Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
File:                     uFK2pNRayK4a7VTG9ayO1v88Hdc.mft (raw, json)
Hash identifier:          i0I2ZQaFkiJUIl0mExRrAWjV/7x23HgwAoV5CUeqJ54=
Subject key identifier:   C3:22:C2:78:9A:D7:2D:DC:30:C1:AE:1E:7E:0E:05:64:DD:2C:AC:43
Authority key identifier: B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7
Certificate issuer:       /CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
Certificate serial:       01991809DD57DEFA788838734FB82489A815
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
Manifest number:          0C00
Signing time:             Fri 05 Sep 2025 04:02:03 +0000
Manifest this update:     Fri 05 Sep 2025 04:02:03 +0000
Manifest next update:     Sat 06 Sep 2025 04:02:03 +0000
Files and hashes:         1: uFK2pNRayK4a7VTG9ayO1v88Hdc.crl (hash: oKrj71s2IwaFO0Ia67ZOnY1REbFgfn2niWY3Ik0qAWo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:09:dd:57:de:fa:78:88:38:73:4f:b8:24:89:a8:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
        Validity
            Not Before: Sep  5 04:02:03 2025 GMT
            Not After : Sep  6 04:02:03 2025 GMT
        Subject: CN=c322c2789ad72ddc30c1ae1e7e0e0564dd2cac43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c9:93:b0:f6:63:68:04:89:50:2a:ce:ea:39:
                    75:39:35:e5:17:28:4b:b6:c0:0a:c7:11:ff:7f:00:
                    26:30:0a:55:b7:c5:ba:0f:a6:82:4a:68:b0:66:09:
                    24:e1:34:8b:da:6c:19:d7:ae:cb:f7:d5:12:d4:4a:
                    1e:ac:aa:72:44:de:a5:8a:71:c9:52:4f:ee:c1:40:
                    bf:eb:93:f2:bc:2d:9f:59:fb:8d:e8:5f:c5:23:a8:
                    88:d2:01:2f:0b:ee:b1:bb:1d:39:40:83:3b:1b:3a:
                    bb:8f:fc:69:bf:a2:32:70:40:d4:76:8f:9c:94:1a:
                    f7:ff:ff:2b:4f:69:7c:62:8d:6c:29:28:3c:e8:cf:
                    af:f1:52:0a:85:de:c8:a7:51:17:77:42:e1:3c:10:
                    bc:a0:11:22:b8:9d:5b:7c:44:a9:7b:f2:8b:04:39:
                    3a:ad:b8:8e:8a:c7:22:54:6f:5e:8f:9b:82:ce:b9:
                    af:02:1a:ab:c0:c4:0f:26:36:39:04:2e:e4:16:3a:
                    d1:19:48:a3:83:38:9c:74:0e:8f:7b:2c:ad:c1:1e:
                    9e:09:e5:bb:df:ff:0f:5c:a8:8c:2e:ab:2e:15:4e:
                    b5:2b:18:69:65:cc:8c:0a:eb:b2:1f:c8:f8:1e:49:
                    ab:53:f2:20:57:eb:7e:43:4c:4c:d4:c2:5a:81:ad:
                    31:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:22:C2:78:9A:D7:2D:DC:30:C1:AE:1E:7E:0E:05:64:DD:2C:AC:43
            X509v3 Authority Key Identifier:
                keyid:B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:25:56:05:54:d0:e2:ce:53:f4:ee:67:d6:10:7c:85:c1:36:
         fc:a1:d0:9a:36:d9:b8:68:26:1b:d2:d1:8c:d9:b3:4e:59:1e:
         07:f1:ac:16:f2:0d:b0:81:29:3c:17:86:af:b2:12:1f:8c:d7:
         88:12:67:78:25:d6:97:23:73:63:86:bf:9d:9d:c2:42:8f:55:
         0b:7f:da:29:2e:c8:20:ae:3b:54:4b:58:bd:ba:15:04:7d:a6:
         40:0a:4b:53:a0:29:7b:be:d1:fb:e0:4e:d9:d4:b7:52:fe:15:
         7f:d4:63:1e:0c:4b:f0:cd:b3:12:9b:39:0c:fc:c4:19:1e:bc:
         f7:2b:bc:97:56:76:cb:7d:d5:86:1f:67:39:98:1a:9b:96:7d:
         7d:ee:8e:f0:76:71:7c:fb:d7:d5:f6:a6:66:49:85:05:e1:15:
         79:19:4e:5c:f7:d6:c6:c3:bb:41:1c:fa:f1:6b:6b:26:79:e5:
         07:92:f9:fb:56:bb:2b:b0:e5:53:1e:71:2a:15:c4:ae:5d:3a:
         19:c8:16:f9:38:0f:13:ac:96:79:57:51:e8:0f:74:bd:68:59:
         8d:e6:db:93:5d:47:d1:db:06:46:9d:ac:19:d5:13:56:f2:51:
         55:c0:07:53:78:33:ae:cb:b8:29:2c:4a:37:1e:10:d6:f1:e8:
         02:01:2b:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCd1X3vp4iDhzT7gkiagVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTJiNmE0ZDQ1YWM4YWUxYWVkNTRjNmY1YWM4ZWQ2ZmYz
YzFkZDcwHhcNMjUwOTA1MDQwMjAzWhcNMjUwOTA2MDQwMjAzWjAzMTEwLwYDVQQD
EyhjMzIyYzI3ODlhZDcyZGRjMzBjMWFlMWU3ZTBlMDU2NGRkMmNhYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcmTsPZjaASJUCrO6jl1OTXlFyhL
tsAKxxH/fwAmMApVt8W6D6aCSmiwZgkk4TSL2mwZ167L99US1EoerKpyRN6linHJ
Uk/uwUC/65PyvC2fWfuN6F/FI6iI0gEvC+6xux05QIM7Gzq7j/xpv6IycEDUdo+c
lBr3//8rT2l8Yo1sKSg86M+v8VIKhd7Ip1EXd0LhPBC8oBEiuJ1bfESpe/KLBDk6
rbiOisciVG9ej5uCzrmvAhqrwMQPJjY5BC7kFjrRGUijgzicdA6PeyytwR6eCeW7
3/8PXKiMLqsuFU61KxhpZcyMCuuyH8j4HkmrU/IgV+t+Q0xM1MJaga0xVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMiwnia1y3cMMGuHn4OBWTdLKxDMB8GA1UdIwQY
MBaAFLhStqTUWsiuGu1UxvWsjtb/PB3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYt
M2M0NmNkNTgwNzg5LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYtM2M0NmNkNTgwNzg5
LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArCVWBVTQ
4s5T9O5n1hB8hcE2/KHQmjbZuGgmG9LRjNmzTlkeB/GsFvINsIEpPBeGr7ISH4zX
iBJneCXWlyNzY4a/nZ3CQo9VC3/aKS7IIK47VEtYvboVBH2mQApLU6Ape77R++BO
2dS3Uv4Vf9RjHgxL8M2zEps5DPzEGR689yu8l1Z2y33Vhh9nOZgam5Z9fe6O8HZx
fPvX1famZkmFBeEVeRlOXPfWxsO7QRz68WtrJnnlB5L5+1a7K7DlUx5xKhXErl06
GcgW+TgPE6yWeVdR6A90vWhZjebbk11H0dsGRp2sGdUTVvJRVcAHU3gzrsu4KSxK
Nx4Q1vHoAgEr9A==
-----END CERTIFICATE-----