Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
File:                     uU8woHaUohE5ZIclom6zTOSha6s.mft (raw, json)
Hash identifier:          d/C4PP9x+83R7How3zYtpOZMmL6vnpx8boMYti+tEpk=
Subject key identifier:   47:90:7F:C4:09:AB:37:FF:80:EE:78:2A:93:BA:CA:C9:5F:95:DC:0F
Authority key identifier: B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB
Certificate issuer:       /CN=b94f30a07694a21139648725a26eb34ce4a16bab
Certificate serial:       019A725CADAE9E625A9CC3FDB32D0368DC0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
Manifest number:          03B3
Signing time:             Tue 11 Nov 2025 10:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:07 +0000
Files and hashes:         1: uU8woHaUohE5ZIclom6zTOSha6s.crl (hash: 3DiLDv3ORnafbEvGLg01JzwMA0VdGjKJ/XUiaiNPL00=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:ad:ae:9e:62:5a:9c:c3:fd:b3:2d:03:68:dc:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b94f30a07694a21139648725a26eb34ce4a16bab
        Validity
            Not Before: Nov 11 10:01:07 2025 GMT
            Not After : Nov 12 10:01:07 2025 GMT
        Subject: CN=47907fc409ab37ff80ee782a93bacac95f95dc0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:70:9b:9e:46:5e:69:7d:4a:be:84:07:b8:f6:
                    df:33:ca:aa:68:fd:7a:00:ca:c7:76:c1:4c:a1:51:
                    11:36:e6:65:ad:2a:24:b0:66:65:e3:3a:69:e1:33:
                    a7:48:98:56:02:8a:1b:76:da:99:d3:f7:90:ca:e5:
                    9a:fd:f0:c6:70:4c:90:0d:63:e8:9e:80:4e:e1:4f:
                    0e:c6:25:bb:db:ac:03:03:f0:a4:8d:9a:66:a1:22:
                    b1:da:81:d6:dc:1a:a9:72:e3:93:ac:c9:a5:fc:0c:
                    f1:7d:2e:26:bd:13:8f:b7:66:02:1e:20:d1:3c:f0:
                    26:a7:28:4c:ee:9d:6e:32:9a:65:ba:ae:7f:60:0b:
                    0c:ce:80:81:64:ca:a1:cc:92:8a:02:78:8b:52:3a:
                    da:12:c4:6d:67:da:d3:92:44:b3:83:22:0c:bd:9c:
                    e8:d3:38:ef:5f:07:cf:4e:ea:0f:52:94:de:79:32:
                    0b:98:bb:7a:97:7e:c0:f5:07:9b:d4:45:14:4c:a3:
                    86:c5:91:4b:18:39:80:34:54:93:19:4d:6a:4b:df:
                    53:b5:46:8b:54:33:1e:8c:ef:97:f3:04:fb:c6:42:
                    68:e6:11:39:28:e5:35:33:2f:1d:17:38:00:d5:b7:
                    09:b9:7b:55:7d:43:36:59:bf:0c:b7:2f:ce:65:c7:
                    cd:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:90:7F:C4:09:AB:37:FF:80:EE:78:2A:93:BA:CA:C9:5F:95:DC:0F
            X509v3 Authority Key Identifier:
                keyid:B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:b2:4b:e2:14:89:2f:3a:ed:ad:82:96:72:02:cc:89:40:ff:
         18:4b:34:c9:a1:7a:ef:92:75:bf:25:e0:3f:e0:74:0f:4c:f1:
         57:d8:88:75:11:8e:f9:39:f9:a8:df:c2:f2:33:99:6b:c9:1b:
         de:64:ad:d4:1b:7e:3e:2e:6c:44:d7:5c:ef:f3:37:ed:f7:ad:
         63:cd:3e:5a:d1:6d:63:a9:60:0d:e4:78:cf:73:5f:ee:11:c6:
         1b:2c:cb:dc:74:f7:79:5c:df:0f:76:a0:74:3d:b1:ef:b2:11:
         f9:84:58:7f:f3:46:4d:a1:cc:7a:4b:7c:70:d6:b4:52:27:3b:
         77:fd:73:46:85:ed:db:54:c5:e3:c4:d9:92:8d:2d:e2:3b:dd:
         d3:ce:5c:b1:f2:f6:81:c2:6c:6b:df:9b:6f:b6:93:3f:50:99:
         d2:84:cb:4d:79:f4:32:0f:62:94:d9:7a:8c:3e:6f:a5:0b:90:
         b7:0e:b4:70:8f:c3:34:be:e6:9d:31:bf:e8:5a:2b:e5:7d:6d:
         fb:c1:90:9c:03:7c:a5:20:36:58:93:dc:f1:67:6d:5f:7f:ff:
         c4:80:d1:3d:65:7d:aa:3e:84:0d:3f:03:a3:53:d3:67:80:20:
         c6:cb:20:45:ce:f2:91:55:50:c0:84:41:32:c4:f8:16:13:6d:
         3e:27:a6:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXK2unmJanMP9sy0DaNwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NGYzMGEwNzY5NGEyMTEzOTY0ODcyNWEyNmViMzRjZTRh
MTZiYWIwHhcNMjUxMTExMTAwMTA3WhcNMjUxMTEyMTAwMTA3WjAzMTEwLwYDVQQD
Eyg0NzkwN2ZjNDA5YWIzN2ZmODBlZTc4MmE5M2JhY2FjOTVmOTVkYzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XCbnkZeaX1KvoQHuPbfM8qqaP16
AMrHdsFMoVERNuZlrSoksGZl4zpp4TOnSJhWAoobdtqZ0/eQyuWa/fDGcEyQDWPo
noBO4U8OxiW726wDA/CkjZpmoSKx2oHW3BqpcuOTrMml/AzxfS4mvROPt2YCHiDR
PPAmpyhM7p1uMppluq5/YAsMzoCBZMqhzJKKAniLUjraEsRtZ9rTkkSzgyIMvZzo
0zjvXwfPTuoPUpTeeTILmLt6l37A9Qeb1EUUTKOGxZFLGDmANFSTGU1qS99TtUaL
VDMejO+X8wT7xkJo5hE5KOU1My8dFzgA1bcJuXtVfUM2Wb8Mty/OZcfN2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeQf8QJqzf/gO54KpO6yslfldwPMB8GA1UdIwQY
MBaAFLlPMKB2lKIROWSHJaJus0zkoWurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDIt
NzdhMzgzNWQ0ZmJiLzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDItNzdhMzgzNWQ0ZmJi
LzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGbJL4hSJ
LzrtrYKWcgLMiUD/GEs0yaF675J1vyXgP+B0D0zxV9iIdRGO+Tn5qN/C8jOZa8kb
3mSt1Bt+Pi5sRNdc7/M37fetY80+WtFtY6lgDeR4z3Nf7hHGGyzL3HT3eVzfD3ag
dD2x77IR+YRYf/NGTaHMekt8cNa0Uic7d/1zRoXt21TF48TZko0t4jvd085csfL2
gcJsa9+bb7aTP1CZ0oTLTXn0Mg9ilNl6jD5vpQuQtw60cI/DNL7mnTG/6For5X1t
+8GQnAN8pSA2WJPc8WdtX3//xIDRPWV9qj6EDT8Do1PTZ4AgxssgRc7ykVVQwIRB
MsT4FhNtPiemVw==
-----END CERTIFICATE-----