Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          H2Y81XRzBmwAAMnyweK9fo7Gi30LI1o2In5jfm5+Kc4=
Subject key identifier:   AD:E0:DF:FB:D4:E3:0A:6D:B2:36:16:C4:CD:59:38:64:2F:F1:09:AF
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       0198816832F4DD21A26B3795714A5BFD1B1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          161B
Signing time:             Wed 06 Aug 2025 22:02:26 +0000
Manifest this update:     Wed 06 Aug 2025 22:02:26 +0000
Manifest next update:     Thu 07 Aug 2025 22:02:26 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: mgKRsoVgxsd9unenFqdPA1TLmRoDw/PxwTu1ts0Q6Zw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:68:32:f4:dd:21:a2:6b:37:95:71:4a:5b:fd:1b:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Aug  6 22:02:26 2025 GMT
            Not After : Aug  7 22:02:26 2025 GMT
        Subject: CN=ade0dffbd4e30a6db23616c4cd5938642ff109af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a6:e2:25:64:a3:a8:c3:54:75:6c:78:92:ab:
                    c5:0e:b0:84:0d:d5:12:94:2f:08:a9:32:7d:fe:2b:
                    88:76:d4:22:98:8d:da:17:97:51:f3:db:0e:53:ac:
                    ec:36:97:1b:38:74:ab:81:9c:c4:b3:cc:41:c5:7f:
                    34:be:c2:86:3c:be:dc:a1:fb:77:e8:24:f9:5b:05:
                    90:f1:e5:ff:21:c2:c1:e4:17:0e:7a:96:ce:fc:d4:
                    f1:68:87:ad:3a:b6:17:5e:8d:e2:26:bc:dd:05:48:
                    bf:f7:96:1f:76:21:dc:93:4d:2e:62:b6:e2:76:72:
                    2c:a1:7c:0e:6c:35:e8:70:fe:a8:9b:0e:e6:7c:70:
                    71:ff:b7:2d:b0:8d:1a:02:98:57:59:2e:fc:16:77:
                    b2:8b:a0:52:e0:db:ab:00:03:6b:2e:90:79:0a:f1:
                    0c:27:65:23:3b:17:2e:6b:96:fd:c1:4f:db:81:63:
                    65:cd:27:74:9a:45:8b:fd:96:2f:ec:b4:58:14:60:
                    3e:2a:e3:55:74:91:21:89:0a:15:33:93:b9:a7:47:
                    ce:32:3d:c8:ff:24:b1:5d:8c:11:7c:0f:83:74:7c:
                    d1:a1:1a:8b:5e:8f:21:c1:48:fe:4a:1f:ca:68:7c:
                    68:88:fd:e1:34:41:4d:82:58:06:40:cd:d0:b6:58:
                    1b:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E0:DF:FB:D4:E3:0A:6D:B2:36:16:C4:CD:59:38:64:2F:F1:09:AF
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:fc:0d:85:4a:c0:57:e2:59:a9:a5:6d:f4:35:f0:79:65:57:
         a6:ac:c7:63:41:2a:c8:85:dc:8e:24:ec:e9:1a:b1:60:ee:8d:
         53:2b:0a:9c:00:1b:ed:29:e4:75:d8:98:5f:17:16:07:59:bb:
         82:a8:9a:60:46:91:49:f3:03:af:fa:1f:60:00:86:43:d0:78:
         ed:35:2d:9b:f6:e5:76:10:1c:fa:c1:cf:a3:a0:34:f3:6c:de:
         75:12:82:65:41:d6:9a:3c:77:b4:78:f5:76:cc:7e:6d:ff:e1:
         49:44:c8:3e:0d:bd:0e:95:df:ca:52:99:4d:f3:fb:29:39:b1:
         47:89:7d:20:b2:e5:d5:99:4f:00:9a:6f:92:66:e0:2e:0b:ef:
         68:ac:f2:f7:f6:34:a8:da:21:c2:3a:d0:83:54:54:ee:90:d7:
         3b:72:cc:38:a9:80:79:73:0f:30:08:a6:39:b1:3b:8f:63:f4:
         b5:61:01:e4:07:f5:bf:34:db:35:bc:5d:da:18:61:85:73:86:
         f3:36:a8:1f:2d:3f:44:54:b3:f2:14:8b:85:65:d2:25:4a:7c:
         a2:ac:6d:ff:2a:12:1c:c4:26:b6:3a:d1:5d:15:1a:90:64:cc:
         e0:0c:81:8b:29:02:ef:82:76:b3:16:17:27:df:03:dd:e5:37:
         1f:08:e0:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBaDL03SGiazeVcUpb/RsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjUwODA2MjIwMjI2WhcNMjUwODA3MjIwMjI2WjAzMTEwLwYDVQQD
EyhhZGUwZGZmYmQ0ZTMwYTZkYjIzNjE2YzRjZDU5Mzg2NDJmZjEwOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6biJWSjqMNUdWx4kqvFDrCEDdUS
lC8IqTJ9/iuIdtQimI3aF5dR89sOU6zsNpcbOHSrgZzEs8xBxX80vsKGPL7coft3
6CT5WwWQ8eX/IcLB5BcOepbO/NTxaIetOrYXXo3iJrzdBUi/95YfdiHck00uYrbi
dnIsoXwObDXocP6omw7mfHBx/7ctsI0aAphXWS78Fneyi6BS4NurAANrLpB5CvEM
J2UjOxcua5b9wU/bgWNlzSd0mkWL/ZYv7LRYFGA+KuNVdJEhiQoVM5O5p0fOMj3I
/ySxXYwRfA+DdHzRoRqLXo8hwUj+Sh/KaHxoiP3hNEFNglgGQM3QtlgbiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3g3/vU4wptsjYWxM1ZOGQv8QmvMB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA/wNhUrA
V+JZqaVt9DXweWVXpqzHY0EqyIXcjiTs6RqxYO6NUysKnAAb7SnkddiYXxcWB1m7
gqiaYEaRSfMDr/ofYACGQ9B47TUtm/bldhAc+sHPo6A082zedRKCZUHWmjx3tHj1
dsx+bf/hSUTIPg29DpXfylKZTfP7KTmxR4l9ILLl1ZlPAJpvkmbgLgvvaKzy9/Y0
qNohwjrQg1RU7pDXO3LMOKmAeXMPMAimObE7j2P0tWEB5Af1vzTbNbxd2hhhhXOG
8zaoHy0/RFSz8hSLhWXSJUp8oqxt/yoSHMQmtjrRXRUakGTM4AyBiykC74J2sxYX
J98D3eU3Hwjg1g==
-----END CERTIFICATE-----