Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
File:                     UNorr8N6OYjdKUyROuUiDgONuWQ.mft (raw, json)
Hash identifier:          tBsxonWQekhuJnSTyh04q6I617z5+L8JxLJTnFgwT3E=
Subject key identifier:   6A:FA:B3:5A:4D:01:0F:C5:5F:26:96:50:B6:29:C1:96:4A:34:B7:63
Authority key identifier: 50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64
Certificate issuer:       /CN=50da2bafc37a3988dd294c913ae5220e038db964
Certificate serial:       01991764A128DA3DC35E521A6DAF5C00600F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
Manifest number:          15B8
Signing time:             Fri 05 Sep 2025 01:01:34 +0000
Manifest this update:     Fri 05 Sep 2025 01:01:34 +0000
Manifest next update:     Sat 06 Sep 2025 01:01:34 +0000
Files and hashes:         1: UNorr8N6OYjdKUyROuUiDgONuWQ.crl (hash: bgyUB/ca+h7BjBasPiOMA7ms3aFbg4TprkaK8N+bmSg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:64:a1:28:da:3d:c3:5e:52:1a:6d:af:5c:00:60:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50da2bafc37a3988dd294c913ae5220e038db964
        Validity
            Not Before: Sep  5 01:01:34 2025 GMT
            Not After : Sep  6 01:01:34 2025 GMT
        Subject: CN=6afab35a4d010fc55f269650b629c1964a34b763
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ce:23:1c:0f:95:ee:75:84:9b:12:13:d3:57:
                    2b:af:c2:1a:ad:fa:a5:1c:64:30:48:75:34:9e:23:
                    c8:53:a0:32:62:b9:3e:b5:20:65:be:1b:6a:69:45:
                    49:2d:ef:d2:b1:92:0a:44:da:c8:50:d3:bf:0e:f5:
                    b2:c2:0b:db:d9:84:23:23:a9:aa:d8:ba:6f:0f:06:
                    63:58:34:8e:54:93:73:3a:f2:90:01:74:b0:02:7a:
                    d5:07:1f:c5:0e:46:9f:de:88:8f:41:e4:1c:0b:a5:
                    4c:81:9d:82:f0:60:1e:e2:76:8d:db:03:5c:a9:52:
                    4a:8c:23:60:c0:06:ff:ad:1d:f9:d3:37:b5:70:5d:
                    4e:25:72:08:d4:1d:a3:e6:31:fb:f3:4e:42:f0:d3:
                    6c:f6:e7:e3:be:f8:d8:ec:ac:54:3d:54:80:0d:b4:
                    bc:e3:ab:b6:13:ac:17:f6:ee:d3:ea:7e:57:75:ca:
                    7f:88:52:49:d0:28:9f:31:29:27:a9:90:82:82:b1:
                    cd:e6:a7:c2:b7:f1:13:a4:e4:7d:02:9c:19:30:df:
                    8d:7d:89:6d:0f:66:07:62:f1:08:09:19:36:88:cf:
                    1f:a4:2c:20:dd:d2:65:5a:65:a4:a2:e0:0b:06:0f:
                    fd:bc:58:2c:06:50:b9:7e:32:50:6f:3c:e5:a1:7c:
                    c1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:FA:B3:5A:4D:01:0F:C5:5F:26:96:50:B6:29:C1:96:4A:34:B7:63
            X509v3 Authority Key Identifier:
                keyid:50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:fc:d8:39:5b:1e:60:98:1b:3d:dd:61:75:45:90:ab:4c:10:
         81:1e:6a:17:fa:7a:cd:13:2e:91:ec:cc:4d:1b:b8:d5:ca:bb:
         2a:54:84:40:38:3a:af:41:78:2d:71:3d:cd:f3:6c:9d:4c:81:
         b1:1f:5e:8c:79:3b:c7:ac:e6:23:85:fe:25:35:c6:55:a1:f7:
         35:d2:6b:78:10:3e:29:a5:69:a6:d0:0c:60:10:8f:32:0b:a5:
         ed:e0:62:e6:25:a7:40:52:ea:a0:5f:66:4b:09:d1:6e:33:b8:
         7c:7f:14:d0:1d:e3:6e:d4:82:77:98:18:f7:92:22:01:a0:78:
         12:5c:66:f9:ae:7b:4d:c8:68:0f:2d:59:29:ec:b1:52:89:35:
         ac:d8:4f:1e:a4:1e:6a:e7:73:32:78:67:0b:18:b0:96:80:97:
         03:ca:65:e8:65:c2:df:0a:7d:31:ea:ab:bf:95:d7:2d:78:d0:
         31:17:d2:35:8c:72:59:bd:89:57:4b:a6:df:e9:fa:01:31:df:
         3a:40:3c:fc:45:aa:9d:c1:b2:b7:eb:27:c8:15:ff:61:a4:c2:
         1b:45:57:63:c8:34:4f:7e:5e:2f:86:30:77:dc:90:62:f9:16:
         63:0c:c4:45:60:fd:67:26:69:c0:88:7c:ac:c8:95:97:6f:a1:
         67:ee:45:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXZKEo2j3DXlIaba9cAGAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZGEyYmFmYzM3YTM5ODhkZDI5NGM5MTNhZTUyMjBlMDM4
ZGI5NjQwHhcNMjUwOTA1MDEwMTM0WhcNMjUwOTA2MDEwMTM0WjAzMTEwLwYDVQQD
Eyg2YWZhYjM1YTRkMDEwZmM1NWYyNjk2NTBiNjI5YzE5NjRhMzRiNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx84jHA+V7nWEmxIT01crr8Iarfql
HGQwSHU0niPIU6AyYrk+tSBlvhtqaUVJLe/SsZIKRNrIUNO/DvWywgvb2YQjI6mq
2LpvDwZjWDSOVJNzOvKQAXSwAnrVBx/FDkaf3oiPQeQcC6VMgZ2C8GAe4naN2wNc
qVJKjCNgwAb/rR350ze1cF1OJXII1B2j5jH7805C8NNs9ufjvvjY7KxUPVSADbS8
46u2E6wX9u7T6n5Xdcp/iFJJ0CifMSknqZCCgrHN5qfCt/ETpOR9ApwZMN+NfYlt
D2YHYvEICRk2iM8fpCwg3dJlWmWkouALBg/9vFgsBlC5fjJQbzzloXzBOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGr6s1pNAQ/FXyaWULYpwZZKNLdjMB8GA1UdIwQY
MBaAFFDaK6/DejmI3SlMkTrlIg4DjblkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1Nzct
YmRkNTc3NTFjNjczLzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1NzctYmRkNTc3NTFjNjcz
LzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ/zYOVse
YJgbPd1hdUWQq0wQgR5qF/p6zRMukezMTRu41cq7KlSEQDg6r0F4LXE9zfNsnUyB
sR9ejHk7x6zmI4X+JTXGVaH3NdJreBA+KaVpptAMYBCPMgul7eBi5iWnQFLqoF9m
SwnRbjO4fH8U0B3jbtSCd5gY95IiAaB4Elxm+a57TchoDy1ZKeyxUok1rNhPHqQe
audzMnhnCxiwloCXA8pl6GXC3wp9Meqrv5XXLXjQMRfSNYxyWb2JV0um3+n6ATHf
OkA8/EWqncGyt+snyBX/YaTCG0VXY8g0T35eL4Ywd9yQYvkWYwzERWD9ZyZpwIh8
rMiVl2+hZ+5Fdg==
-----END CERTIFICATE-----