Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
File:                     UoUm3npC8eCAkWhA7r85A4uJPRY.mft (raw, json)
Hash identifier:          Cw86vPvhx+kbGN2ODWY6/44UPgUGBXVH8Be/J5zMpkQ=
Subject key identifier:   76:84:70:82:AC:53:B9:31:21:D3:5E:43:32:05:02:34:97:8A:C0:E5
Authority key identifier: 52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16
Certificate issuer:       /CN=528526de7a42f1e080916840eebf39038b893d16
Certificate serial:       019A71B784E79720B8DA2CA13ECCD74299E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
Manifest number:          0AA4
Signing time:             Tue 11 Nov 2025 07:00:43 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:43 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:43 +0000
Files and hashes:         1: UoUm3npC8eCAkWhA7r85A4uJPRY.crl (hash: 8NXohXmkvV0gTWz9fXvQav2m5m0LqBjJhe/fFtgjEYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:84:e7:97:20:b8:da:2c:a1:3e:cc:d7:42:99:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=528526de7a42f1e080916840eebf39038b893d16
        Validity
            Not Before: Nov 11 07:00:43 2025 GMT
            Not After : Nov 12 07:00:43 2025 GMT
        Subject: CN=76847082ac53b93121d35e4332050234978ac0e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:bc:c6:19:60:62:cc:43:62:72:fd:f6:dd:d4:
                    91:d6:6b:bf:d3:d3:1f:08:04:6b:56:39:db:06:cf:
                    3d:4d:ae:14:5f:68:4a:45:6a:72:6e:dd:d4:f1:b9:
                    70:ef:a2:4a:b4:72:7b:a7:88:18:55:03:d9:13:e3:
                    3e:18:19:63:80:2a:f1:04:0a:9d:70:c0:4a:26:5a:
                    f7:46:fc:f3:93:35:a9:5f:d3:c9:b8:ab:54:ae:48:
                    5d:b6:b0:e6:d8:54:1d:4d:b4:62:c4:3b:78:07:da:
                    5c:ba:39:0a:de:0c:73:b1:85:9a:9b:82:4f:8c:b9:
                    4d:e2:5f:56:e5:f4:1a:70:be:5d:35:58:68:8b:f5:
                    5b:3c:f3:9c:c9:f6:9e:0f:83:81:9d:9c:0c:47:a8:
                    60:c1:1e:fb:0a:2f:43:a6:d4:1b:ca:41:73:99:6b:
                    bc:25:66:f7:20:49:5e:b2:97:95:5d:ac:18:77:a8:
                    b3:9b:c5:c4:4a:a2:e2:bf:02:ad:4b:f4:b7:58:a2:
                    be:d5:18:cd:bf:bf:05:db:ff:5e:33:c7:80:bb:d4:
                    5c:36:47:87:fa:ed:9c:20:fc:de:8d:06:fe:74:c8:
                    53:6f:df:80:70:94:a6:f1:c8:27:0c:b7:3d:1a:ee:
                    51:4c:d6:56:b8:43:d5:07:bc:0f:26:73:a7:94:f0:
                    5c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:84:70:82:AC:53:B9:31:21:D3:5E:43:32:05:02:34:97:8A:C0:E5
            X509v3 Authority Key Identifier:
                keyid:52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:95:5b:4b:f6:38:e5:d0:cc:a2:8c:9e:df:0f:8a:6b:21:f9:
         25:c0:f2:11:b3:dc:c0:f6:06:c3:04:47:e4:d3:a9:b6:9d:44:
         d7:de:56:ba:bf:90:05:ac:ac:0a:b0:19:8a:fc:ea:7e:b9:f4:
         5c:7c:c0:da:a1:b9:6e:42:1f:ab:06:c2:25:2d:cb:27:28:ce:
         c2:7e:1b:98:7d:c8:ad:ec:23:8a:28:65:4b:f2:c8:2d:31:b5:
         e5:24:9d:88:aa:f9:d9:3f:b2:85:d9:82:46:85:a9:a8:fb:28:
         ce:85:30:8d:54:f1:56:a2:b8:da:32:00:8c:cc:0d:b0:ff:76:
         64:80:2b:c6:a7:5f:af:17:70:bb:01:3d:ff:76:dd:91:44:94:
         a8:79:0a:d5:71:49:c7:d2:d7:37:53:a1:fb:96:56:5e:42:b2:
         3b:31:58:88:b4:79:77:95:5c:ed:d2:8d:16:b7:bc:aa:36:25:
         ac:d5:7b:9b:3b:73:de:ce:12:4f:ca:24:5e:e3:fa:a5:3a:53:
         a7:16:f7:1e:08:e2:fd:5d:07:79:4e:18:03:78:b7:95:d4:7a:
         69:c6:de:64:c0:4e:7e:71:09:43:7a:70:67:44:69:f2:b3:cc:
         f6:56:3b:84:06:ff:bf:e3:ce:a3:c1:39:6b:57:0c:3d:45:4f:
         f1:3c:5c:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4TnlyC42iyhPszXQpnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODUyNmRlN2E0MmYxZTA4MDkxNjg0MGVlYmYzOTAzOGI4
OTNkMTYwHhcNMjUxMTExMDcwMDQzWhcNMjUxMTEyMDcwMDQzWjAzMTEwLwYDVQQD
Eyg3Njg0NzA4MmFjNTNiOTMxMjFkMzVlNDMzMjA1MDIzNDk3OGFjMGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7zGGWBizENicv323dSR1mu/09Mf
CARrVjnbBs89Ta4UX2hKRWpybt3U8blw76JKtHJ7p4gYVQPZE+M+GBljgCrxBAqd
cMBKJlr3RvzzkzWpX9PJuKtUrkhdtrDm2FQdTbRixDt4B9pcujkK3gxzsYWam4JP
jLlN4l9W5fQacL5dNVhoi/VbPPOcyfaeD4OBnZwMR6hgwR77Ci9DptQbykFzmWu8
JWb3IElespeVXawYd6izm8XESqLivwKtS/S3WKK+1RjNv78F2/9eM8eAu9RcNkeH
+u2cIPzejQb+dMhTb9+AcJSm8cgnDLc9Gu5RTNZWuEPVB7wPJnOnlPBcqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaEcIKsU7kxIdNeQzIFAjSXisDlMB8GA1UdIwQY
MBaAFFKFJt56QvHggJFoQO6/OQOLiT0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85NmE5MjgtODE5Yy00NzZjLWJhZTEt
NTBjOWY1YjNjM2U0LzEvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85NmE5MjgtODE5Yy00NzZjLWJhZTEtNTBjOWY1YjNjM2U0
LzEvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAipVbS/Y4
5dDMooye3w+KayH5JcDyEbPcwPYGwwRH5NOptp1E195Wur+QBaysCrAZivzqfrn0
XHzA2qG5bkIfqwbCJS3LJyjOwn4bmH3IrewjiihlS/LILTG15SSdiKr52T+yhdmC
RoWpqPsozoUwjVTxVqK42jIAjMwNsP92ZIArxqdfrxdwuwE9/3bdkUSUqHkK1XFJ
x9LXN1Oh+5ZWXkKyOzFYiLR5d5Vc7dKNFre8qjYlrNV7mztz3s4ST8okXuP6pTpT
pxb3Hgji/V0HeU4YA3i3ldR6acbeZMBOfnEJQ3pwZ0Rp8rPM9lY7hAb/v+POo8E5
a1cMPUVP8Txc4w==
-----END CERTIFICATE-----