Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
File:                     5UmH5s-8zliuDJbnZmqyGrPi4JA.mft (raw, json)
Hash identifier:          530pj0v8YuquDhV3nWmsDeGPWfFuhfMOOyfYSebaNgc=
Subject key identifier:   43:43:C0:C4:AF:35:49:C6:A9:16:D1:1B:72:D2:57:36:CA:7D:35:0B
Authority key identifier: E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90
Certificate issuer:       /CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
Certificate serial:       0199228C8B2D986A8CF226F93B5E0D845896
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
Manifest number:          0315
Signing time:             Sun 07 Sep 2025 05:00:59 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:59 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:59 +0000
Files and hashes:         1: 5UmH5s-8zliuDJbnZmqyGrPi4JA.crl (hash: GPjpaEh43lrWldWjA6NmW4s3jjLUQgLddZDsENqjOcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:8b:2d:98:6a:8c:f2:26:f9:3b:5e:0d:84:58:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
        Validity
            Not Before: Sep  7 05:00:59 2025 GMT
            Not After : Sep  8 05:00:59 2025 GMT
        Subject: CN=4343c0c4af3549c6a916d11b72d25736ca7d350b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:82:32:f7:ec:6e:f5:75:8b:18:3d:1f:4b:f1:
                    21:bd:64:25:2a:18:ba:c5:af:7d:e7:f1:76:ec:0f:
                    96:c4:7d:da:21:68:b8:5e:1d:d8:9c:14:1b:ee:cc:
                    e0:82:0c:48:a8:64:2a:8a:d3:9e:73:3b:fd:20:d5:
                    ed:47:da:9d:7a:23:74:48:68:5c:4c:31:23:1d:59:
                    f9:cb:c0:c2:69:b0:f8:2c:9a:d8:36:41:7f:3e:48:
                    7e:94:93:8e:b7:7e:f7:8a:b5:50:50:ba:bd:92:d2:
                    45:f9:2e:23:7a:62:10:32:7e:92:9b:7d:63:84:ec:
                    6e:fd:56:43:b6:de:0b:af:36:89:7b:24:06:57:98:
                    f1:fe:dc:23:55:82:25:8f:2f:95:20:bb:2a:93:c2:
                    4f:66:06:2f:bd:69:b9:0d:ce:2b:2c:22:56:fa:c4:
                    8a:a5:11:bc:be:a0:d6:1c:e3:87:db:64:81:e3:3c:
                    e2:13:ad:73:c0:b2:4b:2a:a3:3b:56:15:e9:b1:9c:
                    0a:85:7b:df:1f:76:6b:34:aa:e4:e3:a3:8f:21:4d:
                    e7:1d:cc:be:5d:7d:22:e7:45:bf:4b:40:ed:3c:d1:
                    3c:6c:d4:d5:ef:53:94:1b:04:41:89:5c:b8:70:2a:
                    27:7d:b1:d7:df:eb:76:a1:3e:ae:ec:b8:e3:f0:ab:
                    d9:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:43:C0:C4:AF:35:49:C6:A9:16:D1:1B:72:D2:57:36:CA:7D:35:0B
            X509v3 Authority Key Identifier:
                keyid:E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:df:55:46:39:23:58:fd:9b:aa:f8:bf:e0:d9:ba:7c:ee:f7:
         33:36:34:6b:81:c1:bd:6f:23:d6:43:85:63:42:98:5e:59:41:
         db:3b:37:51:cc:b1:9c:0e:53:53:7d:3b:00:2e:56:cd:9d:7f:
         ab:cf:37:33:f5:04:24:11:d8:19:90:66:1c:a1:a0:44:aa:19:
         af:8d:ba:79:ab:77:63:9a:99:13:d5:93:7c:db:0f:eb:fd:ff:
         8d:04:6f:15:9e:ad:3a:49:4d:bd:76:f5:6b:c7:c0:55:0c:06:
         10:e9:66:17:de:9a:b3:e8:49:bf:5b:71:a9:ab:ff:ab:f4:67:
         a7:d1:60:49:7a:59:7a:62:36:a1:9b:56:77:c7:d1:38:43:8d:
         d2:e6:c6:91:c6:cc:4f:64:2f:76:d3:f6:07:e8:29:e9:b2:85:
         9c:b8:df:89:34:af:1a:f0:b1:76:42:28:60:6a:c7:74:bb:73:
         d6:c2:76:4a:a9:59:d9:ad:ac:b6:12:6e:2d:a6:7d:5d:a8:71:
         a7:7a:91:45:c3:53:8d:ad:0d:8b:e7:07:57:a0:dc:9a:a1:52:
         ee:e9:c8:68:ad:c6:3a:84:e9:95:b7:ad:5e:0f:3e:66:8e:37:
         f8:ff:26:54:b9:60:77:67:1e:fa:f8:b3:63:ff:88:27:fb:d2:
         4c:33:5e:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijIstmGqM8ib5O14NhFiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDk4N2U2Y2ZiY2NlNThhZTBjOTZlNzY2NmFiMjFhYjNl
MmUwOTAwHhcNMjUwOTA3MDUwMDU5WhcNMjUwOTA4MDUwMDU5WjAzMTEwLwYDVQQD
Eyg0MzQzYzBjNGFmMzU0OWM2YTkxNmQxMWI3MmQyNTczNmNhN2QzNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Iy9+xu9XWLGD0fS/EhvWQlKhi6
xa995/F27A+WxH3aIWi4Xh3YnBQb7szgggxIqGQqitOeczv9INXtR9qdeiN0SGhc
TDEjHVn5y8DCabD4LJrYNkF/Pkh+lJOOt373irVQULq9ktJF+S4jemIQMn6Sm31j
hOxu/VZDtt4LrzaJeyQGV5jx/twjVYIljy+VILsqk8JPZgYvvWm5Dc4rLCJW+sSK
pRG8vqDWHOOH22SB4zziE61zwLJLKqM7VhXpsZwKhXvfH3ZrNKrk46OPIU3nHcy+
XX0i50W/S0DtPNE8bNTV71OUGwRBiVy4cConfbHX3+t2oT6u7Ljj8KvZfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENDwMSvNUnGqRbRG3LSVzbKfTULMB8GA1UdIwQY
MBaAFOVJh+bPvM5YrgyW52Zqshqz4uCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGIt
MDBiNTIwODc1Mzc2LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGItMDBiNTIwODc1Mzc2
LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcd9VRjkj
WP2bqvi/4Nm6fO73MzY0a4HBvW8j1kOFY0KYXllB2zs3UcyxnA5TU307AC5WzZ1/
q883M/UEJBHYGZBmHKGgRKoZr426eat3Y5qZE9WTfNsP6/3/jQRvFZ6tOklNvXb1
a8fAVQwGEOlmF96as+hJv1txqav/q/Rnp9FgSXpZemI2oZtWd8fROEON0ubGkcbM
T2QvdtP2B+gp6bKFnLjfiTSvGvCxdkIoYGrHdLtz1sJ2SqlZ2a2sthJuLaZ9Xahx
p3qRRcNTja0Ni+cHV6DcmqFS7unIaK3GOoTplbetXg8+Zo43+P8mVLlgd2ce+viz
Y/+IJ/vSTDNeDw==
-----END CERTIFICATE-----