Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          vhP+FRMfVq5DzWbMx6ZbEW26+tadYAKJSyBn+LHApnY=
Subject key identifier:   4D:14:CA:2B:13:D0:61:51:F7:33:55:51:88:84:53:87:18:04:DA:EF
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       0198499C498229096FB79763A70B4D54ADFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          1601
Signing time:             Sun 27 Jul 2025 02:00:35 +0000
Manifest this update:     Sun 27 Jul 2025 02:00:35 +0000
Manifest next update:     Mon 28 Jul 2025 02:00:35 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: zk89C6j4AqKKp+0AxbfOztbgohu5/EtNl044uy3buFY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:9c:49:82:29:09:6f:b7:97:63:a7:0b:4d:54:ad:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Jul 27 02:00:35 2025 GMT
            Not After : Jul 28 02:00:35 2025 GMT
        Subject: CN=4d14ca2b13d06151f7335551888453871804daef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:38:0f:40:26:5a:64:88:03:f9:31:43:56:96:
                    a3:36:1d:c6:03:77:fb:14:46:25:a4:5e:e1:64:4f:
                    e9:fb:fb:80:a6:b3:96:3f:1d:dd:0b:79:47:18:e4:
                    42:db:ff:b3:aa:35:06:55:48:f3:90:f1:33:d4:1c:
                    22:a9:72:35:fd:e4:47:f3:c5:56:5f:1f:49:41:be:
                    b4:f9:e9:a8:6a:08:9c:1a:a8:05:25:f4:5b:6a:48:
                    18:df:2e:60:9b:53:d7:2b:a5:fe:3e:7b:d4:7a:c3:
                    16:3c:f5:56:2e:2d:ed:61:58:7e:c6:a3:aa:98:a8:
                    b1:41:b9:6b:98:b8:43:d0:80:22:d3:d0:cc:d5:8f:
                    b9:15:d3:ef:21:66:6b:6c:61:84:e3:50:23:6c:94:
                    21:56:c4:c1:f9:a6:0e:de:6b:a3:69:d8:94:8b:f8:
                    7d:dc:f9:5f:46:06:e3:86:92:41:3f:cd:82:c2:77:
                    b3:1b:ad:bf:9a:ca:85:24:2f:6e:85:5e:3b:44:2c:
                    1f:05:61:e9:34:87:09:24:0d:bc:be:21:fd:23:cf:
                    0c:c2:41:ef:7b:85:81:d3:5a:e9:35:f3:97:de:d8:
                    9b:a1:b1:f9:cb:b5:d4:97:2a:3e:49:cb:12:f3:bf:
                    4e:dc:c6:e0:f6:9b:f7:95:c9:e9:4a:46:56:34:95:
                    e9:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:14:CA:2B:13:D0:61:51:F7:33:55:51:88:84:53:87:18:04:DA:EF
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:ee:27:f2:1b:86:73:0b:93:f5:0a:20:30:a7:b3:f1:f4:ab:
         eb:21:1b:77:fa:5e:de:43:99:1d:03:3d:56:24:0b:ce:51:5c:
         20:70:d6:f6:57:f3:c7:e8:e9:c0:34:e7:37:87:db:3b:79:f9:
         ee:45:6e:aa:1a:bd:32:9d:f0:1e:9d:bc:66:67:5e:29:16:68:
         ca:03:47:28:c3:26:f3:a3:be:a5:f2:61:28:49:16:0a:36:94:
         e6:09:98:b6:53:65:aa:e9:84:43:a9:7d:ba:b5:30:be:66:db:
         9a:5a:6b:2f:ce:7c:5f:34:93:c2:e5:42:9b:59:08:a0:36:5a:
         38:f4:5d:28:53:ac:b0:c2:2e:42:7e:55:f1:b3:0f:c4:dd:c8:
         1c:bd:89:b8:ff:fe:d3:b2:17:50:91:3f:9b:76:bf:ae:28:f0:
         62:40:9d:2c:29:36:a4:92:e6:b5:21:d2:85:5a:5e:b5:88:a2:
         e0:77:ab:08:78:ae:ae:d1:d1:e7:9d:b2:aa:f7:24:0c:81:a0:
         91:16:2a:70:ca:d3:14:47:ac:e2:a8:ee:ae:6e:33:dc:dd:59:
         36:10:52:93:9e:ee:05:09:df:65:85:ce:b5:c5:2d:8a:77:17:
         3c:5f:c8:e7:cc:f8:7b:7f:d4:b8:df:8e:11:78:92:24:0f:c8:
         4d:31:75:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJnEmCKQlvt5djpwtNVK3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUwNzI3MDIwMDM1WhcNMjUwNzI4MDIwMDM1WjAzMTEwLwYDVQQD
Eyg0ZDE0Y2EyYjEzZDA2MTUxZjczMzU1NTE4ODg0NTM4NzE4MDRkYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzgPQCZaZIgD+TFDVpajNh3GA3f7
FEYlpF7hZE/p+/uAprOWPx3dC3lHGORC2/+zqjUGVUjzkPEz1BwiqXI1/eRH88VW
Xx9JQb60+emoagicGqgFJfRbakgY3y5gm1PXK6X+PnvUesMWPPVWLi3tYVh+xqOq
mKixQblrmLhD0IAi09DM1Y+5FdPvIWZrbGGE41AjbJQhVsTB+aYO3mujadiUi/h9
3PlfRgbjhpJBP82CwnezG62/msqFJC9uhV47RCwfBWHpNIcJJA28viH9I88MwkHv
e4WB01rpNfOX3tibobH5y7XUlyo+ScsS879O3Mbg9pv3lcnpSkZWNJXpdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0UyisT0GFR9zNVUYiEU4cYBNrvMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXu4n8huG
cwuT9QogMKez8fSr6yEbd/pe3kOZHQM9ViQLzlFcIHDW9lfzx+jpwDTnN4fbO3n5
7kVuqhq9Mp3wHp28ZmdeKRZoygNHKMMm86O+pfJhKEkWCjaU5gmYtlNlqumEQ6l9
urUwvmbbmlprL858XzSTwuVCm1kIoDZaOPRdKFOssMIuQn5V8bMPxN3IHL2JuP/+
07IXUJE/m3a/rijwYkCdLCk2pJLmtSHShVpetYii4HerCHiurtHR552yqvckDIGg
kRYqcMrTFEes4qjurm4z3N1ZNhBSk57uBQnfZYXOtcUtincXPF/I58z4e3/UuN+O
EXiSJA/ITTF1KQ==
-----END CERTIFICATE-----