Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft
File:                     Unzgu6rDVu3srWci8qhvjgZJCY4.mft (raw, json)
Hash identifier:          Pdj0OMfiB/U2CA6HDxvs/wQLubaRSccq07ERhnv/gyY=
Subject key identifier:   38:0A:8E:47:11:B3:5C:37:35:DD:B9:28:9F:09:6F:A8:95:35:B5:05
Authority key identifier: 52:7C:E0:BB:AA:C3:56:ED:EC:AD:67:22:F2:A8:6F:8E:06:49:09:8E
Certificate issuer:       /CN=527ce0bbaac356edecad6722f2a86f8e0649098e
Certificate serial:       01987486B734D0A4EA154465F6D56101E5D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Unzgu6rDVu3srWci8qhvjgZJCY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft
Manifest number:          15A7
Signing time:             Mon 04 Aug 2025 10:00:42 +0000
Manifest this update:     Mon 04 Aug 2025 10:00:42 +0000
Manifest next update:     Tue 05 Aug 2025 10:00:42 +0000
Files and hashes:         1: Unzgu6rDVu3srWci8qhvjgZJCY4.crl (hash: LZZdRMJcnGQq5n5wlDv1od06xALgPwDy++qNbSm5T5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Unzgu6rDVu3srWci8qhvjgZJCY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:86:b7:34:d0:a4:ea:15:44:65:f6:d5:61:01:e5:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=527ce0bbaac356edecad6722f2a86f8e0649098e
        Validity
            Not Before: Aug  4 10:00:42 2025 GMT
            Not After : Aug  5 10:00:42 2025 GMT
        Subject: CN=380a8e4711b35c3735ddb9289f096fa89535b505
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:4c:cd:b1:cd:dc:6f:ab:9f:9c:46:9c:81:ec:
                    cc:61:43:99:d0:89:4e:30:ad:8f:36:61:2b:65:8b:
                    05:6b:92:5d:a0:e0:cc:1d:9c:03:61:65:51:20:c4:
                    8f:16:a5:3c:6e:37:1d:ce:63:c0:f7:99:e9:39:f6:
                    f6:f0:2d:cf:12:bf:a7:59:79:aa:6a:d2:c5:c9:29:
                    ca:f6:4b:0b:4a:ff:fc:77:7e:33:23:86:64:dd:92:
                    c6:08:94:d1:68:a6:3c:65:a6:a1:7d:66:7f:c1:7c:
                    f6:8b:db:57:87:8d:27:8e:75:68:18:71:0a:7f:15:
                    2e:61:46:22:12:49:1a:d3:90:00:3a:95:48:36:5e:
                    11:9d:1b:81:e0:69:e9:14:cc:0a:64:21:d2:48:6d:
                    a0:ae:85:36:05:ce:de:c6:29:7c:ce:ec:69:ff:79:
                    d9:d3:f7:e4:c9:43:a1:7b:18:a9:95:c0:a5:87:b1:
                    c6:02:11:90:e1:3a:39:89:05:ff:8f:27:b8:43:39:
                    f5:7c:84:33:fc:01:b6:f0:ec:e3:86:67:2b:ea:06:
                    90:c1:8d:d1:50:47:a8:87:98:7f:ea:d5:9c:50:43:
                    d6:0d:14:df:0c:81:cd:49:07:7e:fa:3d:de:76:40:
                    85:39:d3:41:f3:c5:fe:61:f2:98:16:52:d3:b9:dd:
                    1a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:0A:8E:47:11:B3:5C:37:35:DD:B9:28:9F:09:6F:A8:95:35:B5:05
            X509v3 Authority Key Identifier:
