Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
File:                     UfsmDqHIG4GxkdCujcNkESHp65Y.mft (raw, json)
Hash identifier:          l8POvlApuQ5Uco18QScsrGuCrbQeMxE71VwWQzdnEYU=
Subject key identifier:   C7:BC:B8:C2:A8:C3:40:C3:15:62:BC:59:EC:BC:2E:4B:B2:12:CC:F9
Authority key identifier: 51:FB:26:0E:A1:C8:1B:81:B1:91:D0:AE:8D:C3:64:11:21:E9:EB:96
Certificate issuer:       /CN=51fb260ea1c81b81b191d0ae8dc3641121e9eb96
Certificate serial:       019A4DAA6685F1BB52534BDC4EE5B9823259
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
Manifest number:          06AE
Signing time:             Tue 04 Nov 2025 07:00:04 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:04 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:04 +0000
Files and hashes:         1: UfsmDqHIG4GxkdCujcNkESHp65Y.crl (hash: u6r1a4kLbTpEewxAhUibs/gNQz+0rooehYEEQd7s2sY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:66:85:f1:bb:52:53:4b:dc:4e:e5:b9:82:32:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51fb260ea1c81b81b191d0ae8dc3641121e9eb96
        Validity
            Not Before: Nov  4 07:00:04 2025 GMT
            Not After : Nov  5 07:00:04 2025 GMT
        Subject: CN=c7bcb8c2a8c340c31562bc59ecbc2e4bb212ccf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c2:e9:70:52:94:dd:f5:c3:a3:45:46:a7:d1:
                    df:07:a6:7a:37:ae:31:48:ce:e5:30:d7:36:f5:55:
                    f7:59:b4:b7:ff:8e:d9:71:17:0d:c1:54:dd:e2:a3:
                    79:eb:19:c2:5f:2a:6b:b5:cd:db:4f:60:64:89:82:
                    34:5d:ea:69:c8:d8:08:90:fb:f3:c3:5f:e2:7b:c8:
                    ad:a9:60:fd:e3:81:a1:18:88:d2:b9:e9:5c:8c:c3:
                    56:4e:37:91:c1:d6:c3:0d:f3:a1:90:d5:96:a5:03:
                    91:1a:68:82:0c:32:8b:78:65:be:3e:6f:37:c5:f4:
                    82:0b:62:ab:9e:ed:97:37:cc:ff:a0:f9:f3:12:92:
                    07:79:97:b3:48:8c:c8:75:08:17:ab:c3:57:b8:ca:
                    81:57:88:fe:b6:28:9c:ec:9c:40:4d:c1:21:1a:49:
                    78:43:d4:af:60:e6:53:5e:c3:cb:97:0f:35:d0:0a:
                    ad:cd:10:46:5e:2d:e6:b0:92:c1:c8:e3:93:60:a5:
                    c0:2e:bc:2d:64:64:23:66:5d:27:76:56:46:97:b6:
                    b6:d2:f2:da:9b:0a:0b:02:bb:af:19:b3:3a:2e:f9:
                    55:64:7a:d4:66:8c:4c:1b:ce:a8:1c:c9:85:04:99:
                    3b:39:9b:16:b6:a2:a9:01:09:04:99:78:42:30:a6:
                    3c:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:BC:B8:C2:A8:C3:40:C3:15:62:BC:59:EC:BC:2E:4B:B2:12:CC:F9
            X509v3 Authority Key Identifier:
