:2e:96:
                    f0:33:d3:04:63:e0:91:55:5c:a5:c9:e8:c0:40:19:
                    b5:8c:a4:0a:30:cf:19:8e:4c:f4:7e:f4:57:11:1b:
                    36:7b:6b:63:f7:83:cb:9c:7d:84:7c:b3:6d:aa:57:
                    ce:cc:ec:4d:27:cb:b6:81:fc:d8:32:da:67:f0:a3:
                    c1:8f:bd:67:96:cb:c9:1d:fe:f2:79:32:17:0c:14:
                    df:66:f8:0f:8f:f6:10:ac:db:b4:39:c9:76:73:0f:
                    db:dd:d8:c6:e9:b3:57:47:c4:fc:f1:91:41:f8:44:
                    f3:ed:2d:5e:a0:82:f4:bb:8d:6e:be:03:10:6d:6f:
                    ec:3d:79:f6:ad:38:9e:34:3b:e8:ef:ad:48:8f:88:
                    c6:e5:5d:90:db:ca:3c:9f:6c:8a:ea:34:c0:fa:e8:
                    b1:c0:2b:55:53:27:f5:b4:a0:d5:c5:b3:3f:ac:dd:
                    ca:a7:e6:5c:ec:49:82:b6:ec:3e:ac:cc:54:4b:bd:
                    1d:7c:19:7c:b6:63:b4:30:d1:b2:ec:4a:38:59:13:
                    3f:9b:4a:d6:4e:21:d0:fd:ba:07:a2:31:e4:f8:40:
                    61:b3:0c:fd:a8:43:42:67:a1:65:46:dd:db:50:32:
                    31:f1:95:7b:f8:73:43:8e:73:4d:45:47:69:2b:7f:
                    79:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:D2:74:70:25:98:13:E4:83:EE:52:08:34:8C:15:18:96:72:E8:B7
            X509v3 Authority Key Identifier:
                keyid:50:CA:D4:E5:77:5B:A3:1E:CA:E2:26:D1:04:6F:3D:C1:A1:04:81:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMrU5Xdbox7K4ibRBG89waEEgU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/8a2085-a6c3-4fde-8dba-6639bca7a1b0/1/UMrU5Xdbox7K4ibRBG89waEEgU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:7b:a0:81:f4:d5:e3:44:5a:a5:16:2c:89:a9:ab:ab:51:4d:
         d7:b3:77:8a:96:a3:07:9b:43:57:93:46:8c:04:46:24:27:23:
         25:28:12:a7:76:29:28:13:b6:57:44:eb:ea:2b:37:0c:6a:ca:
         6c:e3:c9:8f:cb:df:0b:52:b2:45:57:d3:61:21:88:68:0f:91:
         a9:7d:5c:f3:80:c7:d5:1f:8c:3d:66:97:87:32:a7:92:6b:06:
         05:08:5c:05:e9:87:49:78:f2:52:a5:0a:be:5e:11:82:f9:22:
         89:32:5c:16:13:a0:16:38:13:45:5c:88:02:7e:87:04:35:04:
         84:56:a4:b8:6c:99:df:18:b3:e2:f1:a5:ce:43:39:8e:60:4a:
         1f:5a:9d:a9:be:da:6c:01:3a:9a:49:a2:e9:8d:90:49:47:ad:
         1b:0d:0e:52:2c:cc:7c:07:4e:93:8d:c1:0a:d3:79:5b:12:77:
         c9:02:10:e3:04:6b:9a:01:e0:c8:7d:d6:a1:a8:cc:14:4e:c1:
         12:5a:bc:92:85:30:ef:05:ad:9f:a6:90:fc:84:df:70:59:ed:
         9c:e7:8a:a5:9d:63:13:39:7a:17:7e:a3:e8:5f:34:9c:9e:31:
         5e:f7:67:52:fe:5f:6e:3e:ab:2b:0c:34:1b:a0:31:00:9d:fb:
         c3:27:e1:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8amWs4hIAjALYe+gnu/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwY2FkNGU1Nzc1YmEzMWVjYWUyMjZkMTA0NmYzZGMxYTEw
NDgxNGQwHhcNMjUwODIzMDgwMDQxWhcNMjUwODI0MDgwMDQxWjAzMTEwLwYDVQQD
EygyZmQyNzQ3MDI1OTgxM2U0ODNlZTUyMDgzNDhjMTUxODk2NzJlOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbBphhc8GuOaw5pkLpbwM9MEY+CR
VVylyejAQBm1jKQKMM8Zjkz0fvRXERs2e2tj94PLnH2EfLNtqlfOzOxNJ8u2gfzY
Mtpn8KPBj71nlsvJHf7yeTIXDBTfZvgPj/YQrNu0Ocl2cw/b3djG6bNXR8T88ZFB
+ETz7S1eoIL0u41uvgMQbW/sPXn2rTieNDvo761Ij4jG5V2Q28o8n2yK6jTA+uix
wCtVUyf1tKDVxbM/rN3Kp+Zc7EmCtuw+rMxUS70dfBl8tmO0MNGy7Eo4WRM/m0rW
TiHQ/boHojHk+EBhswz9qENCZ6FlRt3bUDIx8ZV7+HNDjnNNRUdpK395dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC/SdHAlmBPkg+5SCDSMFRiWcui3MB8GA1UdIwQY
MBaAFFDK1OV3W6MeyuIm0QRvPcGhBIFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEt
NjYzOWJjYTdhMWIwLzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC84YTIwODUtYTZjMy00ZmRlLThkYmEtNjYzOWJjYTdhMWIw
LzEvVU1yVTVYZGJveDdLNGliUkJHODl3YUVFZ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZnuggfTV
40RapRYsiamrq1FN17N3ipajB5tDV5NGjARGJCcjJSgSp3YpKBO2V0Tr6is3DGrK
bOPJj8vfC1KyRVfTYSGIaA+RqX1c84DH1R+MPWaXhzKnkmsGBQhcBemHSXjyUqUK
vl4RgvkiiTJcFhOgFjgTRVyIAn6HBDUEhFakuGyZ3xiz4vGlzkM5jmBKH1qdqb7a
bAE6mkmi6Y2QSUetGw0OUizMfAdOk43BCtN5WxJ3yQIQ4wRrmgHgyH3WoajMFE7B
Elq8koUw7wWtn6aQ/ITfcFntnOeKpZ1jEzl6F36j6F80nJ4xXvdnUv5fbj6rKww0
G6AxAJ37wyfhCA==
-----END CERTIFICATE-----