Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          BZ0I8d5PGu20hT6XWynAx5H3s41KuHq6tDeG1IW16T4=
Subject key identifier:   AC:24:13:B9:5A:DD:6A:4F:50:72:F9:31:CD:E2:52:C7:D7:69:99:9F
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       019A50E412903A298669B5817FC3738D89AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          170C
Signing time:             Tue 04 Nov 2025 22:01:55 +0000
Manifest this update:     Tue 04 Nov 2025 22:01:55 +0000
Manifest next update:     Wed 05 Nov 2025 22:01:55 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: rJIWJDTot4HVi0Eo2zs+uvKAEfEcN8/2vUCHVEjldok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e4:12:90:3a:29:86:69:b5:81:7f:c3:73:8d:89:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: Nov  4 22:01:55 2025 GMT
            Not After : Nov  5 22:01:55 2025 GMT
        Subject: CN=ac2413b95add6a4f5072f931cde252c7d769999f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:10:2c:72:2f:d5:58:27:63:68:3c:e3:32:3c:
                    4d:40:c3:e7:80:54:6c:b4:ab:33:ae:3f:03:d3:9f:
                    f0:59:db:30:eb:d3:1a:9b:6b:41:1c:b0:f4:80:23:
                    19:70:72:1d:5a:bd:e9:e9:4e:a0:2e:08:77:ee:e7:
                    ff:a9:f0:cb:60:9e:87:a0:70:74:01:ab:10:aa:cb:
                    c8:1a:56:92:e2:c2:fc:34:95:04:c1:58:61:41:6d:
                    3f:b4:9d:8c:1c:a6:08:ae:63:1f:38:a4:92:99:80:
                    81:06:ef:91:86:62:ae:68:ae:8c:4a:7b:15:6c:d6:
                    6a:22:f1:a1:ef:60:0d:81:44:d8:55:77:1a:ad:6e:
                    4a:a8:30:71:6a:ad:d4:d9:0b:d4:9b:d4:19:7c:40:
                    c4:b0:5e:cf:3d:7e:ff:e8:57:9c:40:ed:c2:5f:3b:
                    a5:e6:2a:98:39:07:e9:37:da:04:f8:bf:64:42:a1:
                    b4:f8:78:5e:b0:a6:36:77:16:6f:e4:e6:c2:48:69:
                    f1:58:34:2f:d9:fd:a7:5c:a8:9b:a9:f3:3b:0d:c2:
                    96:d1:0a:1f:ab:f3:f6:7a:64:82:dd:d0:d3:fb:6b:
                    f5:5b:d2:42:dd:f0:3f:6b:e0:c6:14:72:b5:63:b9:
                    ce:d4:27:49:03:96:12:61:8b:a7:7c:52:11:2d:60:
                    30:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:24:13:B9:5A:DD:6A:4F:50:72:F9:31:CD:E2:52:C7:D7:69:99:9F
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:c3:6f:a5:36:1a:fd:27:bd:ca:d7:b7:55:17:5f:c5:5f:0b:
         16:38:00:2c:c7:f3:c1:a9:ba:32:c0:e0:05:81:fa:73:42:4f:
         64:a6:04:37:84:9b:f3:71:3d:23:64:6f:67:fe:37:8e:c1:7d:
         2d:ae:30:38:6b:e5:50:ea:81:88:05:b4:66:06:76:57:19:d6:
         84:e0:ce:4b:f5:5a:57:5d:f4:fa:33:c8:2b:86:d7:81:c5:c3:
         82:2f:3d:5c:3e:bd:dc:0c:b6:b8:89:33:cf:80:f0:d2:39:14:
         67:85:7b:43:a6:77:de:1a:91:53:ba:7e:98:f1:eb:02:6d:54:
         5c:91:d6:dc:6f:3c:a2:eb:9e:e7:94:fe:cc:d4:a0:dd:8f:47:
         71:31:ae:ad:69:b9:28:1b:e2:d7:44:68:f2:88:7b:2a:c1:a3:
         b1:62:47:f2:dc:6d:18:67:27:49:0b:42:d7:56:68:7a:f4:75:
         48:e5:ab:27:62:1d:f7:c9:57:cd:ad:3c:84:49:79:1a:7f:1c:
         5b:0e:cc:af:53:0a:0c:3d:1e:4d:e7:ab:68:5a:92:44:38:2c:
         f5:c5:72:52:60:bc:c3:98:20:8c:3a:29:0e:46:f4:10:5b:61:
         80:0d:d0:19:bc:84:6a:b4:f0:2b:b0:ab:b5:45:59:a6:c5:b9:
         fd:5f:d6:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ5BKQOimGabWBf8NzjYmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjUxMTA0MjIwMTU1WhcNMjUxMTA1MjIwMTU1WjAzMTEwLwYDVQQD
EyhhYzI0MTNiOTVhZGQ2YTRmNTA3MmY5MzFjZGUyNTJjN2Q3Njk5OTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBAsci/VWCdjaDzjMjxNQMPngFRs
tKszrj8D05/wWdsw69Mam2tBHLD0gCMZcHIdWr3p6U6gLgh37uf/qfDLYJ6HoHB0
AasQqsvIGlaS4sL8NJUEwVhhQW0/tJ2MHKYIrmMfOKSSmYCBBu+RhmKuaK6MSnsV
bNZqIvGh72ANgUTYVXcarW5KqDBxaq3U2QvUm9QZfEDEsF7PPX7/6FecQO3CXzul
5iqYOQfpN9oE+L9kQqG0+HhesKY2dxZv5ObCSGnxWDQv2f2nXKibqfM7DcKW0Qof
q/P2emSC3dDT+2v1W9JC3fA/a+DGFHK1Y7nO1CdJA5YSYYunfFIRLWAwiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwkE7la3WpPUHL5Mc3iUsfXaZmfMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIcNvpTYa
/Se9yte3VRdfxV8LFjgALMfzwam6MsDgBYH6c0JPZKYEN4Sb83E9I2RvZ/43jsF9
La4wOGvlUOqBiAW0ZgZ2VxnWhODOS/VaV130+jPIK4bXgcXDgi89XD693Ay2uIkz
z4Dw0jkUZ4V7Q6Z33hqRU7p+mPHrAm1UXJHW3G88ouue55T+zNSg3Y9HcTGurWm5
KBvi10Ro8oh7KsGjsWJH8txtGGcnSQtC11ZoevR1SOWrJ2Id98lXza08hEl5Gn8c
Ww7Mr1MKDD0eTeeraFqSRDgs9cVyUmC8w5ggjDopDkb0EFthgA3QGbyEarTwK7Cr
tUVZpsW5/V/Wgg==
-----END CERTIFICATE-----