                keyid:52:7C:E0:BB:AA:C3:56:ED:EC:AD:67:22:F2:A8:6F:8E:06:49:09:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Unzgu6rDVu3srWci8qhvjgZJCY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/91da8f-cb08-49c0-8309-8a2b7f956924/1/Unzgu6rDVu3srWci8qhvjgZJCY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:82:2f:08:02:bf:62:9e:67:d6:c7:ea:b0:e0:52:9e:2c:75:
         f8:81:80:ba:bc:ad:7f:13:f3:31:97:d0:26:9b:c2:28:6c:78:
         9d:6a:a7:c6:9e:87:2e:75:be:cb:23:63:ca:e9:4c:44:90:36:
         22:bd:a6:8c:02:2c:e2:fc:78:e5:91:96:3a:e1:d0:17:9c:5d:
         bf:10:51:1b:ce:27:f5:a1:85:00:90:6a:40:c3:68:86:34:9e:
         3a:02:b0:0d:ef:c9:67:63:bc:e2:7c:77:d3:50:7d:aa:3c:44:
         fe:86:ab:aa:23:7b:f9:2f:91:c5:f6:6b:55:51:13:1b:ba:80:
         be:8d:53:c6:45:fc:18:15:e1:6e:4f:19:7f:4c:c3:18:c1:c0:
         de:32:c0:13:3f:50:42:00:72:e4:79:56:99:3a:a1:8d:b1:92:
         56:38:5f:4b:57:e4:6d:49:d1:61:39:70:ae:96:8c:71:b2:92:
         3d:de:05:d1:79:3f:31:3b:ab:21:c2:1e:9d:af:ae:f9:bc:a4:
         d2:0e:8c:66:97:3e:93:f4:f3:d6:7b:58:1e:cb:58:dd:ce:da:
         ee:89:99:7d:77:fe:b7:f9:78:80:80:42:4f:40:f7:e4:e7:50:
         55:5b:30:a2:90:9e:1c:3f:c4:be:32:3a:e2:f1:3c:ff:b9:20:
         4f:4c:d8:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0hrc00KTqFURl9tVhAeXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyN2NlMGJiYWFjMzU2ZWRlY2FkNjcyMmYyYTg2ZjhlMDY0
OTA5OGUwHhcNMjUwODA0MTAwMDQyWhcNMjUwODA1MTAwMDQyWjAzMTEwLwYDVQQD
EygzODBhOGU0NzExYjM1YzM3MzVkZGI5Mjg5ZjA5NmZhODk1MzViNTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUzNsc3cb6ufnEacgezMYUOZ0IlO
MK2PNmErZYsFa5JdoODMHZwDYWVRIMSPFqU8bjcdzmPA95npOfb28C3PEr+nWXmq
atLFySnK9ksLSv/8d34zI4Zk3ZLGCJTRaKY8ZaahfWZ/wXz2i9tXh40njnVoGHEK
fxUuYUYiEkka05AAOpVINl4RnRuB4GnpFMwKZCHSSG2groU2Bc7exil8zuxp/3nZ
0/fkyUOhexiplcClh7HGAhGQ4To5iQX/jye4Qzn1fIQz/AG28Ozjhmcr6gaQwY3R
UEeoh5h/6tWcUEPWDRTfDIHNSQd++j3edkCFOdNB88X+YfKYFlLTud0abQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgKjkcRs1w3Nd25KJ8Jb6iVNbUFMB8GA1UdIwQY
MBaAFFJ84Luqw1bt7K1nIvKob44GSQmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW56Z3U2ckRWdTNzcldjaThxaHZqZ1pKQ1k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85MWRhOGYtY2IwOC00OWMwLTgzMDkt
OGEyYjdmOTU2OTI0LzEvVW56Z3U2ckRWdTNzcldjaThxaHZqZ1pKQ1k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85MWRhOGYtY2IwOC00OWMwLTgzMDktOGEyYjdmOTU2OTI0
LzEvVW56Z3U2ckRWdTNzcldjaThxaHZqZ1pKQ1k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVoIvCAK/
Yp5n1sfqsOBSnix1+IGAurytfxPzMZfQJpvCKGx4nWqnxp6HLnW+yyNjyulMRJA2
Ir2mjAIs4vx45ZGWOuHQF5xdvxBRG84n9aGFAJBqQMNohjSeOgKwDe/JZ2O84nx3
01B9qjxE/oarqiN7+S+RxfZrVVETG7qAvo1TxkX8GBXhbk8Zf0zDGMHA3jLAEz9Q
QgBy5HlWmTqhjbGSVjhfS1fkbUnRYTlwrpaMcbKSPd4F0Xk/MTurIcIena+u+byk
0g6MZpc+k/Tz1ntYHstY3c7a7omZfXf+t/l4gIBCT0D35OdQVVswopCeHD/EvjI6
4vE8/7kgT0zY/w==
-----END CERTIFICATE-----