Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
File:                     UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft (raw, json)
Hash identifier:          iTH3qaLQVRRWdyi2usqKClDwnXo1Hk6vp/yi6gfQZ10=
Subject key identifier:   F0:82:11:4F:3B:58:BD:A5:25:3C:BB:F8:33:75:FC:BA:0F:8F:3D:64
Authority key identifier: 52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D
Certificate issuer:       /CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
Certificate serial:       019A4FD063DE1E6E605F21CA2A24FEA2FF48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
Manifest number:          166B
Signing time:             Tue 04 Nov 2025 17:00:48 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:48 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:48 +0000
Files and hashes:         1: UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl (hash: 7+SWooRjU32CqPQNyNn1SSZdO8SKBAx4pCioxawxqKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:d0:63:de:1e:6e:60:5f:21:ca:2a:24:fe:a2:ff:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
        Validity
            Not Before: Nov  4 17:00:48 2025 GMT
            Not After : Nov  5 17:00:48 2025 GMT
        Subject: CN=f082114f3b58bda5253cbbf83375fcba0f8f3d64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b4:06:3f:9f:28:13:24:bb:11:d1:fb:33:2a:
                    71:9c:88:f7:17:c8:b3:27:4a:ef:f7:5a:d9:84:03:
                    78:48:d9:b8:ac:da:27:78:b4:89:b6:e2:7a:7a:93:
                    4f:6c:ed:57:e1:de:a4:a8:e5:81:ac:a0:54:89:0f:
                    18:6e:de:02:b8:43:39:65:1e:5d:2f:cd:c0:e8:8c:
                    ef:d7:8e:39:74:83:3b:0f:73:68:06:69:18:3b:dc:
                    4c:a4:96:a5:a3:fa:7d:08:37:d1:6d:ba:f7:cf:19:
                    9e:53:49:ec:28:db:cb:45:fb:6f:38:e1:36:8a:13:
                    6b:bb:7b:3e:53:d4:aa:37:52:4d:da:22:a0:78:e3:
                    03:67:33:7f:39:42:90:77:b9:6e:77:44:95:b3:0b:
                    01:21:15:a4:5d:e7:a5:c3:27:fd:f7:ad:8d:bd:52:
                    82:c9:6f:4b:42:58:58:4c:3e:0d:17:d8:d7:7c:af:
                    70:b2:7f:31:ec:01:af:94:f6:9b:83:23:40:c7:e3:
                    bc:5b:fa:b9:58:e0:69:9b:fe:71:3e:32:d3:2a:51:
                    ac:9c:b8:81:36:b4:a3:30:44:d9:8e:31:80:91:68:
                    46:a8:de:9f:a3:24:f8:1d:bb:ae:be:0f:6a:54:1c:
                    2f:bc:75:ec:85:6d:90:e5:0a:9d:c9:01:18:d5:57:
                    d7:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:82:11:4F:3B:58:BD:A5:25:3C:BB:F8:33:75:FC:BA:0F:8F:3D:64
            X509v3 Authority Key Identifier:
                keyid:52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:ec:4d:48:d7:3b:b7:43:5c:6d:6e:ce:0f:d2:11:3b:d7:f3:
         fe:a1:68:32:42:fe:33:7b:d0:10:d0:09:48:6c:a9:e6:4f:e3:
         56:8f:66:e1:52:88:36:c0:53:22:02:0e:f7:db:fa:c1:a4:f5:
         6d:9a:22:53:f4:ef:36:69:0b:ff:77:22:17:ed:85:73:9a:4a:
         db:5e:fb:9c:fc:4a:87:6e:61:fd:dc:e8:ca:cc:99:c5:4f:44:
         47:0c:d5:23:1b:69:b0:11:96:c7:8b:50:4d:79:d9:af:41:0b:
         1e:b4:07:44:11:b2:af:3f:f7:1f:77:e9:77:33:e0:14:e6:35:
         e0:fb:77:a1:24:30:e1:6e:d0:65:2f:86:3d:12:4c:18:5d:dd:
         4f:dc:91:99:58:73:fd:f1:37:ea:12:cc:07:33:cc:ea:d4:d8:
         86:65:4a:dc:ea:0e:23:58:db:ac:52:0d:b3:ef:8d:71:e3:d4:
         12:dd:ed:99:45:ab:23:86:ca:3d:4d:d3:f3:81:d8:de:3d:39:
         1b:f8:a0:2f:41:95:c4:04:f9:eb:90:25:0d:da:c2:b9:fd:d2:
         03:ed:7f:76:7f:a5:ce:b0:eb:00:7d:c4:b2:97:37:b7:d3:76:
         42:ae:d6:09:6f:40:59:53:a8:39:db:d9:3c:70:89:54:de:9e:
         e7:01:90:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0GPeHm5gXyHKKiT+ov9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjJkM2YyN2NjMDViZTU5MjRiYjdiZDg5MGY3ZTZkZWZm
YjQ5N2QwHhcNMjUxMTA0MTcwMDQ4WhcNMjUxMTA1MTcwMDQ4WjAzMTEwLwYDVQQD
EyhmMDgyMTE0ZjNiNThiZGE1MjUzY2JiZjgzMzc1ZmNiYTBmOGYzZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7QGP58oEyS7EdH7MypxnIj3F8iz
J0rv91rZhAN4SNm4rNoneLSJtuJ6epNPbO1X4d6kqOWBrKBUiQ8Ybt4CuEM5ZR5d
L83A6Izv1445dIM7D3NoBmkYO9xMpJalo/p9CDfRbbr3zxmeU0nsKNvLRftvOOE2
ihNru3s+U9SqN1JN2iKgeOMDZzN/OUKQd7lud0SVswsBIRWkXeelwyf9962NvVKC
yW9LQlhYTD4NF9jXfK9wsn8x7AGvlPabgyNAx+O8W/q5WOBpm/5xPjLTKlGsnLiB
NrSjMETZjjGAkWhGqN6foyT4Hbuuvg9qVBwvvHXshW2Q5QqdyQEY1VfXtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCCEU87WL2lJTy7+DN1/LoPjz1kMB8GA1UdIwQY
MBaAFFJi0/J8wFvlkku3vYkPfm3v+0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2Et
N2FlNTk4N2JlZTYyLzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2EtN2FlNTk4N2JlZTYy
LzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcuxNSNc7
t0NcbW7OD9IRO9fz/qFoMkL+M3vQENAJSGyp5k/jVo9m4VKINsBTIgIO99v6waT1
bZoiU/TvNmkL/3ciF+2Fc5pK2177nPxKh25h/dzoysyZxU9ERwzVIxtpsBGWx4tQ
TXnZr0ELHrQHRBGyrz/3H3fpdzPgFOY14Pt3oSQw4W7QZS+GPRJMGF3dT9yRmVhz
/fE36hLMBzPM6tTYhmVK3OoOI1jbrFINs++NcePUEt3tmUWrI4bKPU3T84HY3j05
G/igL0GVxAT565AlDdrCuf3SA+1/dn+lzrDrAH3Espc3t9N2Qq7WCW9AWVOoOdvZ
PHCJVN6e5wGQZA==
-----END CERTIFICATE-----