Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft
File:                     UW2UBk9zhVXozjZaGVfWnnaICcQ.mft (raw, json)
Hash identifier:          MlAaW2gzYBrdl3U/j5crz1iZBSgVfHKuRhDw3vxkC7g=
Subject key identifier:   3B:91:E9:18:65:1B:7F:61:68:E0:F2:7F:E5:2E:D2:8F:3A:AC:23:17
Authority key identifier: 51:6D:94:06:4F:73:85:55:E8:CE:36:5A:19:57:D6:9E:76:88:09:C4
Certificate issuer:       /CN=516d94064f738555e8ce365a1957d69e768809c4
Certificate serial:       019A50E2F861834B2A40B8F3952612CF470A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UW2UBk9zhVXozjZaGVfWnnaICcQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft
Manifest number:          06EF
Signing time:             Tue 04 Nov 2025 22:00:43 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:43 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:43 +0000
Files and hashes:         1: UW2UBk9zhVXozjZaGVfWnnaICcQ.crl (hash: 8AY40lqQTXCyfviDWkXRXvmEsM3b3S9NAd4A2w5gndM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UW2UBk9zhVXozjZaGVfWnnaICcQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:f8:61:83:4b:2a:40:b8:f3:95:26:12:cf:47:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=516d94064f738555e8ce365a1957d69e768809c4
        Validity
            Not Before: Nov  4 22:00:43 2025 GMT
            Not After : Nov  5 22:00:43 2025 GMT
        Subject: CN=3b91e918651b7f6168e0f27fe52ed28f3aac2317
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:35:47:10:3b:93:85:04:32:4f:d4:84:18:a7:
                    b9:ac:cc:ba:e0:d5:e1:2d:89:5d:f9:1a:c9:14:cf:
                    eb:7c:ac:42:bb:ea:f5:43:e7:86:de:71:f3:a7:1a:
                    ec:27:03:c5:4b:0e:52:08:00:9e:a9:fd:6b:16:0f:
                    cf:11:16:84:86:e0:65:b8:c4:70:9e:33:8a:90:82:
                    7c:6b:d2:a0:fa:1f:71:49:c4:db:55:f4:e7:95:64:
                    66:f2:6d:ea:44:1e:96:df:8d:0c:a6:01:86:53:d5:
                    bc:d9:81:05:d3:db:5e:41:97:da:9b:ac:12:6c:16:
                    76:d7:24:af:4b:b7:2c:78:df:2d:e0:cb:d1:35:92:
                    66:5b:d2:95:eb:0f:45:39:25:69:28:c1:38:64:ca:
                    d6:4e:e9:0d:07:2d:ff:9b:6d:ae:6e:4a:dd:b2:36:
                    6f:72:34:e4:cf:75:9a:45:54:21:42:29:61:e6:ce:
                    0b:0f:12:2c:4f:51:8f:ee:7b:e6:d7:c0:0a:d6:02:
                    5a:b7:b2:63:de:af:14:f2:33:de:84:a7:da:72:ca:
                    bd:c6:c0:4f:60:32:74:81:b5:ab:78:83:c3:df:32:
                    60:07:7a:0e:a4:a3:0d:d2:a3:7c:bf:2b:ae:68:c1:
                    03:10:13:0b:ac:5d:7b:d1:29:95:6c:dd:e7:7f:58:
                    d7:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:91:E9:18:65:1B:7F:61:68:E0:F2:7F:E5:2E:D2:8F:3A:AC:23:17
            X509v3 Authority Key Identifier:
