Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft
File:                     U5UGCcqN1_bG-jzsrHeUIexsAQA.mft (raw, json)
Hash identifier:          S78YFfnRjuj2Q65ArKm2qsE7WgNJa6BL4BDnCzWZADE=
Subject key identifier:   B9:F1:34:98:C1:53:DA:20:C3:9D:D1:B2:2F:D0:BB:6C:5F:43:5E:17
Authority key identifier: 53:95:06:09:CA:8D:D7:F6:C6:FA:3C:EC:AC:77:94:21:EC:6C:01:00
Certificate issuer:       /CN=53950609ca8dd7f6c6fa3cecac779421ec6c0100
Certificate serial:       019A52636D452AE1E5D3C6F5255D9FAEA9B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U5UGCcqN1_bG-jzsrHeUIexsAQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft
Manifest number:          05D0
Signing time:             Wed 05 Nov 2025 05:00:38 +0000
Manifest this update:     Wed 05 Nov 2025 05:00:38 +0000
Manifest next update:     Thu 06 Nov 2025 05:00:38 +0000
Files and hashes:         1: U5UGCcqN1_bG-jzsrHeUIexsAQA.crl (hash: rS3+OYTKhjDUNCcoix1uPF9nr8CHRezzBo32oX5Dbvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U5UGCcqN1_bG-jzsrHeUIexsAQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:63:6d:45:2a:e1:e5:d3:c6:f5:25:5d:9f:ae:a9:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53950609ca8dd7f6c6fa3cecac779421ec6c0100
        Validity
            Not Before: Nov  5 05:00:38 2025 GMT
            Not After : Nov  6 05:00:38 2025 GMT
        Subject: CN=b9f13498c153da20c39dd1b22fd0bb6c5f435e17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f0:7c:48:2f:8a:74:ba:60:fc:60:bc:f2:7a:
                    7b:70:f8:a3:9b:c1:fb:1b:30:5c:50:e0:2c:21:9f:
                    2f:d3:02:ac:1a:be:09:18:12:c4:fb:4a:22:bd:96:
                    bb:49:06:5e:87:a8:eb:e5:00:2a:a7:37:fd:7e:c5:
                    5f:e6:8a:3b:86:b8:8f:99:49:f7:eb:a2:38:87:2f:
                    22:78:0c:63:1f:ea:2b:61:b6:3c:32:f8:d4:77:d6:
                    fb:72:46:5c:27:29:c5:04:da:cf:bf:fb:91:46:a7:
                    b8:02:8a:9b:c5:4c:27:62:90:da:d6:3b:15:ee:6a:
                    2c:86:f1:e1:dc:1e:7a:16:6b:a0:7d:87:c4:5e:11:
                    9c:98:bb:55:b9:64:f0:15:00:88:06:e6:e3:a4:74:
                    08:01:6b:32:9e:ef:aa:e9:4f:10:79:c0:b0:b4:1d:
                    e8:a0:44:cc:7d:f8:25:27:58:91:94:41:de:3f:82:
                    c3:f9:ba:d2:97:6c:39:ce:06:8a:05:74:b2:9b:a0:
                    a3:ec:ea:50:18:30:e2:6c:6f:4b:56:e9:9c:3f:95:
                    3d:e2:f2:8b:09:b5:b3:36:5e:c5:fc:3b:27:04:6c:
                    48:f9:8c:c0:65:c5:a3:bf:2c:5a:cf:06:5a:3d:c3:
                    07:d5:aa:46:36:32:c0:b7:8e:30:c5:0e:1d:72:a6:
                    db:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F1:34:98:C1:53:DA:20:C3:9D:D1:B2:2F:D0:BB:6C:5F:43:5E:17
            X509v3 Authority Key Identifier:
