Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
File:                     UNorr8N6OYjdKUyROuUiDgONuWQ.mft (raw, json)
Hash identifier:          uKsN7iv5xuozJFOHZI3nHzMjV3K6hVdMfyEgmsZcNKY=
Subject key identifier:   A5:27:67:5E:3C:73:BE:7C:11:3D:4D:26:1C:62:25:E4:38:73:6F:D3
Authority key identifier: 50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64
Certificate issuer:       /CN=50da2bafc37a3988dd294c913ae5220e038db964
Certificate serial:       019A73010C108457B1C896B8243B2235BFC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
Manifest number:          166C
Signing time:             Tue 11 Nov 2025 13:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 13:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 13:00:39 +0000
Files and hashes:         1: UNorr8N6OYjdKUyROuUiDgONuWQ.crl (hash: U57IzBY17sloFaqmGJJJetK39lwlmBlDjNXWH0mdtAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:0c:10:84:57:b1:c8:96:b8:24:3b:22:35:bf:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50da2bafc37a3988dd294c913ae5220e038db964
        Validity
            Not Before: Nov 11 13:00:39 2025 GMT
            Not After : Nov 12 13:00:39 2025 GMT
        Subject: CN=a527675e3c73be7c113d4d261c6225e438736fd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ef:40:42:0a:92:65:58:8c:d7:9e:dc:8d:70:
                    eb:87:e7:0b:eb:7e:c6:cb:19:1e:46:60:87:70:88:
                    56:7b:2a:1d:83:2a:c2:21:fd:2b:9a:0f:c5:f8:52:
                    51:c4:a8:79:ae:2d:e0:f7:05:34:b8:8e:ef:ae:fd:
                    9b:19:dd:55:c6:6d:1f:de:bf:1a:47:24:6e:39:6c:
                    0f:10:85:ae:be:95:f1:ec:13:cb:02:44:3d:42:69:
                    e9:8d:cc:17:e3:9d:30:a2:ad:cd:43:1e:4a:df:0b:
                    ef:01:96:8c:6f:16:da:67:e2:00:c3:ee:b9:bc:e1:
                    83:69:14:bd:6a:e3:37:bd:a0:5a:80:13:e0:da:de:
                    60:3a:f0:7b:41:78:0b:ee:28:af:3d:f0:7d:b9:ce:
                    ea:19:89:2e:34:fe:5e:b5:53:ad:21:5d:a0:44:86:
                    55:ed:d9:8b:b6:80:d6:87:9a:27:16:47:a7:34:f5:
                    fa:0c:a8:9f:2a:25:82:0a:ea:42:0c:eb:da:fd:86:
                    7f:2b:4a:35:3d:99:a4:e8:a2:80:36:e0:75:54:79:
                    bc:64:41:74:39:b6:88:c2:07:d8:cb:c6:40:96:8c:
                    86:97:95:43:4a:6f:77:0a:02:a0:e8:96:10:40:40:
                    e4:30:89:05:67:ba:6f:08:9c:f3:31:68:b9:e0:34:
                    05:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:27:67:5E:3C:73:BE:7C:11:3D:4D:26:1C:62:25:E4:38:73:6F:D3
            X509v3 Authority Key Identifier:
                keyid:50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:ae:11:0a:15:e2:cb:0c:84:41:0a:98:d1:d2:b8:4c:c0:09:
         8a:8b:f0:0b:7b:63:0b:f8:6b:be:d5:69:e1:ae:dc:b8:d6:b5:
         09:d3:f1:f4:8e:7d:51:a6:01:27:a2:35:3e:5b:b5:7f:a5:6e:
         5d:66:d2:5f:08:8b:c3:5e:ce:a8:c8:2f:b0:f3:24:8b:ec:9e:
         15:de:36:f9:d6:7c:77:7f:72:84:5d:95:16:08:49:92:13:3f:
         b0:d5:6a:29:30:64:92:59:97:3e:ba:5f:c8:e5:78:dc:70:40:
         a0:13:e6:33:4b:8a:5b:b8:a9:4d:ff:00:f1:8b:2a:cf:70:d4:
         1b:0d:4e:42:ef:9b:f6:2b:06:23:7a:7d:8d:85:60:6d:b8:c2:
         a8:2a:63:39:66:68:a4:4b:0a:f9:aa:2a:61:4c:6d:46:e6:79:
         22:86:2e:60:bf:59:27:83:e6:d5:d8:33:54:4d:71:3d:61:f7:
         fb:ad:73:85:60:cc:ec:bd:c9:ae:e0:5e:82:96:0e:db:d4:78:
         91:3b:d7:d2:cd:25:e7:bb:ae:38:bd:79:cb:8f:77:9a:62:fe:
         c2:5b:28:65:fe:11:43:ad:ba:27:74:f1:30:6f:ca:3c:0d:56:
         dc:70:12:be:77:e0:39:e0:ba:60:8b:67:db:9c:b0:b0:ee:5c:
         2e:ea:15:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAQwQhFexyJa4JDsiNb/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZGEyYmFmYzM3YTM5ODhkZDI5NGM5MTNhZTUyMjBlMDM4
ZGI5NjQwHhcNMjUxMTExMTMwMDM5WhcNMjUxMTEyMTMwMDM5WjAzMTEwLwYDVQQD
EyhhNTI3Njc1ZTNjNzNiZTdjMTEzZDRkMjYxYzYyMjVlNDM4NzM2ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2O9AQgqSZViM157cjXDrh+cL637G
yxkeRmCHcIhWeyodgyrCIf0rmg/F+FJRxKh5ri3g9wU0uI7vrv2bGd1Vxm0f3r8a
RyRuOWwPEIWuvpXx7BPLAkQ9QmnpjcwX450woq3NQx5K3wvvAZaMbxbaZ+IAw+65
vOGDaRS9auM3vaBagBPg2t5gOvB7QXgL7iivPfB9uc7qGYkuNP5etVOtIV2gRIZV
7dmLtoDWh5onFkenNPX6DKifKiWCCupCDOva/YZ/K0o1PZmk6KKANuB1VHm8ZEF0
ObaIwgfYy8ZAloyGl5VDSm93CgKg6JYQQEDkMIkFZ7pvCJzzMWi54DQF1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKUnZ148c758ET1NJhxiJeQ4c2/TMB8GA1UdIwQY
MBaAFFDaK6/DejmI3SlMkTrlIg4DjblkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1Nzct
YmRkNTc3NTFjNjczLzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1NzctYmRkNTc3NTFjNjcz
LzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjK4RChXi
ywyEQQqY0dK4TMAJiovwC3tjC/hrvtVp4a7cuNa1CdPx9I59UaYBJ6I1Plu1f6Vu
XWbSXwiLw17OqMgvsPMki+yeFd42+dZ8d39yhF2VFghJkhM/sNVqKTBkklmXPrpf
yOV43HBAoBPmM0uKW7ipTf8A8Ysqz3DUGw1OQu+b9isGI3p9jYVgbbjCqCpjOWZo
pEsK+aoqYUxtRuZ5IoYuYL9ZJ4Pm1dgzVE1xPWH3+61zhWDM7L3JruBegpYO29R4
kTvX0s0l57uuOL15y493mmL+wlsoZf4RQ626J3TxMG/KPA1W3HASvnfgOeC6YItn
25ywsO5cLuoVlg==
-----END CERTIFICATE-----