                keyid:51:FB:26:0E:A1:C8:1B:81:B1:91:D0:AE:8D:C3:64:11:21:E9:EB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UfsmDqHIG4GxkdCujcNkESHp65Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4f5e7b-14e7-44bc-8d5d-d2957453b844/1/UfsmDqHIG4GxkdCujcNkESHp65Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:46:b6:c8:f1:d6:6e:3a:f4:cb:33:11:df:7d:25:6e:d6:6c:
         8a:04:a6:f0:73:06:aa:2b:73:97:e8:b5:05:9d:5f:e1:5f:09:
         04:46:90:f2:27:1b:1d:1d:0d:31:fb:ef:6a:27:31:bc:d2:19:
         7c:a3:7f:f7:b6:08:83:3a:97:df:23:56:9f:4b:78:36:59:12:
         cf:e4:cf:4b:42:c8:72:bb:cf:b3:6c:ab:6a:55:99:fa:d1:87:
         4f:73:23:71:b0:b6:b1:b1:01:09:29:4d:56:36:cd:f2:e2:cb:
         ef:c6:ff:2e:a1:9a:85:29:64:c3:ea:bf:93:70:fd:87:0d:e4:
         c7:1d:0c:a9:e5:dd:3d:7b:ec:6e:8a:34:61:b3:42:dc:a0:df:
         ac:b7:ab:55:ff:29:84:ff:03:ad:17:a6:44:73:89:f4:35:d1:
         a5:57:47:74:47:eb:30:90:8e:dd:69:7b:ac:43:89:51:57:0b:
         7e:ec:fe:71:6a:81:b5:c8:df:36:a9:fb:1d:37:5d:d1:f2:a0:
         e5:96:1c:0c:2e:b7:55:65:c7:83:dd:24:81:22:6a:a8:2b:47:
         06:69:88:41:8b:2f:26:03:09:8e:5f:b0:b5:3b:35:ab:90:09:
         06:77:22:70:1b:ed:8d:2c:17:26:85:2b:77:77:8a:7c:76:9e:
         60:2e:21:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqmaF8btSU0vcTuW5gjJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZmIyNjBlYTFjODFiODFiMTkxZDBhZThkYzM2NDExMjFl
OWViOTYwHhcNMjUxMTA0MDcwMDA0WhcNMjUxMTA1MDcwMDA0WjAzMTEwLwYDVQQD
EyhjN2JjYjhjMmE4YzM0MGMzMTU2MmJjNTllY2JjMmU0YmIyMTJjY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcLpcFKU3fXDo0VGp9HfB6Z6N64x
SM7lMNc29VX3WbS3/47ZcRcNwVTd4qN56xnCXyprtc3bT2BkiYI0XeppyNgIkPvz
w1/ie8itqWD944GhGIjSuelcjMNWTjeRwdbDDfOhkNWWpQORGmiCDDKLeGW+Pm83
xfSCC2Krnu2XN8z/oPnzEpIHeZezSIzIdQgXq8NXuMqBV4j+tiic7JxATcEhGkl4
Q9SvYOZTXsPLlw810AqtzRBGXi3msJLByOOTYKXALrwtZGQjZl0ndlZGl7a20vLa
mwoLAruvGbM6LvlVZHrUZoxMG86oHMmFBJk7OZsWtqKpAQkEmXhCMKY8lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMe8uMKow0DDFWK8Wey8LkuyEsz5MB8GA1UdIwQY
MBaAFFH7Jg6hyBuBsZHQro3DZBEh6euWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80ZjVlN2ItMTRlNy00NGJjLThkNWQt
ZDI5NTc0NTNiODQ0LzEvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80ZjVlN2ItMTRlNy00NGJjLThkNWQtZDI5NTc0NTNiODQ0
LzEvVWZzbURxSElHNEd4a2RDdWpjTmtFU0hwNjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV0a2yPHW
bjr0yzMR330lbtZsigSm8HMGqitzl+i1BZ1f4V8JBEaQ8icbHR0NMfvvaicxvNIZ
fKN/97YIgzqX3yNWn0t4NlkSz+TPS0LIcrvPs2yralWZ+tGHT3MjcbC2sbEBCSlN
VjbN8uLL78b/LqGahSlkw+q/k3D9hw3kxx0MqeXdPXvsboo0YbNC3KDfrLerVf8p
hP8DrRemRHOJ9DXRpVdHdEfrMJCO3Wl7rEOJUVcLfuz+cWqBtcjfNqn7HTdd0fKg
5ZYcDC63VWXHg90kgSJqqCtHBmmIQYsvJgMJjl+wtTs1q5AJBncicBvtjSwXJoUr
d3eKfHaeYC4hew==
-----END CERTIFICATE-----