                keyid:53:95:06:09:CA:8D:D7:F6:C6:FA:3C:EC:AC:77:94:21:EC:6C:01:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U5UGCcqN1_bG-jzsrHeUIexsAQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:aa:bf:70:b7:55:f7:6f:ac:1b:d0:e9:23:87:ad:06:9c:65:
         8f:b8:74:95:1f:40:5d:da:33:1c:cf:e1:61:05:66:18:34:61:
         ed:bc:a8:22:cb:7e:ad:8b:4e:be:c2:6e:05:45:3a:a4:8c:08:
         c6:07:90:e7:18:e8:2a:8f:d2:ef:93:7f:2d:d6:53:02:9d:d2:
         8b:59:97:6a:e8:97:cc:49:6e:46:a8:6a:ce:a1:4a:a7:24:3c:
         c6:6a:7f:d4:1c:27:d4:87:fb:24:5d:ea:0d:63:0c:64:a5:cd:
         89:df:83:70:0c:82:d2:df:b4:f8:c1:4a:e1:6f:35:3a:2f:87:
         22:13:c7:b4:23:dc:c4:87:af:d0:d8:87:20:20:bd:be:ec:d2:
         76:bd:14:8c:45:72:29:e6:5a:30:aa:c3:02:f9:cb:15:41:29:
         98:af:e2:67:98:6a:df:b6:6c:d7:c1:f6:0c:26:0d:d7:5f:de:
         8b:53:2e:89:24:2b:ad:4f:5f:c4:f4:c1:e5:4c:24:bb:cc:d4:
         09:7e:92:ff:be:78:73:70:49:44:36:6f:45:29:bc:7f:53:5e:
         bf:bc:34:d9:ca:97:2a:99:4f:76:fb:cc:1a:76:c9:53:a5:cd:
         28:70:d1:da:7f:10:3f:d4:f3:db:54:e5:23:f6:65:04:b2:bf:
         15:97:17:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSY21FKuHl08b1JV2frqm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOTUwNjA5Y2E4ZGQ3ZjZjNmZhM2NlY2FjNzc5NDIxZWM2
YzAxMDAwHhcNMjUxMTA1MDUwMDM4WhcNMjUxMTA2MDUwMDM4WjAzMTEwLwYDVQQD
EyhiOWYxMzQ5OGMxNTNkYTIwYzM5ZGQxYjIyZmQwYmI2YzVmNDM1ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/B8SC+KdLpg/GC88np7cPijm8H7
GzBcUOAsIZ8v0wKsGr4JGBLE+0oivZa7SQZeh6jr5QAqpzf9fsVf5oo7hriPmUn3
66I4hy8ieAxjH+orYbY8MvjUd9b7ckZcJynFBNrPv/uRRqe4AoqbxUwnYpDa1jsV
7moshvHh3B56FmugfYfEXhGcmLtVuWTwFQCIBubjpHQIAWsynu+q6U8QecCwtB3o
oETMffglJ1iRlEHeP4LD+brSl2w5zgaKBXSym6Cj7OpQGDDibG9LVumcP5U94vKL
CbWzNl7F/DsnBGxI+YzAZcWjvyxazwZaPcMH1apGNjLAt44wxQ4dcqbbGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnxNJjBU9ogw53Rsi/Qu2xfQ14XMB8GA1UdIwQY
MBaAFFOVBgnKjdf2xvo87Kx3lCHsbAEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTVVR0NjcU4xX2JHLWp6c3JIZVVJZXhzQVFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84NzZhNjUtYmY1NC00NjUyLTg5NzAt
ODAxY2Y0ZmVjNzRlLzEvVTVVR0NjcU4xX2JHLWp6c3JIZVVJZXhzQVFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84NzZhNjUtYmY1NC00NjUyLTg5NzAtODAxY2Y0ZmVjNzRl
LzEvVTVVR0NjcU4xX2JHLWp6c3JIZVVJZXhzQVFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATaq/cLdV
92+sG9DpI4etBpxlj7h0lR9AXdozHM/hYQVmGDRh7byoIst+rYtOvsJuBUU6pIwI
xgeQ5xjoKo/S75N/LdZTAp3Si1mXauiXzEluRqhqzqFKpyQ8xmp/1Bwn1If7JF3q
DWMMZKXNid+DcAyC0t+0+MFK4W81Oi+HIhPHtCPcxIev0NiHICC9vuzSdr0UjEVy
KeZaMKrDAvnLFUEpmK/iZ5hq37Zs18H2DCYN11/ei1MuiSQrrU9fxPTB5Uwku8zU
CX6S/754c3BJRDZvRSm8f1Nev7w02cqXKplPdvvMGnbJU6XNKHDR2n8QP9Tz21Tl
I/ZlBLK/FZcXXg==
-----END CERTIFICATE-----