Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          +lK8yTkVd0ZBJr3yN/s9iBGbSEkaaOuQygZwkaZnyfU=
Subject key identifier:   C8:73:54:78:BC:F1:E4:57:87:DD:9B:4A:6D:D2:BD:C2:A7:CB:02:B8
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       019896DBD7AB442A1BF390E55A81016DDD04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          1629
Signing time:             Mon 11 Aug 2025 02:00:46 +0000
Manifest this update:     Mon 11 Aug 2025 02:00:46 +0000
Manifest next update:     Tue 12 Aug 2025 02:00:46 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: XyPaJFkPyRSQwjk9TeIUsqB3nM2hNovW9mNlmiNGLvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:db:d7:ab:44:2a:1b:f3:90:e5:5a:81:01:6d:dd:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Aug 11 02:00:46 2025 GMT
            Not After : Aug 12 02:00:46 2025 GMT
        Subject: CN=c8735478bcf1e45787dd9b4a6dd2bdc2a7cb02b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:9c:00:65:0b:6b:b2:9b:c9:6c:4e:11:59:b0:
                    6d:a7:73:96:d7:bd:75:53:cc:67:66:ab:6d:ff:fc:
                    b8:8a:e7:15:8e:8f:1c:42:7b:10:06:d8:28:d2:ce:
                    9b:65:a9:23:02:ab:21:2c:2a:f9:b0:64:48:72:fb:
                    c6:e2:04:f7:57:a7:42:23:e0:cb:b3:22:c0:17:e6:
                    07:56:82:f7:4d:06:eb:20:8d:be:1a:81:30:56:d4:
                    91:c1:06:57:8f:4f:d4:26:c8:24:aa:7f:b5:3c:42:
                    af:b8:ef:d2:1e:13:6d:24:9e:2f:92:53:26:e3:66:
                    d2:66:c2:e0:3d:d1:3e:f9:c0:eb:ad:35:4d:e9:bb:
                    38:d7:92:4b:eb:71:72:4e:8a:52:2f:41:04:bc:88:
                    14:48:49:18:30:cd:f4:24:15:24:0d:83:a1:4c:74:
                    7a:07:ac:9c:52:86:b1:d1:e4:50:2c:3f:05:8f:b0:
                    5d:ad:4b:13:69:72:27:3c:1a:61:0b:eb:f3:b6:c7:
                    07:24:30:c4:39:7a:7b:2d:0b:4e:b4:95:37:39:ca:
                    db:e5:9d:29:37:3d:ae:36:ae:11:e4:0b:5e:19:09:
                    0b:b7:fd:c5:7a:1c:32:c9:68:d3:6e:c2:2c:40:ad:
                    ba:78:be:8f:d5:2a:04:9d:fe:b8:f8:57:7c:41:bb:
                    a8:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:73:54:78:BC:F1:E4:57:87:DD:9B:4A:6D:D2:BD:C2:A7:CB:02:B8
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:66:ac:5a:8c:51:b9:a2:b6:54:33:0e:99:37:9d:d6:b8:45:
         03:61:c2:5f:23:29:bd:9b:70:da:4f:cd:b9:be:55:25:83:09:
         dc:95:5e:94:46:45:c4:a4:33:44:a8:a8:aa:18:14:14:9f:9d:
         9a:2d:57:4d:c6:95:33:aa:f3:10:57:45:d1:4b:a9:73:86:48:
         e6:34:54:c9:67:92:c3:c7:e1:3f:ae:76:48:65:59:e1:3a:6e:
         13:5f:36:09:ce:e2:7a:9b:98:0a:f0:71:13:89:90:cc:86:0c:
         57:c2:79:7b:a1:31:78:4b:5b:f9:2e:aa:2b:94:98:03:a6:4c:
         59:5f:6c:7a:54:40:34:18:96:05:82:ff:ad:d6:cd:62:b5:30:
         ac:d6:7d:88:e2:50:79:38:23:9d:b3:2d:da:9e:8e:e8:04:7b:
         b6:40:01:3d:b0:b7:5b:18:87:8b:69:e3:ec:a7:07:ff:0a:5c:
         9b:08:67:e8:c3:45:86:16:cc:94:22:3e:8d:a8:51:0f:64:9b:
         46:27:64:21:0a:67:87:b4:87:7c:56:c0:7a:63:e0:38:a2:08:
         ad:45:1c:32:d2:af:7e:e6:89:ce:1e:f1:47:5c:5a:19:05:c8:
         ba:df:4f:85:ad:27:44:b2:86:16:dd:bd:0f:a6:f0:33:32:3a:
         9e:01:da:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiW29erRCob85DlWoEBbd0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUwODExMDIwMDQ2WhcNMjUwODEyMDIwMDQ2WjAzMTEwLwYDVQQD
EyhjODczNTQ3OGJjZjFlNDU3ODdkZDliNGE2ZGQyYmRjMmE3Y2IwMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pwAZQtrspvJbE4RWbBtp3OW1711
U8xnZqtt//y4iucVjo8cQnsQBtgo0s6bZakjAqshLCr5sGRIcvvG4gT3V6dCI+DL
syLAF+YHVoL3TQbrII2+GoEwVtSRwQZXj0/UJsgkqn+1PEKvuO/SHhNtJJ4vklMm
42bSZsLgPdE++cDrrTVN6bs415JL63FyTopSL0EEvIgUSEkYMM30JBUkDYOhTHR6
B6ycUoax0eRQLD8Fj7BdrUsTaXInPBphC+vztscHJDDEOXp7LQtOtJU3Ocrb5Z0p
Nz2uNq4R5AteGQkLt/3FehwyyWjTbsIsQK26eL6P1SoEnf64+Fd8QbuodQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhzVHi88eRXh92bSm3SvcKnywK4MB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcmasWoxR
uaK2VDMOmTed1rhFA2HCXyMpvZtw2k/Nub5VJYMJ3JVelEZFxKQzRKioqhgUFJ+d
mi1XTcaVM6rzEFdF0Uupc4ZI5jRUyWeSw8fhP652SGVZ4TpuE182Cc7iepuYCvBx
E4mQzIYMV8J5e6ExeEtb+S6qK5SYA6ZMWV9selRANBiWBYL/rdbNYrUwrNZ9iOJQ
eTgjnbMt2p6O6AR7tkABPbC3WxiHi2nj7KcH/wpcmwhn6MNFhhbMlCI+jahRD2Sb
RidkIQpnh7SHfFbAemPgOKIIrUUcMtKvfuaJzh7xR1xaGQXIut9Pha0nRLKGFt29
D6bwMzI6ngHaVg==
-----END CERTIFICATE-----