Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/1aaf3f-9d3f-4933-99ee-25b360cf8a21/1/uW476Z3sY7ErK4J3nfz142PTIcE.mft
File:                     uW476Z3sY7ErK4J3nfz142PTIcE.mft (raw, json)
Hash identifier:          SA2mOfbfwSi/o5xmBPVGzDT6+nMFwFN0wrvuJvOf7tU=
Subject key identifier:   DF:7D:D2:3A:F8:BE:D3:12:36:BB:F1:84:DE:51:3A:D5:2D:90:85:83
Authority key identifier: B9:6E:3B:E9:9D:EC:63:B1:2B:2B:82:77:9D:FC:F5:E3:63:D3:21:C1
Certificate issuer:       /CN=b96e3be99dec63b12b2b82779dfcf5e363d321c1
Certificate serial:       019853E8E9E94A25A74E818985C6EB69F71E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uW476Z3sY7ErK4J3nfz142PTIcE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/1aaf3f-9d3f-4933-99ee-25b360cf8a21/1/uW476Z3sY7ErK4J3nfz142PTIcE.mft
Manifest number:          0423
Signing time:             Tue 29 Jul 2025 02:00:29 +0000
Manifest this update:     Tue 29 Jul 2025 02:00:29 +0000
Manifest next update:     Wed 30 Jul 2025 02:00:29 +0000
Files and hashes:         1: uW476Z3sY7ErK4J3nfz142PTIcE.crl (hash: 2NZdVV2IsFVwZq0PcpIMDnBYgGR9v/+Ne6IVTzk/tZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/1aaf3f-9d3f-4933-99ee-25b360cf8a21/1/uW476Z3sY7ErK4J3nfz142PTIcE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/1aaf3f-9d3f-4933-99ee-25b360cf8a21/1/uW476Z3sY7ErK4J3nfz142PTIcE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uW476Z3sY7ErK4J3nfz142PTIcE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:53:e8:e9:e9:4a:25:a7:4e:81:89:85:c6:eb:69:f7:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b96e3be99dec63b12b2b82779dfcf5e363d321c1
        Validity
            Not Before: Jul 29 02:00:29 2025 GMT
            Not After : Jul 30 02:00:29 2025 GMT
        Subject: CN=df7dd23af8bed31236bbf184de513ad52d908583
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:5e:ef:85:d7:54:65:e3:b4:bc:64:89:6e:0d:
                    38:f7:c5:f6:3b:cd:e6:89:ec:ef:0c:cb:50:38:71:
                    a8:10:00:7e:6b:d7:af:08:dd:ed:b9:d8:d8:36:71:
                    20:a2:c6:71:e8:76:56:b2:3c:23:05:48:7a:09:95:
                    d8:0a:02:17:ab:5a:5f:40:46:69:a2:3b:23:c4:4f:
                    29:80:36:ab:0b:26:f0:b8:2b:3a:b3:38:24:a7:ab:
                    6c:89:7e:ee:15:ed:dd:4e:89:7f:90:a0:b0:d7:83:
                    52:a5:fd:2e:44:05:ca:92:b2:2f:e0:fd:7e:0d:2e:
                    d3:9e:ed:05:94:f2:a9:6b:ca:47:1b:32:59:72:93:
                    7e:82:c7:af:3b:5f:b0:8b:fa:f6:9a:9a:41:30:aa:
                    e3:26:aa:b8:87:1d:17:12:9a:6d:68:f9:f7:2c:b2:
                    c6:7a:82:1a:3f:f3:7f:65:c5:61:b4:47:e8:28:89:
                    92:f2:68:d9:60:00:f3:b3:97:16:a4:76:f1:0a:cf:
                    78:8e:de:98:96:0d:4d:b5:4e:32:42:e8:4b:d7:6d:
                    78:92:45:38:eb:c6:10:dc:a5:95:ce:9a:9c:00:05:
                    34:f0:1e:56:33:c3:4d:a7:6d:81:c7:bd:84:08:a9:
                    11:ba:09:fe:81:d7:96:47:a6:5d:cb:bb:f4:58:dd:
                    51:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:7D:D2:3A:F8:BE:D3:12:36:BB:F1:84:DE:51:3A:D5:2D:90:85:83