                keyid:51:6D:94:06:4F:73:85:55:E8:CE:36:5A:19:57:D6:9E:76:88:09:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UW2UBk9zhVXozjZaGVfWnnaICcQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:9f:51:9e:3a:b6:bb:1b:d6:5e:fd:a7:2c:d9:51:32:2f:37:
         07:cc:6e:ef:b8:12:79:de:ca:cf:04:75:6f:60:ce:ae:ba:3c:
         83:a4:e4:b3:d3:41:18:f0:19:f8:a2:96:ca:dd:ae:04:1b:1e:
         01:49:2f:f3:fd:9f:b4:41:56:ae:d8:ed:bf:2f:64:cf:ec:4b:
         8f:95:a3:d7:c4:c1:00:90:11:b8:04:16:77:ed:d9:5e:a3:bf:
         c5:23:58:b5:2f:50:b3:0f:c3:09:23:f1:58:65:fd:20:7b:a9:
         ee:ed:6f:d9:4f:90:4c:28:d4:9c:9f:52:68:11:a0:a1:71:c0:
         b8:ad:60:1e:69:a1:c6:b7:09:2b:b4:cd:3d:72:4e:8d:6c:7a:
         13:08:60:a0:d8:f4:62:7e:2a:32:97:4c:04:c8:43:bc:fa:b7:
         25:f2:ee:16:09:04:41:b0:40:fb:01:26:a2:cd:6c:c8:00:4a:
         e2:0f:9d:0c:23:f9:db:d8:28:fd:15:fd:c4:05:7b:16:70:95:
         76:7c:02:c0:ee:37:99:86:47:cf:b3:1a:a3:53:35:d4:fb:f5:
         9d:6b:d8:5f:36:cd:b6:4d:5e:36:5e:db:e6:b3:7a:51:2f:4f:
         5d:f2:55:0c:65:e8:80:4a:f7:68:7d:20:b1:0a:95:00:08:cc:
         ed:ed:c2:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4vhhg0sqQLjzlSYSz0cKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNmQ5NDA2NGY3Mzg1NTVlOGNlMzY1YTE5NTdkNjllNzY4
ODA5YzQwHhcNMjUxMTA0MjIwMDQzWhcNMjUxMTA1MjIwMDQzWjAzMTEwLwYDVQQD
EygzYjkxZTkxODY1MWI3ZjYxNjhlMGYyN2ZlNTJlZDI4ZjNhYWMyMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjVHEDuThQQyT9SEGKe5rMy64NXh
LYld+RrJFM/rfKxCu+r1Q+eG3nHzpxrsJwPFSw5SCACeqf1rFg/PERaEhuBluMRw
njOKkIJ8a9Kg+h9xScTbVfTnlWRm8m3qRB6W340MpgGGU9W82YEF09teQZfam6wS
bBZ21ySvS7cseN8t4MvRNZJmW9KV6w9FOSVpKME4ZMrWTukNBy3/m22ubkrdsjZv
cjTkz3WaRVQhQilh5s4LDxIsT1GP7nvm18AK1gJat7Jj3q8U8jPehKfacsq9xsBP
YDJ0gbWreIPD3zJgB3oOpKMN0qN8vyuuaMEDEBMLrF170SmVbN3nf1jXqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuR6RhlG39haODyf+Uu0o86rCMXMB8GA1UdIwQY
MBaAFFFtlAZPc4VV6M42WhlX1p52iAnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVcyVUJrOXpoVlhvempaYUdWZldubmFJQ2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9iODE4OTUtYzYwNS00MWUyLWIyODMt
YzA1NjVmYTg0MGQ0LzEvVVcyVUJrOXpoVlhvempaYUdWZldubmFJQ2NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9iODE4OTUtYzYwNS00MWUyLWIyODMtYzA1NjVmYTg0MGQ0
LzEvVVcyVUJrOXpoVlhvempaYUdWZldubmFJQ2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACJ9Rnjq2
uxvWXv2nLNlRMi83B8xu77gSed7KzwR1b2DOrro8g6Tks9NBGPAZ+KKWyt2uBBse
AUkv8/2ftEFWrtjtvy9kz+xLj5Wj18TBAJARuAQWd+3ZXqO/xSNYtS9Qsw/DCSPx
WGX9IHup7u1v2U+QTCjUnJ9SaBGgoXHAuK1gHmmhxrcJK7TNPXJOjWx6EwhgoNj0
Yn4qMpdMBMhDvPq3JfLuFgkEQbBA+wEmos1syABK4g+dDCP529go/RX9xAV7FnCV
dnwCwO43mYZHz7Mao1M11Pv1nWvYXzbNtk1eNl7b5rN6US9PXfJVDGXogEr3aH0g
sQqVAAjM7e3C7A==
-----END CERTIFICATE-----