Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          huEoH72h+Dq36GNItx5E3COJ/inRDI1iRgHkGSwHMto=
Subject key identifier:   AF:75:90:D1:BB:BD:77:EE:D2:50:21:C1:1D:D8:49:AF:1E:E9:BE:88
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       01988A33484949C28E0302B401A101305577
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          034F
Signing time:             Fri 08 Aug 2025 15:01:13 +0000
Manifest this update:     Fri 08 Aug 2025 15:01:13 +0000
Manifest next update:     Sat 09 Aug 2025 15:01:13 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: 7cVSbpUakdu9cH/Qo2NOxgUGdqekkvhJOQ2MU4nJmp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 15:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8a:33:48:49:49:c2:8e:03:02:b4:01:a1:01:30:55:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Aug  8 15:01:13 2025 GMT
            Not After : Aug  9 15:01:13 2025 GMT
        Subject: CN=af7590d1bbbd77eed25021c11dd849af1ee9be88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:27:ef:f2:f7:89:32:a6:51:e5:2b:c8:0c:bd:
                    79:83:1c:c5:bd:da:d9:49:15:92:55:5c:10:a4:46:
                    f9:c1:51:d0:cf:16:35:f0:95:7f:ef:bc:7a:03:bc:
                    20:a4:e8:4c:a1:d7:de:09:0a:d0:71:ec:7b:a0:4e:
                    a3:ba:b1:3d:8c:ad:03:e9:46:02:eb:2d:4b:eb:88:
                    1a:25:66:09:d1:83:69:0f:da:9a:f1:17:b0:1d:be:
                    86:9c:bc:ac:2e:03:34:a7:da:74:d4:d8:00:76:37:
                    d1:66:b7:f1:ba:98:c7:47:e8:d0:db:c7:24:a3:dd:
                    3d:7a:f6:98:35:1e:90:6c:56:c9:fd:60:f3:f4:0c:
                    4e:b0:70:d8:eb:5e:7c:cc:10:b5:a5:b0:2e:25:76:
                    e1:48:79:36:d7:08:b7:98:4c:21:da:f6:ab:74:2f:
                    96:41:37:8f:ee:98:e0:4b:8f:99:fe:df:96:29:e5:
                    85:f3:a1:7c:2f:70:e2:aa:f2:e4:61:2c:69:58:a5:
                    b4:5b:00:84:2d:40:14:1e:57:e8:00:bd:5a:d5:ba:
                    b7:d7:ee:15:9b:e4:2e:2c:05:a5:dc:e8:e4:a2:8a:
                    72:62:f9:5d:dd:33:52:67:ad:6b:82:85:7f:de:87:
                    e7:51:e9:bf:20:4f:2f:f6:ec:00:56:38:28:b5:5d:
                    83:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:75:90:D1:BB:BD:77:EE:D2:50:21:C1:1D:D8:49:AF:1E:E9:BE:88
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:b2:25:c7:6c:12:56:fe:23:60:41:fd:ed:d4:94:10:c9:28:
         75:05:f9:a8:93:e7:e2:aa:d2:61:aa:da:68:79:d4:1a:9b:6c:
         77:fe:83:d7:ba:5a:a0:e0:0b:b6:87:e6:ad:63:4c:fa:84:9e:
         81:1d:77:52:fc:c8:10:a1:f6:59:18:60:89:be:44:7b:eb:93:
         05:4b:c1:08:e1:36:70:16:02:b7:0e:ca:f8:8b:13:96:24:9a:
         a8:c1:a4:64:40:14:cb:3d:b0:88:77:a4:ec:16:9b:0f:bf:ac:
         d6:42:5d:74:79:87:cb:9e:04:ef:26:0a:74:61:d5:20:32:98:
         0d:a7:e7:58:53:dc:71:cb:df:b6:c7:dd:de:2b:e2:62:45:1e:
         15:e3:0f:d1:fb:ec:79:a8:1f:45:65:45:e2:17:fe:27:62:6a:
         ad:79:8e:8f:04:e9:0c:a6:1d:97:ac:25:4c:b9:97:4c:14:77:
         71:dc:68:a2:ff:82:5e:56:07:7d:5e:3d:19:80:35:42:16:b1:
         03:c4:40:db:d0:a4:6c:40:6c:7c:f5:a4:89:98:5d:d4:40:82:
         36:9c:f2:31:2f:76:2d:21:7c:f6:1a:a9:fc:ab:20:46:49:57:
         a3:ad:70:6e:09:8e:12:34:d0:b8:1c:4c:17:74:f3:a1:58:ed:
         e3:94:b9:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiKM0hJScKOAwK0AaEBMFV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjUwODA4MTUwMTEzWhcNMjUwODA5MTUwMTEzWjAzMTEwLwYDVQQD
EyhhZjc1OTBkMWJiYmQ3N2VlZDI1MDIxYzExZGQ4NDlhZjFlZTliZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyfv8veJMqZR5SvIDL15gxzFvdrZ
SRWSVVwQpEb5wVHQzxY18JV/77x6A7wgpOhModfeCQrQcex7oE6jurE9jK0D6UYC
6y1L64gaJWYJ0YNpD9qa8RewHb6GnLysLgM0p9p01NgAdjfRZrfxupjHR+jQ28ck
o909evaYNR6QbFbJ/WDz9AxOsHDY6158zBC1pbAuJXbhSHk21wi3mEwh2vardC+W
QTeP7pjgS4+Z/t+WKeWF86F8L3DiqvLkYSxpWKW0WwCELUAUHlfoAL1a1bq31+4V
m+QuLAWl3OjkoopyYvld3TNSZ61rgoV/3ofnUem/IE8v9uwAVjgotV2D9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK91kNG7vXfu0lAhwR3YSa8e6b6IMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLIlx2wS
Vv4jYEH97dSUEMkodQX5qJPn4qrSYaraaHnUGptsd/6D17paoOALtofmrWNM+oSe
gR13UvzIEKH2WRhgib5Ee+uTBUvBCOE2cBYCtw7K+IsTliSaqMGkZEAUyz2wiHek
7BabD7+s1kJddHmHy54E7yYKdGHVIDKYDafnWFPcccvftsfd3iviYkUeFeMP0fvs
eagfRWVF4hf+J2JqrXmOjwTpDKYdl6wlTLmXTBR3cdxoov+CXlYHfV49GYA1Qhax
A8RA29CkbEBsfPWkiZhd1ECCNpzyMS92LSF89hqp/KsgRklXo61wbgmOEjTQuBxM
F3TzoVjt45S5pA==
-----END CERTIFICATE-----