Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
File:                     UB7eLUfXfhQKl78pidqCpYdzyMA.mft (raw, json)
Hash identifier:          xB1i9R7FPZCpmQ0izA+yFguzqX1UoNjNjhF1JbyzvIk=
Subject key identifier:   29:F0:39:8A:41:68:7E:4F:1C:18:DA:A0:EC:EC:AB:7F:73:4F:9A:2C
Authority key identifier: 50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0
Certificate issuer:       /CN=501ede2d47d77e140a97bf2989da82a58773c8c0
Certificate serial:       019A4EF4E354B4FD41F64D4DA1A0A65777AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
Manifest number:          0DF2
Signing time:             Tue 04 Nov 2025 13:01:03 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:03 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:03 +0000
Files and hashes:         1: UB7eLUfXfhQKl78pidqCpYdzyMA.crl (hash: t6WYxmvVqrUxng7R/AhhTOfN/xkOe/lILleEg7fgURc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:e3:54:b4:fd:41:f6:4d:4d:a1:a0:a6:57:77:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=501ede2d47d77e140a97bf2989da82a58773c8c0
        Validity
            Not Before: Nov  4 13:01:03 2025 GMT
            Not After : Nov  5 13:01:03 2025 GMT
        Subject: CN=29f0398a41687e4f1c18daa0ececab7f734f9a2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:ee:fb:02:ba:5a:34:d0:68:c1:73:48:4e:80:
                    3c:12:0a:77:40:4a:22:62:8f:ca:ba:85:48:5d:8f:
                    78:48:1e:70:94:30:6e:b6:92:c2:da:75:a6:71:f8:
                    9f:ce:b3:04:a8:6d:f2:ba:92:e7:24:fc:ed:55:b4:
                    1b:1a:cb:53:87:b2:74:03:dd:8f:ed:93:57:11:e2:
                    5d:5c:d7:54:4e:f8:18:5c:55:1a:51:d9:a4:3e:07:
                    d9:27:85:cc:59:f8:cf:ca:ef:85:8c:82:81:71:58:
                    3b:71:4a:8a:f7:fd:4b:c7:10:cb:b5:cb:ca:0a:d7:
                    3b:e3:4a:df:39:60:8a:63:09:6f:2b:13:b0:3b:cb:
                    e9:f5:6b:4c:aa:96:45:c4:60:06:9d:41:d1:da:62:
                    8c:1f:2f:cd:3b:83:bb:19:02:1e:82:b1:d7:42:cc:
                    a1:91:0c:85:79:81:21:2d:09:97:3c:35:d6:d3:9f:
                    28:fa:62:21:63:37:06:8c:24:c9:ab:20:98:28:3e:
                    7d:7e:09:49:38:4f:72:ae:5c:e1:dd:f6:81:35:d6:
                    ae:64:9d:36:e9:ff:44:66:51:27:ac:e0:d1:e8:b9:
                    e0:f2:28:34:c3:31:95:f3:1b:ca:10:ab:fd:df:b8:
                    e5:07:9b:f8:c1:a6:b5:7e:46:3e:4f:b3:c5:cb:64:
                    57:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:F0:39:8A:41:68:7E:4F:1C:18:DA:A0:EC:EC:AB:7F:73:4F:9A:2C
            X509v3 Authority Key Identifier:
                keyid:50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:72:66:64:11:7e:16:de:91:7e:11:34:13:6d:5f:b6:d0:55:
         21:c9:5c:91:a0:9a:a1:50:d4:fa:27:4d:0f:43:26:9f:1f:62:
         84:ed:d5:f1:da:32:3e:c8:39:9a:ee:22:c1:30:90:04:72:07:
         f8:c6:c8:04:ad:7d:25:17:1e:46:0b:82:6b:0a:b5:32:35:a9:
         0b:9c:98:40:ee:e3:84:46:3c:e8:cb:5a:45:6b:fd:ec:6e:54:
         a9:9a:4d:e8:7d:62:b8:c0:92:84:46:a6:8c:50:af:2c:b3:d8:
         6f:9a:cb:01:fe:0c:61:2b:1a:7d:bd:21:46:d3:91:54:dd:34:
         4e:e2:4c:de:a9:b5:a8:e0:86:fb:68:bf:3c:84:59:04:2a:45:
         d3:7f:c6:2f:14:fd:0d:da:0c:d4:09:e2:1c:ab:00:fe:aa:28:
         74:f2:79:66:66:64:59:35:7a:30:ac:7f:d3:07:4e:7a:e9:ea:
         55:66:32:af:fc:32:ce:d8:18:d6:07:ff:96:75:cb:69:8d:16:
         e8:c1:c0:61:84:04:7f:b4:6f:7f:26:19:72:31:44:45:c5:eb:
         db:9c:5b:a9:8b:1a:92:7b:d4:bd:05:69:7e:fc:73:28:ce:4d:
         40:47:25:cb:63:d3:33:6b:17:9a:5b:1e:ab:d0:8e:a9:94:92:
         f0:8b:df:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9ONUtP1B9k1NoaCmV3erMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMWVkZTJkNDdkNzdlMTQwYTk3YmYyOTg5ZGE4MmE1ODc3
M2M4YzAwHhcNMjUxMTA0MTMwMTAzWhcNMjUxMTA1MTMwMTAzWjAzMTEwLwYDVQQD
EygyOWYwMzk4YTQxNjg3ZTRmMWMxOGRhYTBlY2VjYWI3ZjczNGY5YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+77ArpaNNBowXNIToA8Egp3QEoi
Yo/KuoVIXY94SB5wlDButpLC2nWmcfifzrMEqG3yupLnJPztVbQbGstTh7J0A92P
7ZNXEeJdXNdUTvgYXFUaUdmkPgfZJ4XMWfjPyu+FjIKBcVg7cUqK9/1LxxDLtcvK
Ctc740rfOWCKYwlvKxOwO8vp9WtMqpZFxGAGnUHR2mKMHy/NO4O7GQIegrHXQsyh
kQyFeYEhLQmXPDXW058o+mIhYzcGjCTJqyCYKD59fglJOE9yrlzh3faBNdauZJ02
6f9EZlEnrODR6Lng8ig0wzGV8xvKEKv937jlB5v4waa1fkY+T7PFy2RXgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnwOYpBaH5PHBjaoOzsq39zT5osMB8GA1UdIwQY
MBaAFFAe3i1H134UCpe/KYnagqWHc8jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEt
MTJlZGQwZTBkMjFiLzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEtMTJlZGQwZTBkMjFi
LzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVHJmZBF+
Ft6RfhE0E21fttBVIclckaCaoVDU+idND0Mmnx9ihO3V8doyPsg5mu4iwTCQBHIH
+MbIBK19JRceRguCawq1MjWpC5yYQO7jhEY86MtaRWv97G5UqZpN6H1iuMCShEam
jFCvLLPYb5rLAf4MYSsafb0hRtORVN00TuJM3qm1qOCG+2i/PIRZBCpF03/GLxT9
DdoM1AniHKsA/qoodPJ5ZmZkWTV6MKx/0wdOeunqVWYyr/wyztgY1gf/lnXLaY0W
6MHAYYQEf7RvfyYZcjFERcXr25xbqYsaknvUvQVpfvxzKM5NQEcly2PTM2sXmlse
q9COqZSS8Ivfgg==
-----END CERTIFICATE-----