Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
File:                     U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft (raw, json)
Hash identifier:          9lNSbu2acj0EPGf8no9dil95ogoddjzAo6q36F2MoBo=
Subject key identifier:   9E:46:06:DF:9C:25:7B:64:AB:D4:D4:1B:1A:B8:F5:F7:2B:F8:80:0C
Authority key identifier: 53:BF:98:D5:35:22:AA:95:70:81:FD:EC:28:B1:72:08:43:94:F1:12
Certificate issuer:       /CN=53bf98d53522aa957081fdec28b172084394f112
Certificate serial:       019923A0CDCA9B80F53C06F156C628258372
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
Manifest number:          0E86
Signing time:             Sun 07 Sep 2025 10:02:44 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:44 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:44 +0000
Files and hashes:         1: U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl (hash: HmEt7lRqyBr5AV30kTfIMLyPNfumG/dzPPI5qHFy4Jg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:cd:ca:9b:80:f5:3c:06:f1:56:c6:28:25:83:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53bf98d53522aa957081fdec28b172084394f112
        Validity
            Not Before: Sep  7 10:02:44 2025 GMT
            Not After : Sep  8 10:02:44 2025 GMT
        Subject: CN=9e4606df9c257b64abd4d41b1ab8f5f72bf8800c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:fd:a1:f7:11:87:bf:5c:75:05:bb:08:65:22:
                    51:62:0f:a1:31:6a:e2:f3:94:74:58:15:6a:35:d2:
                    fb:71:ff:85:f7:f6:04:28:58:c5:e3:9a:fe:71:46:
                    1e:21:17:4f:05:ec:3d:7c:e4:36:19:37:62:1e:04:
                    75:41:7a:f3:f7:a6:ff:71:32:22:e9:2f:c6:4b:ff:
                    a4:80:c7:a4:88:63:65:f9:45:df:a7:fc:5e:ce:59:
                    9b:cf:fb:91:72:d7:d9:8e:67:51:ab:0a:d1:ac:06:
                    58:0c:28:88:15:59:2d:32:37:9c:12:04:e1:68:0d:
                    7c:a0:17:c4:82:34:71:b2:0d:e1:03:0c:a9:31:80:
                    de:12:f5:32:d8:f9:e2:dd:6c:9e:b3:6a:04:ea:73:
                    c4:c3:24:e8:3b:be:63:a7:ae:0e:d2:87:98:d4:f8:
                    40:2d:c0:dd:a4:45:16:2a:7f:6c:02:78:6b:b6:e3:
                    b7:1e:b7:c3:e6:24:74:d3:6b:f4:42:f6:f4:ec:e5:
                    aa:81:66:6c:86:96:23:cf:3e:ec:d3:02:1e:9e:63:
                    a6:c9:12:57:ef:ff:d9:bb:ff:68:b2:8c:e7:ee:e4:
                    3f:51:5c:44:b7:8e:54:a4:35:bb:14:f5:d8:07:d7:
                    14:40:9f:81:19:df:df:86:85:28:6a:4f:c0:c0:f3:
                    43:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:46:06:DF:9C:25:7B:64:AB:D4:D4:1B:1A:B8:F5:F7:2B:F8:80:0C
            X509v3 Authority Key Identifier:
                keyid:53:BF:98:D5:35:22:AA:95:70:81:FD:EC:28:B1:72:08:43:94:F1:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:78:eb:0a:46:07:c8:fa:96:13:0b:02:14:f1:8e:b8:8c:99:
         69:75:e5:08:2e:ea:cd:48:ae:01:4c:5c:71:1d:f4:b7:25:2a:
         ce:dd:75:41:ba:2a:6b:cf:78:28:00:a7:2c:60:39:36:c4:57:
         cc:97:41:46:97:f4:b4:01:8a:df:17:d8:e7:49:94:19:ab:ac:
         2f:cc:ad:39:06:bd:8f:1f:96:e0:6d:5b:22:48:bb:90:51:6e:
         0e:af:24:10:7d:57:56:08:89:e1:f5:1c:ca:c8:e2:8a:44:1d:
         12:47:59:7c:6d:fb:77:eb:a6:fb:0e:38:ea:c2:a9:f5:f6:31:
         16:16:b2:32:a6:59:6b:47:ec:33:0b:b9:f7:ad:74:06:05:3d:
         73:6d:be:a5:4d:ff:31:14:5e:31:e6:1e:4e:f9:03:ce:af:72:
         4f:3d:ff:a8:75:88:4a:af:73:94:24:4e:3d:d9:3e:ab:c0:db:
         f3:55:14:fa:47:6d:f1:01:66:14:42:3d:27:47:57:41:b0:2b:
         68:59:ff:0d:c7:c6:20:ec:68:58:41:b4:70:ea:88:b4:20:12:
         87:b6:67:d9:51:3e:80:b4:e8:85:65:10:3b:ac:f2:1b:44:99:
         5d:09:6b:c4:47:ef:a6:eb:75:22:fd:d6:c4:7e:05:8f:91:6c:
         09:8d:95:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoM3Km4D1PAbxVsYoJYNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmY5OGQ1MzUyMmFhOTU3MDgxZmRlYzI4YjE3MjA4NDM5
NGYxMTIwHhcNMjUwOTA3MTAwMjQ0WhcNMjUwOTA4MTAwMjQ0WjAzMTEwLwYDVQQD
Eyg5ZTQ2MDZkZjljMjU3YjY0YWJkNGQ0MWIxYWI4ZjVmNzJiZjg4MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP2h9xGHv1x1BbsIZSJRYg+hMWri
85R0WBVqNdL7cf+F9/YEKFjF45r+cUYeIRdPBew9fOQ2GTdiHgR1QXrz96b/cTIi
6S/GS/+kgMekiGNl+UXfp/xezlmbz/uRctfZjmdRqwrRrAZYDCiIFVktMjecEgTh
aA18oBfEgjRxsg3hAwypMYDeEvUy2Pni3Wyes2oE6nPEwyToO75jp64O0oeY1PhA
LcDdpEUWKn9sAnhrtuO3HrfD5iR002v0Qvb07OWqgWZshpYjzz7s0wIenmOmyRJX
7//Zu/9osozn7uQ/UVxEt45UpDW7FPXYB9cUQJ+BGd/fhoUoak/AwPND7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5GBt+cJXtkq9TUGxq49fcr+IAMMB8GA1UdIwQY
MBaAFFO/mNU1IqqVcIH97CixcghDlPESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wNjNiMWItN2JkZS00OGNjLWIxYWMt
ZmFkNzA3ZDljNGY2LzEvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wNjNiMWItN2JkZS00OGNjLWIxYWMtZmFkNzA3ZDljNGY2
LzEvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVXjrCkYH
yPqWEwsCFPGOuIyZaXXlCC7qzUiuAUxccR30tyUqzt11Qboqa894KACnLGA5NsRX
zJdBRpf0tAGK3xfY50mUGausL8ytOQa9jx+W4G1bIki7kFFuDq8kEH1XVgiJ4fUc
ysjiikQdEkdZfG37d+um+w446sKp9fYxFhayMqZZa0fsMwu59610BgU9c22+pU3/
MRReMeYeTvkDzq9yTz3/qHWISq9zlCROPdk+q8Db81UU+kdt8QFmFEI9J0dXQbAr
aFn/DcfGIOxoWEG0cOqItCASh7Zn2VE+gLTohWUQO6zyG0SZXQlrxEfvput1Iv3W
xH4Fj5FsCY2Vzw==
-----END CERTIFICATE-----