Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          ZgEzrCwET5STeN/G33IvRNuWc/DzCt8h3vay8vgBUpQ=
Subject key identifier:   9F:45:D7:98:33:2F:B1:48:1F:34:81:20:C5:66:C0:05:B9:FF:E5:B4
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       019A5119EC9A64E4DC07410869C651D177E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          170E
Signing time:             Tue 04 Nov 2025 23:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 23:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 23:00:44 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: ka/TvtEdlbXsHLBmP3FhMxHnI4eZfk9Ba6mzmyTSwsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:19:ec:9a:64:e4:dc:07:41:08:69:c6:51:d1:77:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Nov  4 23:00:44 2025 GMT
            Not After : Nov  5 23:00:44 2025 GMT
        Subject: CN=9f45d798332fb1481f348120c566c005b9ffe5b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c3:fb:f1:c1:02:6c:38:40:e8:82:81:de:ea:
                    0a:7a:f5:5a:5a:b2:13:b3:10:0e:7b:31:06:ad:53:
                    e5:d2:19:57:e5:07:77:95:35:78:ae:3f:a2:e6:af:
                    e1:f0:93:90:63:36:f4:e0:1c:1e:35:2a:2c:78:38:
                    72:80:87:94:21:7a:8f:26:52:26:98:23:4d:70:09:
                    84:b7:22:d0:b4:dd:da:77:b8:25:57:9a:e0:d2:d1:
                    47:10:6b:33:e3:c2:80:9a:50:df:33:a3:91:96:dc:
                    6c:3b:26:e9:5d:9d:3c:33:0b:34:b3:8b:53:8a:bb:
                    8f:71:cb:e8:8b:30:bd:87:dd:71:61:0a:b6:37:5d:
                    a1:f9:a3:6f:15:2b:ff:35:f1:d1:0e:96:86:bd:7e:
                    dd:08:4b:91:5b:c6:5a:0e:8b:fd:32:fb:22:ff:e0:
                    07:a2:ac:a5:50:02:bb:a7:e5:cd:70:fc:78:e2:17:
                    8c:f1:f1:f9:51:cb:9e:a5:df:16:e2:58:13:12:b1:
                    25:d6:f4:5f:9b:b8:28:25:a1:0d:82:e5:13:d6:05:
                    81:fc:75:71:8c:96:4a:44:93:db:5e:75:9e:61:23:
                    e4:9e:d5:83:9d:70:f2:a5:01:07:dc:e0:dd:b3:60:
                    54:dc:3e:91:46:b6:0e:b5:55:2a:82:eb:b2:4c:ba:
                    b5:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:45:D7:98:33:2F:B1:48:1F:34:81:20:C5:66:C0:05:B9:FF:E5:B4
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:6f:7e:83:b5:28:3e:84:47:a5:7c:06:23:6d:29:7f:48:02:
         c3:a7:b3:29:9d:09:bd:ef:9e:f9:80:78:93:a5:8f:af:5a:3c:
         ef:78:50:fd:70:b2:91:93:36:2f:40:66:d1:ea:15:d3:3c:e0:
         d8:73:4c:ff:d8:c5:04:2a:ee:bf:5a:50:f6:5f:c8:b8:d3:b5:
         a9:65:b1:58:28:c5:d9:ba:3b:02:a3:24:90:0d:15:2c:23:cc:
         90:6d:59:ef:53:35:9f:e8:26:b9:5c:03:bb:68:ef:1d:30:be:
         aa:f8:d6:76:51:13:fa:66:8e:27:0d:41:ef:53:75:cf:16:e9:
         be:9b:4c:4a:1c:07:77:d2:8c:09:6a:50:64:db:cb:a9:0a:27:
         48:cd:c7:3c:4c:98:5f:67:17:2c:1c:1b:d2:48:47:8a:10:db:
         d7:c4:f6:10:dc:b1:98:34:09:a9:c0:5f:e4:ec:72:6d:1f:22:
         32:94:b7:44:de:5c:b9:cf:e3:1e:e4:06:a6:d2:7b:83:b2:39:
         b3:1a:d6:29:bd:61:ca:26:fa:4b:c7:58:12:96:02:0f:95:2f:
         1f:2d:4d:26:f8:a4:01:71:ca:5c:db:78:3b:75:1e:4d:01:97:
         c5:41:bd:4b:6f:ca:92:98:9b:6d:96:75:cd:bc:66:de:85:a2:
         e4:4d:b3:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRGeyaZOTcB0EIacZR0XfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUxMTA0MjMwMDQ0WhcNMjUxMTA1MjMwMDQ0WjAzMTEwLwYDVQQD
Eyg5ZjQ1ZDc5ODMzMmZiMTQ4MWYzNDgxMjBjNTY2YzAwNWI5ZmZlNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cP78cECbDhA6IKB3uoKevVaWrIT
sxAOezEGrVPl0hlX5Qd3lTV4rj+i5q/h8JOQYzb04BweNSoseDhygIeUIXqPJlIm
mCNNcAmEtyLQtN3ad7glV5rg0tFHEGsz48KAmlDfM6ORltxsOybpXZ08Mws0s4tT
iruPccvoizC9h91xYQq2N12h+aNvFSv/NfHRDpaGvX7dCEuRW8ZaDov9Mvsi/+AH
oqylUAK7p+XNcPx44heM8fH5Ucuepd8W4lgTErEl1vRfm7goJaENguUT1gWB/HVx
jJZKRJPbXnWeYSPkntWDnXDypQEH3ODds2BU3D6RRrYOtVUqguuyTLq1gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9F15gzL7FIHzSBIMVmwAW5/+W0MB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp29+g7Uo
PoRHpXwGI20pf0gCw6ezKZ0Jve+e+YB4k6WPr1o873hQ/XCykZM2L0Bm0eoV0zzg
2HNM/9jFBCruv1pQ9l/IuNO1qWWxWCjF2bo7AqMkkA0VLCPMkG1Z71M1n+gmuVwD
u2jvHTC+qvjWdlET+maOJw1B71N1zxbpvptMShwHd9KMCWpQZNvLqQonSM3HPEyY
X2cXLBwb0khHihDb18T2ENyxmDQJqcBf5OxybR8iMpS3RN5cuc/jHuQGptJ7g7I5
sxrWKb1hyib6S8dYEpYCD5UvHy1NJvikAXHKXNt4O3UeTQGXxUG9S2/KkpibbZZ1
zbxm3oWi5E2zVA==
-----END CERTIFICATE-----