Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft
File:                     U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft (raw, json)
Hash identifier:          lRApbjD5e6yxncbrgaicqmPvNZFLKcIv/7Z4CBKn00Y=
Subject key identifier:   B7:ED:CA:5F:E2:5E:81:82:D5:F1:2F:58:C7:EE:0D:CD:B7:4F:9F:4F
Authority key identifier: 53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1
Certificate issuer:       /CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1
Certificate serial:       019892236F9D8F18ACB1BD9E943E501530D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft
Manifest number:          1624
Signing time:             Sun 10 Aug 2025 04:00:52 +0000
Manifest this update:     Sun 10 Aug 2025 04:00:52 +0000
Manifest next update:     Mon 11 Aug 2025 04:00:52 +0000
Files and hashes:         1: U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl (hash: kpDWzXS6sxe164bAmal9GBCmkmLgpOTTrHN5mSur1VY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 04:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:23:6f:9d:8f:18:ac:b1:bd:9e:94:3e:50:15:30:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1
        Validity
            Not Before: Aug 10 04:00:52 2025 GMT
            Not After : Aug 11 04:00:52 2025 GMT
        Subject: CN=b7edca5fe25e8182d5f12f58c7ee0dcdb74f9f4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:0a:f2:a8:71:19:25:de:dc:58:77:81:3f:84:
                    f9:81:ec:b5:71:db:ce:b0:78:9c:a1:76:04:04:2f:
                    3e:b4:54:bd:7a:17:39:c7:5f:a4:ce:50:8d:d0:82:
                    e7:94:43:6f:f7:a3:69:93:74:1f:9e:d1:0b:93:a1:
                    98:3f:60:f9:10:14:b3:bf:b1:70:35:ea:7d:69:32:
                    e5:5a:2f:f1:31:a4:58:24:25:d9:d9:cd:44:f0:7d:
                    41:78:a7:c3:b2:ad:cd:a1:25:e2:e2:02:0d:81:03:
                    24:c4:47:1c:15:b7:43:76:44:35:15:7e:99:00:49:
                    fd:ac:a8:80:94:e8:81:8b:e0:74:34:8c:1a:ec:f3:
                    c1:03:30:68:73:8b:ca:8e:19:a0:f8:b6:5a:b0:5c:
                    3d:df:fc:18:b0:1b:f4:62:87:4f:cc:cc:8a:5a:a3:
                    f7:2e:44:ba:50:42:3d:f7:32:c9:08:b5:79:97:96:
                    d4:5c:94:22:70:7c:a6:6b:90:90:1a:45:bf:54:e7:
                    b1:4e:cd:cb:90:93:81:c2:2f:76:31:9e:e6:33:35:
                    24:2c:42:53:be:02:fc:73:36:71:ef:26:13:b2:bf:
                    69:d6:d4:a5:9f:d9:ee:2a:e6:6b:01:fd:bb:29:0a:
                    5b:b0:77:b7:e2:f2:51:08:f2:a8:8c:c6:89:e3:d6:
                    0c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:ED:CA:5F:E2:5E:81:82:D5:F1:2F:58:C7:EE:0D:CD:B7:4F:9F:4F
            X509v3 Authority Key Identifier:
                keyid:53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:ad:31:b2:09:08:d5:0a:df:b0:bd:d4:79:d5:22:12:c0:cd:
         a3:53:35:a9:3b:de:67:0f:10:be:b5:b7:7d:8b:7d:b8:6a:19:
         fe:9d:f5:d8:85:55:01:4f:40:76:1e:ba:e2:5d:ee:33:11:bb:
         1f:a9:36:a7:ab:19:48:32:b5:08:b0:fd:82:b7:b5:46:58:09:
         98:a1:1d:6f:4d:c1:e0:93:2b:78:a8:26:53:0d:4a:0b:b8:ce:
         9f:37:a8:7a:64:1e:c9:73:4c:27:c3:91:a5:88:cd:ae:13:07:
         5b:4e:95:ac:36:0e:a8:a9:2d:15:c6:b6:80:c4:c4:9f:7b:8b:
         4d:5d:26:01:1d:a0:11:58:c4:1d:47:93:29:c1:38:fd:18:63:
         d0:de:7e:73:79:01:ad:52:9c:ff:d0:69:a1:5b:f0:8a:d0:10:
         0a:8d:ca:9f:4b:71:d4:44:00:5e:01:d7:bd:7c:04:02:9b:dd:
         84:c3:11:66:92:e1:20:0c:f4:d5:31:16:a3:a4:87:f1:5c:d0:
         a4:67:ba:79:f1:d0:0e:c4:7a:37:bc:2d:d0:ba:b2:be:cd:5c:
         39:5e:74:e8:df:b1:28:11:de:bb:ba:65:c7:4f:49:18:c4:f9:
         b6:09:fd:56:2e:75:c9:0c:39:0f:73:d8:41:66:02:98:5b:33:
         ca:50:a9:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSI2+djxissb2elD5QFTDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNjU4M2RlODM2ZmNjMjhlNzBiZjY2ZWFkYjhkMzhmM2Y2
NGY0ZTEwHhcNMjUwODEwMDQwMDUyWhcNMjUwODExMDQwMDUyWjAzMTEwLwYDVQQD
EyhiN2VkY2E1ZmUyNWU4MTgyZDVmMTJmNThjN2VlMGRjZGI3NGY5ZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wryqHEZJd7cWHeBP4T5gey1cdvO
sHicoXYEBC8+tFS9ehc5x1+kzlCN0ILnlENv96Npk3QfntELk6GYP2D5EBSzv7Fw
Nep9aTLlWi/xMaRYJCXZ2c1E8H1BeKfDsq3NoSXi4gINgQMkxEccFbdDdkQ1FX6Z
AEn9rKiAlOiBi+B0NIwa7PPBAzBoc4vKjhmg+LZasFw93/wYsBv0YodPzMyKWqP3
LkS6UEI99zLJCLV5l5bUXJQicHyma5CQGkW/VOexTs3LkJOBwi92MZ7mMzUkLEJT
vgL8czZx7yYTsr9p1tSln9nuKuZrAf27KQpbsHe34vJRCPKojMaJ49YM6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLftyl/iXoGC1fEvWMfuDc23T59PMB8GA1UdIwQY
MBaAFFNlg96Db8wo5wv2bq24048/ZPThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2Et
ODJhNjk5MGRmMzhkLzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2EtODJhNjk5MGRmMzhk
LzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc60xsgkI
1QrfsL3UedUiEsDNo1M1qTveZw8QvrW3fYt9uGoZ/p312IVVAU9Adh664l3uMxG7
H6k2p6sZSDK1CLD9gre1RlgJmKEdb03B4JMreKgmUw1KC7jOnzeoemQeyXNMJ8OR
pYjNrhMHW06VrDYOqKktFca2gMTEn3uLTV0mAR2gEVjEHUeTKcE4/Rhj0N5+c3kB
rVKc/9BpoVvwitAQCo3Kn0tx1EQAXgHXvXwEApvdhMMRZpLhIAz01TEWo6SH8VzQ
pGe6efHQDsR6N7wt0Lqyvs1cOV506N+xKBHeu7plx09JGMT5tgn9Vi51yQw5D3PY
QWYCmFszylCpEw==
-----END CERTIFICATE-----