Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
File:                     UNlf0yarPwj3bczGVrs-Hia03Fc.mft (raw, json)
Hash identifier:          mN1AauFdLweBs8niv5kMl88X0PtrC1CbJtmCuO5rJJ4=
Subject key identifier:   36:8C:95:C3:99:F9:A4:3A:E7:B9:F3:97:3E:71:C3:D7:C8:87:D9:21
Authority key identifier: 50:D9:5F:D3:26:AB:3F:08:F7:6D:CC:C6:56:BB:3E:1E:26:B4:DC:57
Certificate issuer:       /CN=50d95fd326ab3f08f76dccc656bb3e1e26b4dc57
Certificate serial:       019A7225DA1F4C5DC16D411EC60F7BF99963
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
Manifest number:          02C6
Signing time:             Tue 11 Nov 2025 09:01:14 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:14 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:14 +0000
Files and hashes:         1: UNlf0yarPwj3bczGVrs-Hia03Fc.crl (hash: H1IZtKbJjWNIkhGQJE2rw9FzJJLD8TOHvtYx4uiUe20=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:da:1f:4c:5d:c1:6d:41:1e:c6:0f:7b:f9:99:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50d95fd326ab3f08f76dccc656bb3e1e26b4dc57
        Validity
            Not Before: Nov 11 09:01:14 2025 GMT
            Not After : Nov 12 09:01:14 2025 GMT
        Subject: CN=368c95c399f9a43ae7b9f3973e71c3d7c887d921
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:98:fa:6d:b9:ff:35:ab:12:95:23:2b:84:1f:
                    ff:62:f2:7e:46:f4:82:43:30:4d:82:b6:6c:06:61:
                    63:7d:47:61:42:fd:84:2b:fb:81:db:ca:f9:f2:47:
                    85:6a:09:12:9a:70:69:f6:f2:6d:45:77:39:42:6a:
                    7e:49:3e:ef:30:54:4d:b4:ea:ee:57:4c:45:0a:b3:
                    7c:42:07:fa:00:5f:eb:45:fa:19:61:b1:57:90:d2:
                    d4:6f:7c:fe:23:cd:72:46:90:af:a7:b8:11:16:44:
                    3d:ca:13:31:a7:68:8e:65:75:f0:45:a3:19:ad:6d:
                    36:23:93:07:19:19:3c:e0:d7:cd:1f:ed:6c:a1:20:
                    8e:a2:70:b7:7c:08:74:bf:d8:3f:7e:55:e7:53:2f:
                    51:46:a8:61:63:3e:9e:61:56:b7:33:b8:c3:73:8c:
                    b3:01:76:8b:6d:a0:98:2e:78:16:20:36:e3:af:ae:
                    9d:ad:97:86:92:5b:27:90:ab:d3:ad:2b:23:d2:19:
                    e3:ca:bc:5f:d0:85:4a:3e:9b:20:86:8d:0c:6c:3f:
                    51:72:db:10:77:e1:fb:17:a6:60:a5:12:11:98:40:
                    e2:5b:d6:db:96:a4:5b:79:29:c7:2a:1f:73:7d:22:
                    53:09:bc:37:4d:ce:f9:39:37:b9:c5:4d:16:d2:29:
                    c7:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:8C:95:C3:99:F9:A4:3A:E7:B9:F3:97:3E:71:C3:D7:C8:87:D9:21