            X509v3 Authority Key Identifier:
                keyid:B9:6E:3B:E9:9D:EC:63:B1:2B:2B:82:77:9D:FC:F5:E3:63:D3:21:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uW476Z3sY7ErK4J3nfz142PTIcE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1aaf3f-9d3f-4933-99ee-25b360cf8a21/1/uW476Z3sY7ErK4J3nfz142PTIcE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1aaf3f-9d3f-4933-99ee-25b360cf8a21/1/uW476Z3sY7ErK4J3nfz142PTIcE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:ea:0a:4e:2e:69:b7:62:ec:22:ad:b9:1e:e9:0a:9d:03:d4:
         a1:e6:d8:9f:0a:c5:a0:36:2d:56:5e:0b:0d:44:8a:3c:05:58:
         18:e1:12:87:0b:15:c1:80:f6:a6:50:0c:3e:66:cf:4f:83:a8:
         89:1d:84:03:4d:e3:62:7c:bd:a3:39:7e:de:c7:6c:98:fe:ee:
         82:27:d1:fb:c8:e8:fe:3f:e2:d0:95:51:52:4b:93:fb:f5:4a:
         8b:27:30:7e:0a:ab:f1:6f:63:4e:fb:1b:91:84:05:3a:90:92:
         d9:bf:d6:f0:f5:91:64:21:e7:97:ca:28:26:75:49:17:c3:cb:
         2c:a2:51:43:87:7e:4c:9b:7d:19:d4:ed:e8:ff:3b:b2:6d:83:
         60:af:b6:24:4f:68:4e:58:83:71:4a:da:7f:e9:02:6c:ea:28:
         d7:7b:25:0e:40:f6:da:d4:8a:44:6f:43:74:12:43:f8:59:58:
         f8:dc:c2:00:97:72:7e:f3:e9:ff:16:0e:70:55:dc:b6:b0:ef:
         f8:6a:55:4b:54:e5:c9:de:c0:06:6a:2b:e2:95:81:f1:cc:24:
         7e:77:ec:8a:0b:af:a6:26:56:4a:f5:fd:cd:4a:1a:60:3e:68:
         3e:8d:2f:6d:e3:d0:ff:02:f8:23:55:c2:a7:54:0e:aa:cf:d6:
         26:7d:a3:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhT6OnpSiWnToGJhcbrafceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NmUzYmU5OWRlYzYzYjEyYjJiODI3NzlkZmNmNWUzNjNk
MzIxYzEwHhcNMjUwNzI5MDIwMDI5WhcNMjUwNzMwMDIwMDI5WjAzMTEwLwYDVQQD
EyhkZjdkZDIzYWY4YmVkMzEyMzZiYmYxODRkZTUxM2FkNTJkOTA4NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5F7vhddUZeO0vGSJbg0498X2O83m
iezvDMtQOHGoEAB+a9evCN3tudjYNnEgosZx6HZWsjwjBUh6CZXYCgIXq1pfQEZp
ojsjxE8pgDarCybwuCs6szgkp6tsiX7uFe3dTol/kKCw14NSpf0uRAXKkrIv4P1+
DS7Tnu0FlPKpa8pHGzJZcpN+gsevO1+wi/r2mppBMKrjJqq4hx0XEpptaPn3LLLG
eoIaP/N/ZcVhtEfoKImS8mjZYADzs5cWpHbxCs94jt6Ylg1NtU4yQuhL1214kkU4
68YQ3KWVzpqcAAU08B5WM8NNp22Bx72ECKkRugn+gdeWR6Zdy7v0WN1RJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN990jr4vtMSNrvxhN5ROtUtkIWDMB8GA1UdIwQY
MBaAFLluO+md7GOxKyuCd5389eNj0yHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVc0NzZaM3NZN0VySzRKM25mejE0MlBUSWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xYWFmM2YtOWQzZi00OTMzLTk5ZWUt
MjViMzYwY2Y4YTIxLzEvdVc0NzZaM3NZN0VySzRKM25mejE0MlBUSWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xYWFmM2YtOWQzZi00OTMzLTk5ZWUtMjViMzYwY2Y4YTIx
LzEvdVc0NzZaM3NZN0VySzRKM25mejE0MlBUSWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc+oKTi5p
t2LsIq25HukKnQPUoebYnwrFoDYtVl4LDUSKPAVYGOEShwsVwYD2plAMPmbPT4Oo
iR2EA03jYny9ozl+3sdsmP7ugifR+8jo/j/i0JVRUkuT+/VKiycwfgqr8W9jTvsb
kYQFOpCS2b/W8PWRZCHnl8ooJnVJF8PLLKJRQ4d+TJt9GdTt6P87sm2DYK+2JE9o
TliDcUraf+kCbOoo13slDkD22tSKRG9DdBJD+FlY+NzCAJdyfvPp/xYOcFXctrDv
+GpVS1Tlyd7ABmor4pWB8cwkfnfsiguvpiZWSvX9zUoaYD5oPo0vbePQ/wL4I1XC
p1QOqs/WJn2jpg==
-----END CERTIFICATE-----