Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
File:                     U1zc9HjqgOsXXEwwd-efy3DF0jA.mft (raw, json)
Hash identifier:          8I2w/f0YavgkPfqijlNWWwxUxpinG2wIxvagR3+mT3w=
Subject key identifier:   39:36:1E:B5:8D:8D:DD:51:0D:CF:00:80:E2:60:61:53:57:7B:64:8A
Authority key identifier: 53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30
Certificate issuer:       /CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
Certificate serial:       019A4EF4F3BC23BA5ED00E1135EC3C7A6CE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
Manifest number:          0B64
Signing time:             Tue 04 Nov 2025 13:01:07 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:07 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:07 +0000
Files and hashes:         1: U1zc9HjqgOsXXEwwd-efy3DF0jA.crl (hash: WA3DoClNFOZAr9Si64qJYTHKLJCYFgeYmBMTCezIJt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:f3:bc:23:ba:5e:d0:0e:11:35:ec:3c:7a:6c:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
        Validity
            Not Before: Nov  4 13:01:07 2025 GMT
            Not After : Nov  5 13:01:07 2025 GMT
        Subject: CN=39361eb58d8ddd510dcf0080e2606153577b648a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:81:bd:da:66:4b:cb:9e:37:64:ad:6e:bb:bc:
                    14:6f:04:47:44:08:35:6b:16:a7:19:7d:ed:ae:bb:
                    ff:b7:b1:e9:71:67:68:0e:0c:17:26:39:47:93:aa:
                    a9:72:9a:86:b2:b2:67:e6:f6:fc:58:74:fa:4e:c5:
                    20:42:fd:e2:2e:ec:a2:90:2b:7a:45:7a:42:aa:c9:
                    0f:23:83:f8:53:b8:14:b0:0f:06:8f:cf:56:b5:38:
                    7a:f8:ae:67:44:e6:32:d2:d4:b4:a1:2c:a8:e2:f8:
                    76:d0:0f:ac:9c:fe:db:dc:0e:31:4e:7c:f1:8e:6e:
                    c5:f4:86:bb:db:09:2f:3d:c9:6a:47:79:52:c9:45:
                    87:a1:26:98:f2:4b:1a:33:a9:e9:d5:d1:55:ac:6b:
                    41:96:f5:8b:1c:88:f5:87:22:6e:87:ce:45:73:bb:
                    63:c7:34:38:42:e7:a3:e4:05:5a:66:05:87:41:5f:
                    e3:02:3d:f5:36:9f:26:13:d7:4e:0f:6f:0b:36:29:
                    82:35:41:36:9f:09:ae:bc:91:be:8c:10:00:de:e6:
                    e8:03:45:c6:28:11:52:8b:98:66:8d:0f:f0:14:f4:
                    a0:a8:0f:69:94:b2:1b:ae:c3:97:5d:7e:89:a2:72:
                    0a:69:42:f2:75:15:65:b3:eb:03:3c:84:58:44:f4:
                    86:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:36:1E:B5:8D:8D:DD:51:0D:CF:00:80:E2:60:61:53:57:7B:64:8A
            X509v3 Authority Key Identifier:
                keyid:53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:1f:40:71:3d:19:03:aa:90:b5:df:ba:f1:53:0e:c4:58:8e:
         3c:7a:1c:9c:2a:04:20:59:52:c9:f5:79:0a:b6:32:bc:ef:b9:
         0a:1c:4e:1a:8a:de:ad:b2:b7:80:b0:ba:2d:b7:b5:c6:80:d1:
         61:8f:f5:7d:3c:3d:15:2a:55:fa:ec:08:a7:94:7e:c8:27:dd:
         37:66:6e:a5:86:85:33:9c:0d:08:48:13:ae:56:54:5b:77:96:
         40:b7:04:24:06:fc:82:67:40:a6:40:04:ce:a1:0b:de:ad:de:
         67:15:b6:33:55:6f:16:24:10:c8:fe:12:ee:47:a5:f2:cb:e5:
         cf:03:58:31:5c:87:b4:6f:0f:6f:bc:59:03:42:fa:cf:93:e3:
         9c:e9:aa:6c:8d:a2:bf:c8:0f:99:db:ad:33:88:0c:bb:1a:a5:
         6e:38:4c:aa:f3:18:6e:4f:fc:4d:3c:03:d2:ed:f7:11:1b:2a:
         7a:a6:41:47:27:7f:60:be:13:86:bd:d2:6f:61:98:8f:af:f0:
         1f:c5:61:7a:94:d9:1c:50:5b:e7:fa:41:5c:b3:d3:59:48:98:
         c1:6d:81:b8:9a:7d:0d:7e:af:bc:ce:cf:01:46:82:f0:ff:e9:
         e5:6e:41:23:55:35:8b:ab:5f:c2:90:17:9a:af:24:c4:57:c1:
         03:da:f1:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9PO8I7pe0A4RNew8emzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWNkY2Y0NzhlYTgwZWIxNzVjNGMzMDc3ZTc5ZmNiNzBj
NWQyMzAwHhcNMjUxMTA0MTMwMTA3WhcNMjUxMTA1MTMwMTA3WjAzMTEwLwYDVQQD
EygzOTM2MWViNThkOGRkZDUxMGRjZjAwODBlMjYwNjE1MzU3N2I2NDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYG92mZLy543ZK1uu7wUbwRHRAg1
axanGX3trrv/t7HpcWdoDgwXJjlHk6qpcpqGsrJn5vb8WHT6TsUgQv3iLuyikCt6
RXpCqskPI4P4U7gUsA8Gj89WtTh6+K5nROYy0tS0oSyo4vh20A+snP7b3A4xTnzx
jm7F9Ia72wkvPclqR3lSyUWHoSaY8ksaM6np1dFVrGtBlvWLHIj1hyJuh85Fc7tj
xzQ4Quej5AVaZgWHQV/jAj31Np8mE9dOD28LNimCNUE2nwmuvJG+jBAA3uboA0XG
KBFSi5hmjQ/wFPSgqA9plLIbrsOXXX6JonIKaULydRVls+sDPIRYRPSGMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDk2HrWNjd1RDc8AgOJgYVNXe2SKMB8GA1UdIwQY
MBaAFFNc3PR46oDrF1xMMHfnn8twxdIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAt
OTg5ZjUzYjJjYWUwLzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAtOTg5ZjUzYjJjYWUw
LzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZR9AcT0Z
A6qQtd+68VMOxFiOPHocnCoEIFlSyfV5CrYyvO+5ChxOGorerbK3gLC6Lbe1xoDR
YY/1fTw9FSpV+uwIp5R+yCfdN2ZupYaFM5wNCEgTrlZUW3eWQLcEJAb8gmdApkAE
zqEL3q3eZxW2M1VvFiQQyP4S7kel8svlzwNYMVyHtG8Pb7xZA0L6z5PjnOmqbI2i
v8gPmdutM4gMuxqlbjhMqvMYbk/8TTwD0u33ERsqeqZBRyd/YL4Thr3Sb2GYj6/w
H8VhepTZHFBb5/pBXLPTWUiYwW2BuJp9DX6vvM7PAUaC8P/p5W5BI1U1i6tfwpAX
mq8kxFfBA9rxFQ==
-----END CERTIFICATE-----