Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
File:                     uVZnsVy6fKp0FSdIRHOE--A7iTo.mft (raw, json)
Hash identifier:          Kd8sv+4uWbgQM9ockDLe+DQa5yWHLFSij/aIeAWM2a4=
Subject key identifier:   52:BA:FF:53:6A:33:39:86:14:C7:5F:76:C2:60:AC:1C:08:B2:7B:C0
Authority key identifier: B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A
Certificate issuer:       /CN=b95667b15cba7caa74152748447384fbe03b893a
Certificate serial:       019A4D0603D97411B331CBF687D50609F7C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
Manifest number:          09BD
Signing time:             Tue 04 Nov 2025 04:00:31 +0000
Manifest this update:     Tue 04 Nov 2025 04:00:31 +0000
Manifest next update:     Wed 05 Nov 2025 04:00:31 +0000
Files and hashes:         1: uVZnsVy6fKp0FSdIRHOE--A7iTo.crl (hash: ezt9y43YrkI/NOcTmV+38mHEsgFPeVOYwZR/tD8WL7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:03:d9:74:11:b3:31:cb:f6:87:d5:06:09:f7:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b95667b15cba7caa74152748447384fbe03b893a
        Validity
            Not Before: Nov  4 04:00:31 2025 GMT
            Not After : Nov  5 04:00:31 2025 GMT
        Subject: CN=52baff536a33398614c75f76c260ac1c08b27bc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e9:1d:27:86:6c:99:c6:9c:a8:ed:83:27:34:
                    66:84:13:f1:e8:56:a0:c1:d7:e8:68:af:d5:34:dd:
                    bf:7c:83:44:78:eb:26:ee:37:e6:14:16:02:4e:3b:
                    b0:f5:df:8a:88:b0:e4:7a:c8:ee:30:a9:c0:73:49:
                    9f:2a:94:7c:dc:32:69:09:b9:16:63:4e:e8:aa:90:
                    8a:62:a1:42:c5:a3:ba:ce:20:5f:2b:ef:7a:ff:4a:
                    65:0e:cf:c4:cb:73:da:af:ae:6f:10:2a:ad:6c:43:
                    88:f0:8b:a3:5e:3a:0b:c5:94:c8:2f:49:08:5c:7c:
                    90:04:6d:8b:e8:f6:7f:61:18:3b:45:f4:62:e5:57:
                    6e:f4:cd:60:c5:3f:8a:2f:a9:69:11:5b:d8:84:43:
                    00:e6:7a:37:38:74:06:92:c8:54:dc:40:83:08:8a:
                    e6:83:6e:80:be:4b:23:4b:b6:2a:8d:3f:32:dd:33:
                    a2:82:64:36:4f:e3:47:a5:72:20:4b:e2:80:0e:14:
                    3f:21:70:59:01:7c:f6:55:77:7a:09:92:94:5a:5a:
                    64:ba:b5:f9:ad:8d:f6:70:ec:d3:fc:a4:0a:00:9f:
                    22:ea:77:52:f6:9a:d5:4e:b2:85:78:a8:7d:20:62:
                    db:c7:c5:f3:e2:70:4a:8f:d5:ce:fc:73:a7:c8:26:
                    f0:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:BA:FF:53:6A:33:39:86:14:C7:5F:76:C2:60:AC:1C:08:B2:7B:C0
            X509v3 Authority Key Identifier:
                keyid:B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:09:9f:68:2f:5e:5b:59:e6:3a:05:b7:9c:9b:ea:c0:8c:3b:
         8d:cc:6f:d7:f2:fb:60:27:aa:21:4b:8f:25:b3:38:6d:fe:36:
         48:ba:c9:b9:73:a8:9e:f6:6a:20:0a:93:70:f5:24:e7:48:02:
         6b:6c:57:6c:52:d6:4a:2d:66:d8:91:c9:53:0d:a2:3d:db:b7:
         30:22:73:b3:7b:f2:7a:d8:af:b4:8e:41:c3:24:d3:ec:80:b8:
         d1:42:c0:c9:96:10:c2:20:53:2d:80:80:03:8b:27:46:e3:4c:
         9c:4d:42:6d:f8:1c:40:d3:10:92:eb:b9:66:35:a8:d1:28:24:
         7e:84:1f:f1:76:d2:ee:7a:49:7e:49:9a:27:9d:72:f1:a8:f2:
         50:ff:bf:6f:ea:87:59:84:20:a2:41:00:0b:ca:31:6c:8d:8d:
         49:bb:35:e1:7e:5a:02:ba:af:a7:da:e2:a7:d0:ec:95:3c:df:
         05:ba:f3:a1:f6:8c:0d:9c:51:18:7b:ea:f3:51:22:7b:c2:7a:
         e2:b1:ba:63:d2:4c:8b:1c:ba:11:0e:cb:e3:73:33:6f:04:b8:
         45:5d:03:aa:2d:38:03:7f:4a:e4:68:7f:75:bb:69:02:2d:1b:
         4c:b6:71:32:8b:be:1b:af:86:38:07:82:2b:8d:2b:3c:e8:1f:
         72:43:1a:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBgPZdBGzMcv2h9UGCffBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NTY2N2IxNWNiYTdjYWE3NDE1Mjc0ODQ0NzM4NGZiZTAz
Yjg5M2EwHhcNMjUxMTA0MDQwMDMxWhcNMjUxMTA1MDQwMDMxWjAzMTEwLwYDVQQD
Eyg1MmJhZmY1MzZhMzMzOTg2MTRjNzVmNzZjMjYwYWMxYzA4YjI3YmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxekdJ4ZsmcacqO2DJzRmhBPx6Fag
wdfoaK/VNN2/fINEeOsm7jfmFBYCTjuw9d+KiLDkesjuMKnAc0mfKpR83DJpCbkW
Y07oqpCKYqFCxaO6ziBfK+96/0plDs/Ey3Par65vECqtbEOI8IujXjoLxZTIL0kI
XHyQBG2L6PZ/YRg7RfRi5Vdu9M1gxT+KL6lpEVvYhEMA5no3OHQGkshU3ECDCIrm
g26AvksjS7YqjT8y3TOigmQ2T+NHpXIgS+KADhQ/IXBZAXz2VXd6CZKUWlpkurX5
rY32cOzT/KQKAJ8i6ndS9prVTrKFeKh9IGLbx8Xz4nBKj9XO/HOnyCbwCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFK6/1NqMzmGFMdfdsJgrBwIsnvAMB8GA1UdIwQY
MBaAFLlWZ7FcunyqdBUnSERzhPvgO4k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEt
NzQ0ZGNkMDE0ZmE0LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEtNzQ0ZGNkMDE0ZmE0
LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKwmfaC9e
W1nmOgW3nJvqwIw7jcxv1/L7YCeqIUuPJbM4bf42SLrJuXOonvZqIAqTcPUk50gC
a2xXbFLWSi1m2JHJUw2iPdu3MCJzs3vyetivtI5BwyTT7IC40ULAyZYQwiBTLYCA
A4snRuNMnE1CbfgcQNMQkuu5ZjWo0SgkfoQf8XbS7npJfkmaJ51y8ajyUP+/b+qH
WYQgokEAC8oxbI2NSbs14X5aArqvp9rip9DslTzfBbrzofaMDZxRGHvq81Eie8J6
4rG6Y9JMixy6EQ7L43MzbwS4RV0Dqi04A39K5Gh/dbtpAi0bTLZxMou+G6+GOAeC
K40rPOgfckMa9w==
-----END CERTIFICATE-----