Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
File:                     U3YJ5EhhINufF7bT10v4VfJxV18.mft (raw, json)
Hash identifier:          mj3dS6C/3XQyUnmMlS3eFVP9RXWgdJlAaMWsF7k+qE4=
Subject key identifier:   68:CB:54:39:1A:98:8D:83:5E:D2:A8:5E:9D:D4:24:27:B4:7C:2A:95
Authority key identifier: 53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F
Certificate issuer:       /CN=537609e4486120db9f17b6d3d74bf855f271575f
Certificate serial:       019A52D152800FFA6A79476DBE84E2F9895A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
Manifest number:          0D8D
Signing time:             Wed 05 Nov 2025 07:00:41 +0000
Manifest this update:     Wed 05 Nov 2025 07:00:41 +0000
Manifest next update:     Thu 06 Nov 2025 07:00:41 +0000
Files and hashes:         1: U3YJ5EhhINufF7bT10v4VfJxV18.crl (hash: pDfN6hVp8MobEOqCdRxBNAUnJs0fvUaNsLXSEj3MLaU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:52:80:0f:fa:6a:79:47:6d:be:84:e2:f9:89:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537609e4486120db9f17b6d3d74bf855f271575f
        Validity
            Not Before: Nov  5 07:00:41 2025 GMT
            Not After : Nov  6 07:00:41 2025 GMT
        Subject: CN=68cb54391a988d835ed2a85e9dd42427b47c2a95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c3:f1:ba:0e:21:0a:76:63:81:c4:6c:82:08:
                    95:e3:f7:ea:f8:0e:2f:13:09:d4:a0:37:14:e6:51:
                    d9:a4:df:1f:9c:a0:7e:ab:55:d5:17:ee:b9:0a:60:
                    ba:a9:35:d6:d6:dd:41:cd:33:9d:f2:2b:34:b0:f7:
                    d9:d3:13:25:f5:e6:a5:24:99:c5:07:ee:05:c1:74:
                    e8:f5:bc:ac:f2:9c:cb:1a:d0:57:c5:e6:b7:d1:82:
                    a2:19:50:4f:09:4e:d5:a1:8a:98:54:15:07:b2:a4:
                    85:f5:62:9c:68:ba:b0:19:8f:7a:87:f2:6f:32:2e:
                    3e:91:11:21:35:67:bf:0b:ca:f6:a7:3b:ec:de:96:
                    47:72:6f:e7:b3:fd:fd:49:31:1c:68:95:c8:ac:6b:
                    76:0b:03:75:9a:76:40:bd:0c:af:65:d2:4e:84:b7:
                    29:03:e4:1e:df:30:81:c4:58:8a:b5:72:7a:55:d9:
                    16:c9:fd:03:c8:c3:22:eb:47:db:ed:27:d9:d3:2d:
                    26:77:e1:aa:2f:56:a1:ae:3c:20:c4:05:48:dd:ec:
                    7d:4f:6e:f3:92:a4:e2:1e:01:5f:32:90:01:a6:f2:
                    2c:9f:78:f3:ce:b5:09:7e:8f:b9:bc:1a:3e:6b:e2:
                    f1:f1:d1:ae:54:55:1b:25:87:f2:42:92:2e:c1:de:
                    55:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:CB:54:39:1A:98:8D:83:5E:D2:A8:5E:9D:D4:24:27:B4:7C:2A:95
            X509v3 Authority Key Identifier:
                keyid:53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:2d:95:6e:69:b8:df:9c:ff:9e:56:6d:83:3f:ee:75:c9:a3:
         2c:f1:98:d8:61:f6:df:eb:1b:87:c1:57:75:24:0e:bc:88:b8:
         3b:23:7e:6f:12:91:e1:b8:41:81:2a:15:4f:b6:c3:5e:bb:1b:
         d6:61:f8:c0:84:19:92:4a:c8:bb:62:a0:cf:6c:ca:c3:74:9e:
         83:98:f7:32:24:ad:3e:af:7c:30:72:ed:f5:38:c5:a1:ba:2a:
         88:31:f9:83:90:9b:53:a1:0e:05:38:1a:c7:61:a3:df:fb:bb:
         ba:2a:9e:1e:d1:f3:a1:ef:22:97:5d:a9:f6:47:e9:79:ab:6f:
         ba:e3:33:84:81:d8:f5:0f:eb:8b:64:a9:2c:4a:6a:a5:59:56:
         51:89:ef:38:53:39:e5:8f:17:8e:5f:79:81:e7:3e:90:f4:b0:
         8e:22:98:a2:5f:40:79:09:5b:63:90:26:7b:c8:19:0c:e2:6e:
         c2:80:a0:44:d5:ff:2c:6d:3d:61:34:cd:ef:55:6a:08:5c:14:
         07:f0:b3:23:ff:bf:af:ad:4d:eb:e5:7c:f4:cd:dc:a9:b7:d1:
         6c:05:47:d3:3a:43:b0:09:d1:1c:df:cb:5c:b1:b2:b8:d8:5c:
         f1:8a:a4:51:87:3a:13:f9:d8:12:bb:2d:ed:33:bf:24:ae:a5:
         b3:45:4f:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0VKAD/pqeUdtvoTi+YlaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzYwOWU0NDg2MTIwZGI5ZjE3YjZkM2Q3NGJmODU1ZjI3
MTU3NWYwHhcNMjUxMTA1MDcwMDQxWhcNMjUxMTA2MDcwMDQxWjAzMTEwLwYDVQQD
Eyg2OGNiNTQzOTFhOTg4ZDgzNWVkMmE4NWU5ZGQ0MjQyN2I0N2MyYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsPxug4hCnZjgcRsggiV4/fq+A4v
EwnUoDcU5lHZpN8fnKB+q1XVF+65CmC6qTXW1t1BzTOd8is0sPfZ0xMl9ealJJnF
B+4FwXTo9bys8pzLGtBXxea30YKiGVBPCU7VoYqYVBUHsqSF9WKcaLqwGY96h/Jv
Mi4+kREhNWe/C8r2pzvs3pZHcm/ns/39STEcaJXIrGt2CwN1mnZAvQyvZdJOhLcp
A+Qe3zCBxFiKtXJ6VdkWyf0DyMMi60fb7SfZ0y0md+GqL1ahrjwgxAVI3ex9T27z
kqTiHgFfMpABpvIsn3jzzrUJfo+5vBo+a+Lx8dGuVFUbJYfyQpIuwd5V0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjLVDkamI2DXtKoXp3UJCe0fCqVMB8GA1UdIwQY
MBaAFFN2CeRIYSDbnxe209dL+FXycVdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYt
ZDRkNDRiZDkxYWZlLzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYtZDRkNDRiZDkxYWZl
LzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlS2Vbmm4
35z/nlZtgz/udcmjLPGY2GH23+sbh8FXdSQOvIi4OyN+bxKR4bhBgSoVT7bDXrsb
1mH4wIQZkkrIu2Kgz2zKw3Seg5j3MiStPq98MHLt9TjFoboqiDH5g5CbU6EOBTga
x2Gj3/u7uiqeHtHzoe8il12p9kfpeatvuuMzhIHY9Q/ri2SpLEpqpVlWUYnvOFM5
5Y8Xjl95gec+kPSwjiKYol9AeQlbY5Ame8gZDOJuwoCgRNX/LG09YTTN71VqCFwU
B/CzI/+/r61N6+V89M3cqbfRbAVH0zpDsAnRHN/LXLGyuNhc8YqkUYc6E/nYErst
7TO/JK6ls0VP5w==
-----END CERTIFICATE-----