Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
File:                     uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft (raw, json)
Hash identifier:          EYACOaEOmfaWD7iPf3jAilaugwO0KN+75BQpHvOrpAU=
Subject key identifier:   A2:12:09:97:46:A9:55:83:4F:7F:7C:F9:26:F6:E0:E6:BF:25:A6:AD
Authority key identifier: B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA
Certificate issuer:       /CN=b88177a9a3469db3acf10a98f6c03931e35515fa
Certificate serial:       019A5150A46E428CAD70BFA45D2DB21DD832
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
Manifest number:          06A7
Signing time:             Wed 05 Nov 2025 00:00:30 +0000
Manifest this update:     Wed 05 Nov 2025 00:00:30 +0000
Manifest next update:     Thu 06 Nov 2025 00:00:30 +0000
Files and hashes:         1: uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl (hash: tUSoAIK4C9hPejJOgXP6qxbmbrVxDc0K89L7YzbAXmg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:50:a4:6e:42:8c:ad:70:bf:a4:5d:2d:b2:1d:d8:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88177a9a3469db3acf10a98f6c03931e35515fa
        Validity
            Not Before: Nov  5 00:00:30 2025 GMT
            Not After : Nov  6 00:00:30 2025 GMT
        Subject: CN=a212099746a955834f7f7cf926f6e0e6bf25a6ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c7:d8:32:38:ae:e0:07:b0:f1:e9:b9:4d:a4:
                    60:63:ad:83:61:bd:35:ec:db:7c:48:75:47:16:90:
                    c1:9a:33:34:c6:5c:82:85:35:fa:8b:58:a3:2a:0b:
                    46:d3:89:a4:91:3f:a8:40:6b:e7:b8:f1:24:91:1d:
                    3a:06:5a:c5:c8:82:7c:8e:ba:58:a4:71:01:57:ec:
                    59:9a:6d:1b:77:c2:db:1b:95:9b:7c:a9:ca:e5:59:
                    92:f8:c1:92:ae:3b:56:1e:4b:bc:c3:6b:35:65:aa:
                    91:21:66:8c:d5:5d:69:e4:09:da:37:ed:9a:30:a0:
                    f4:9f:0b:4a:62:d0:62:a5:19:de:e4:89:bc:9b:ca:
                    31:d5:c7:5f:3d:63:8b:35:d1:8a:73:fb:0c:d6:13:
                    c4:cd:92:60:fb:14:95:c5:34:93:71:2c:a7:1f:14:
                    90:27:e4:54:a4:49:23:2c:7e:b5:43:26:3d:65:14:
                    45:4a:a2:43:20:ab:12:e5:b3:bc:89:61:08:7c:fc:
                    70:20:96:1d:07:35:50:a2:7d:37:14:b2:c3:f3:2c:
                    d3:59:77:a9:fd:dd:af:b3:d7:b0:be:8b:10:16:2b:
                    71:38:09:22:c7:69:b6:b6:65:40:0b:1c:13:d5:d2:
                    73:43:67:c7:92:7b:32:32:df:bf:e4:82:ec:99:df:
                    9a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:12:09:97:46:A9:55:83:4F:7F:7C:F9:26:F6:E0:E6:BF:25:A6:AD
            X509v3 Authority Key Identifier:
