Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          QOPlmOlB7Lj4WR3wbRzDoC59U0f3Ns93RtQwqsMaIQ0=
Subject key identifier:   62:3E:DA:97:3D:13:E5:B9:62:FC:80:83:83:89:6B:60:68:42:67:6C
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       0199FBEAE64AC7289571B61BCEC98037E417
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:39 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: pNUnmFfLpN/BJDsZR9LtrxIqFyoTFAeu6O+HQZWTMTE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:e6:4a:c7:28:95:71:b6:1b:ce:c9:80:37:e4:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Oct 19 10:01:39 2025 GMT
            Not After : Oct 20 10:01:39 2025 GMT
        Subject: CN=623eda973d13e5b962fc808383896b606842676c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:e8:9f:6f:d2:88:92:9d:49:28:7d:22:07:0c:
                    d6:7f:f5:8d:81:a0:d1:3c:97:9c:a2:b0:99:5d:be:
                    bd:ca:d9:c5:62:71:9f:86:56:7e:c7:52:24:59:1a:
                    0e:f2:9a:07:96:e1:9b:27:51:4e:48:34:92:17:b8:
                    36:d4:c0:91:c8:b6:c2:45:2f:10:01:d8:38:80:e0:
                    ff:b2:f7:d0:a8:93:90:ec:54:44:22:22:49:44:1c:
                    c6:4d:ff:55:7f:ed:3a:7a:06:fd:27:ae:8c:3a:7e:
                    ad:c4:ca:7d:83:eb:68:d9:c7:95:29:b9:d8:10:e0:
                    78:5a:6a:53:57:89:0d:ab:a6:45:a3:b8:a7:77:18:
                    89:b0:5d:46:09:d7:a6:a9:c6:d8:ed:37:96:17:16:
                    8d:0f:84:e8:c2:54:27:2c:7e:ff:38:a7:94:c5:f9:
                    a2:23:5e:71:54:0c:5e:ce:c2:7f:04:d8:67:ac:98:
                    2b:8d:05:af:39:02:d9:10:44:ff:97:03:f0:43:2a:
                    46:db:b0:8e:8c:16:68:9a:6c:92:90:0c:49:c7:70:
                    18:01:8d:cc:c7:e4:07:fc:29:1b:ae:82:76:83:b5:
                    6a:4c:7c:8d:21:d0:7c:c0:e0:79:ba:9c:44:cb:4e:
                    b9:70:17:94:21:d7:40:b5:56:4c:62:84:c0:b6:8e:
                    85:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:3E:DA:97:3D:13:E5:B9:62:FC:80:83:83:89:6B:60:68:42:67:6C
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:ed:e0:16:e8:17:1d:52:3a:6e:11:27:c7:b9:71:42:e5:b6:
         ff:b1:22:e2:07:ae:33:50:9f:af:8a:af:bd:f2:bf:e8:d1:3d:
         27:02:f9:d4:ad:5c:a3:d9:bc:e5:1d:ad:3d:42:9f:20:de:5f:
         d9:c8:a2:30:bf:23:8c:50:45:4d:64:57:19:ec:e5:bd:17:6e:
         19:d6:73:da:2e:b7:2a:b3:f6:bb:8b:06:94:23:16:9f:44:00:
         46:33:a3:27:8d:0d:c3:3e:ff:55:40:b6:b1:4c:b4:fe:29:c5:
         71:bf:91:d9:f3:ca:ab:41:39:3c:4e:05:f7:e7:c7:86:6e:ea:
         5a:53:f1:b3:6a:09:ba:e5:dd:bb:df:b4:c5:0d:b9:36:42:7f:
         e2:20:e9:48:4a:60:01:c0:70:ad:a8:1e:d8:e3:cd:a7:73:7b:
         7d:7a:b7:1f:91:44:18:09:8f:1e:87:1d:ec:d6:20:1e:63:2d:
         37:2f:36:72:3f:ec:2a:29:a4:74:5c:28:6d:31:37:57:cf:f5:
         6b:5a:b9:af:95:9d:de:15:ad:04:43:ca:8b:8e:c5:b3:39:e1:
         6a:eb:f7:0d:34:d9:ee:07:f1:20:dd:8c:4a:26:45:da:ad:0a:
         7d:cf:c2:9d:90:f6:24:fa:39:a1:ef:86:ec:6e:57:43:61:38:
         93:4b:27:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76uZKxyiVcbYbzsmAN+QXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjUxMDE5MTAwMTM5WhcNMjUxMDIwMTAwMTM5WjAzMTEwLwYDVQQD
Eyg2MjNlZGE5NzNkMTNlNWI5NjJmYzgwODM4Mzg5NmI2MDY4NDI2NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Oifb9KIkp1JKH0iBwzWf/WNgaDR
PJecorCZXb69ytnFYnGfhlZ+x1IkWRoO8poHluGbJ1FOSDSSF7g21MCRyLbCRS8Q
Adg4gOD/svfQqJOQ7FREIiJJRBzGTf9Vf+06egb9J66MOn6txMp9g+to2ceVKbnY
EOB4WmpTV4kNq6ZFo7indxiJsF1GCdemqcbY7TeWFxaND4TowlQnLH7/OKeUxfmi
I15xVAxezsJ/BNhnrJgrjQWvOQLZEET/lwPwQypG27COjBZommySkAxJx3AYAY3M
x+QH/CkbroJ2g7VqTHyNIdB8wOB5upxEy065cBeUIddAtVZMYoTAto6FvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGI+2pc9E+W5YvyAg4OJa2BoQmdsMB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS+3gFugX
HVI6bhEnx7lxQuW2/7Ei4geuM1Cfr4qvvfK/6NE9JwL51K1co9m85R2tPUKfIN5f
2ciiML8jjFBFTWRXGezlvRduGdZz2i63KrP2u4sGlCMWn0QARjOjJ40Nwz7/VUC2
sUy0/inFcb+R2fPKq0E5PE4F9+fHhm7qWlPxs2oJuuXdu9+0xQ25NkJ/4iDpSEpg
AcBwrage2OPNp3N7fXq3H5FEGAmPHocd7NYgHmMtNy82cj/sKimkdFwobTE3V8/1
a1q5r5Wd3hWtBEPKi47Fsznhauv3DTTZ7gfxIN2MSiZF2q0Kfc/CnZD2JPo5oe+G
7G5XQ2E4k0snEA==
-----END CERTIFICATE-----