            X509v3 Authority Key Identifier:
                keyid:50:D9:5F:D3:26:AB:3F:08:F7:6D:CC:C6:56:BB:3E:1E:26:B4:DC:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:ea:a7:32:ed:7b:73:da:4d:ca:dd:c3:f7:64:27:4f:eb:48:
         36:b1:72:f3:87:9f:42:7d:93:88:76:35:4e:1c:7e:e7:b9:67:
         d1:5c:e3:32:74:bf:8b:8b:9d:44:47:95:a4:f6:b6:82:37:6b:
         90:f0:2d:89:5b:19:22:5d:e3:6d:1b:1e:45:69:85:89:6b:d3:
         d3:6d:5c:a9:62:c1:0c:e1:25:7a:99:f8:bb:60:c9:ef:0e:e0:
         69:95:01:d8:fa:2e:63:3d:fb:92:bb:a7:32:79:e2:3b:f9:c7:
         93:c9:35:fb:ff:d0:54:90:9e:e7:f6:6a:74:c3:15:04:07:de:
         0e:08:6a:08:ad:94:11:d5:a1:76:05:eb:66:b8:7a:87:4b:6b:
         19:b9:88:45:53:be:98:f4:66:65:14:96:ad:5b:ac:86:84:7d:
         11:b4:36:ed:dc:ca:19:47:2e:a6:1f:48:24:2d:46:64:cc:09:
         3a:49:74:da:92:7f:70:57:e6:a8:23:83:ee:a9:f9:eb:65:9b:
         4d:25:a7:3f:34:d3:5a:8f:b2:d6:9e:ba:d3:bf:ab:e9:3e:95:
         1c:d2:13:99:83:e1:4e:ff:b4:ed:16:38:65:38:ed:6e:43:a5:
         1e:21:82:cf:fd:59:17:c0:99:f9:5c:d3:2b:74:8f:cb:43:12:
         11:9c:1d:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdofTF3BbUEexg97+ZljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDk1ZmQzMjZhYjNmMDhmNzZkY2NjNjU2YmIzZTFlMjZi
NGRjNTcwHhcNMjUxMTExMDkwMTE0WhcNMjUxMTEyMDkwMTE0WjAzMTEwLwYDVQQD
EygzNjhjOTVjMzk5ZjlhNDNhZTdiOWYzOTczZTcxYzNkN2M4ODdkOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpj6bbn/NasSlSMrhB//YvJ+RvSC
QzBNgrZsBmFjfUdhQv2EK/uB28r58keFagkSmnBp9vJtRXc5Qmp+ST7vMFRNtOru
V0xFCrN8Qgf6AF/rRfoZYbFXkNLUb3z+I81yRpCvp7gRFkQ9yhMxp2iOZXXwRaMZ
rW02I5MHGRk84NfNH+1soSCOonC3fAh0v9g/flXnUy9RRqhhYz6eYVa3M7jDc4yz
AXaLbaCYLngWIDbjr66drZeGklsnkKvTrSsj0hnjyrxf0IVKPpsgho0MbD9RctsQ
d+H7F6ZgpRIRmEDiW9bblqRbeSnHKh9zfSJTCbw3Tc75OTe5xU0W0inHyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDaMlcOZ+aQ657nzlz5xw9fIh9khMB8GA1UdIwQY
MBaAFFDZX9Mmqz8I923Mxla7Ph4mtNxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lNmNjYzctZDFlNS00ZjA3LThkYWIt
NTA2YTQ5MzRjYWQ1LzEvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lNmNjYzctZDFlNS00ZjA3LThkYWItNTA2YTQ5MzRjYWQ1
LzEvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMuqnMu17
c9pNyt3D92QnT+tINrFy84efQn2TiHY1Thx+57ln0VzjMnS/i4udREeVpPa2gjdr
kPAtiVsZIl3jbRseRWmFiWvT021cqWLBDOElepn4u2DJ7w7gaZUB2PouYz37krun
MnniO/nHk8k1+//QVJCe5/ZqdMMVBAfeDghqCK2UEdWhdgXrZrh6h0trGbmIRVO+
mPRmZRSWrVushoR9EbQ27dzKGUcuph9IJC1GZMwJOkl02pJ/cFfmqCOD7qn562Wb
TSWnPzTTWo+y1p6607+r6T6VHNITmYPhTv+07RY4ZTjtbkOlHiGCz/1ZF8CZ+VzT
K3SPy0MSEZwdAg==
-----END CERTIFICATE-----