                keyid:B8:81:77:A9:A3:46:9D:B3:AC:F1:0A:98:F6:C0:39:31:E3:55:15:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uIF3qaNGnbOs8QqY9sA5MeNVFfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23c0a9-68b1-40fd-a1e7-eb0885b9003e/1/uIF3qaNGnbOs8QqY9sA5MeNVFfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:3b:6b:64:f5:b6:22:1c:24:52:0f:6e:60:91:b6:35:8b:3d:
         98:0c:33:7c:1e:bf:c3:6a:61:c9:b1:e4:35:7f:90:b7:a7:45:
         06:e3:0b:de:bd:e7:22:90:06:b5:3e:15:40:da:ff:7a:c4:4e:
         d4:0d:e0:6b:3d:11:b9:a6:92:eb:dc:0c:bb:49:8b:f0:73:22:
         d7:a8:59:74:c6:69:af:12:2a:f1:43:9c:7b:24:ca:0a:d5:70:
         42:90:4a:6a:a4:91:9e:c0:a6:1b:7f:38:83:aa:81:e2:a8:f9:
         b6:1f:49:a1:3e:7b:70:0c:be:26:69:53:db:6c:6b:56:12:49:
         ae:9d:f8:b0:bc:33:39:17:fb:96:a0:8c:39:2b:ae:f9:72:62:
         bf:04:d1:c5:57:9b:50:48:0e:65:8e:5b:30:8d:53:11:c1:23:
         f2:71:ed:89:82:e3:10:b7:46:91:06:17:62:07:4f:8e:e4:78:
         6c:be:a4:43:38:a1:3c:4d:5d:29:55:63:b3:26:fc:64:5c:17:
         d2:77:70:af:a7:32:14:d8:43:a4:c4:60:c9:fb:a1:63:87:5f:
         ae:3f:e8:70:c7:a0:62:b3:e3:07:2b:8c:02:94:4c:1d:e0:c7:
         fc:fc:ce:5b:2f:7a:e3:4a:b1:48:2d:52:57:1a:da:01:96:15:
         7b:41:01:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUKRuQoytcL+kXS2yHdgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ODE3N2E5YTM0NjlkYjNhY2YxMGE5OGY2YzAzOTMxZTM1
NTE1ZmEwHhcNMjUxMTA1MDAwMDMwWhcNMjUxMTA2MDAwMDMwWjAzMTEwLwYDVQQD
EyhhMjEyMDk5NzQ2YTk1NTgzNGY3ZjdjZjkyNmY2ZTBlNmJmMjVhNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMfYMjiu4Aew8em5TaRgY62DYb01
7Nt8SHVHFpDBmjM0xlyChTX6i1ijKgtG04mkkT+oQGvnuPEkkR06BlrFyIJ8jrpY
pHEBV+xZmm0bd8LbG5WbfKnK5VmS+MGSrjtWHku8w2s1ZaqRIWaM1V1p5AnaN+2a
MKD0nwtKYtBipRne5Im8m8ox1cdfPWOLNdGKc/sM1hPEzZJg+xSVxTSTcSynHxSQ
J+RUpEkjLH61QyY9ZRRFSqJDIKsS5bO8iWEIfPxwIJYdBzVQon03FLLD8yzTWXep
/d2vs9ewvosQFitxOAkix2m2tmVACxwT1dJzQ2fHknsyMt+/5ILsmd+alQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKISCZdGqVWDT398+Sb24Oa/JaatMB8GA1UdIwQY
MBaAFLiBd6mjRp2zrPEKmPbAOTHjVRX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTct
ZWIwODg1YjkwMDNlLzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yM2MwYTktNjhiMS00MGZkLWExZTctZWIwODg1YjkwMDNl
LzEvdUlGM3FhTkduYk9zOFFxWTlzQTVNZU5WRmZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqTtrZPW2
IhwkUg9uYJG2NYs9mAwzfB6/w2phybHkNX+Qt6dFBuML3r3nIpAGtT4VQNr/esRO
1A3gaz0RuaaS69wMu0mL8HMi16hZdMZprxIq8UOceyTKCtVwQpBKaqSRnsCmG384
g6qB4qj5th9JoT57cAy+JmlT22xrVhJJrp34sLwzORf7lqCMOSuu+XJivwTRxVeb
UEgOZY5bMI1TEcEj8nHtiYLjELdGkQYXYgdPjuR4bL6kQzihPE1dKVVjsyb8ZFwX
0ndwr6cyFNhDpMRgyfuhY4dfrj/ocMegYrPjByuMApRMHeDH/PzOWy9640qxSC1S
VxraAZYVe0EBeQ==
-----END CERTIFICATE-----