Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
File:                     U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft (raw, json)
Hash identifier:          hEyMq4F1gvppKkSLHmHB95tnE0cCkVuhK4oxHoYVJHM=
Subject key identifier:   2F:77:37:D4:F5:D0:40:FA:D3:CA:5D:FC:69:8D:A6:6A:EF:F9:46:54
Authority key identifier: 53:BF:98:D5:35:22:AA:95:70:81:FD:EC:28:B1:72:08:43:94:F1:12
Certificate issuer:       /CN=53bf98d53522aa957081fdec28b172084394f112
Certificate serial:       019A71B7837CCD14E70D98BAA74F1866FE60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
Manifest number:          0F33
Signing time:             Tue 11 Nov 2025 07:00:43 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:43 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:43 +0000
Files and hashes:         1: U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl (hash: 969hHYESNy2MHiVmhA+UUKLa5qfFO/iYrD52Ws6Yurs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:83:7c:cd:14:e7:0d:98:ba:a7:4f:18:66:fe:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53bf98d53522aa957081fdec28b172084394f112
        Validity
            Not Before: Nov 11 07:00:43 2025 GMT
            Not After : Nov 12 07:00:43 2025 GMT
        Subject: CN=2f7737d4f5d040fad3ca5dfc698da66aeff94654
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:34:e1:32:98:38:41:d4:f5:0d:91:0d:43:d9:
                    bd:76:80:65:2d:be:e2:d0:45:c0:e8:3b:bf:89:a0:
                    36:cc:a1:c5:f4:7c:de:5b:e8:37:7c:20:06:d6:75:
                    8a:25:0b:d2:3d:c6:bf:ed:de:00:7f:9d:d8:a1:83:
                    84:ab:92:3e:5e:8c:5c:99:da:3a:62:a7:45:64:3b:
                    8c:2e:04:ac:65:0f:5b:b5:08:65:35:2b:a6:62:6c:
                    4d:f4:68:37:91:ab:0f:ba:1f:16:0d:ac:0f:32:b5:
                    fd:fd:cf:c3:07:05:91:a6:b6:c7:b5:08:0c:6f:73:
                    55:29:3b:6e:af:ec:5a:30:70:42:5d:97:c6:2e:36:
                    26:6b:1e:a2:4d:79:bb:c5:ca:8c:04:f6:9a:e3:7b:
                    f4:24:3b:15:0c:ca:4e:15:9b:be:4d:64:5a:7d:af:
                    4f:ee:dc:9c:fe:37:c0:69:81:de:3d:26:6e:b0:71:
                    09:80:ea:ed:ac:a6:3e:82:42:65:0c:a1:51:4c:42:
                    e8:fa:69:a6:61:67:09:8c:a5:9e:0d:39:96:a5:97:
                    84:0d:39:21:53:7a:5f:5b:42:26:69:87:05:56:54:
                    d5:b0:f5:13:dd:49:de:10:d7:80:ea:48:10:dd:bf:
                    c0:c2:c7:80:01:6c:bf:1c:f8:d6:52:c9:a0:ea:b5:
                    01:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:77:37:D4:F5:D0:40:FA:D3:CA:5D:FC:69:8D:A6:6A:EF:F9:46:54
            X509v3 Authority Key Identifier:
                keyid:53:BF:98:D5:35:22:AA:95:70:81:FD:EC:28:B1:72:08:43:94:F1:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:f0:33:8d:3c:6f:7d:4b:62:9b:bc:4d:60:dc:b9:31:94:e4:
         58:e1:76:68:6d:31:09:0c:3a:92:d4:9f:21:c8:46:6d:33:86:
         f0:f5:e5:b3:be:61:34:89:51:6b:2a:38:83:67:77:67:54:08:
         0d:3e:80:d2:2a:90:9e:e6:d5:2b:9d:1b:72:7b:f9:0d:a6:e8:
         c6:08:78:cd:fb:05:93:32:5c:e4:af:9e:c1:c3:e2:a4:ce:d9:
         4f:e5:e3:ca:a7:51:74:04:4f:ad:51:81:ef:52:e8:04:1b:1b:
         98:de:a0:bb:9f:72:3c:77:0b:ad:2d:10:31:98:7d:e4:54:e3:
         a0:45:2c:96:e5:8e:fe:d0:bc:bf:e4:eb:ae:f0:dd:a3:26:9f:
         2e:92:d7:3e:fd:b0:98:7f:1a:95:7e:54:38:4f:11:d5:80:1b:
         6b:ee:17:7f:10:82:4b:8d:6b:b2:f9:65:81:3f:21:c9:85:2b:
         0a:f0:17:0b:2c:91:1a:88:fe:ba:b8:3d:44:ba:25:b3:b5:34:
         2a:33:2c:bc:5b:fc:a6:f9:65:c8:e7:8c:f3:45:7a:54:91:d6:
         fd:5d:9d:cc:6f:84:32:06:db:1e:20:1a:1f:3e:fb:98:ee:c2:
         31:53:fc:e4:a9:3b:5c:a8:9c:de:7a:93:4c:9d:73:6a:57:95:
         d2:bc:91:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4N8zRTnDZi6p08YZv5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmY5OGQ1MzUyMmFhOTU3MDgxZmRlYzI4YjE3MjA4NDM5
NGYxMTIwHhcNMjUxMTExMDcwMDQzWhcNMjUxMTEyMDcwMDQzWjAzMTEwLwYDVQQD
EygyZjc3MzdkNGY1ZDA0MGZhZDNjYTVkZmM2OThkYTY2YWVmZjk0NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDThMpg4QdT1DZENQ9m9doBlLb7i
0EXA6Du/iaA2zKHF9HzeW+g3fCAG1nWKJQvSPca/7d4Af53YoYOEq5I+Xoxcmdo6
YqdFZDuMLgSsZQ9btQhlNSumYmxN9Gg3kasPuh8WDawPMrX9/c/DBwWRprbHtQgM
b3NVKTtur+xaMHBCXZfGLjYmax6iTXm7xcqMBPaa43v0JDsVDMpOFZu+TWRafa9P
7tyc/jfAaYHePSZusHEJgOrtrKY+gkJlDKFRTELo+mmmYWcJjKWeDTmWpZeEDTkh
U3pfW0ImaYcFVlTVsPUT3UneENeA6kgQ3b/AwseAAWy/HPjWUsmg6rUBIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC93N9T10ED608pd/GmNpmrv+UZUMB8GA1UdIwQY
MBaAFFO/mNU1IqqVcIH97CixcghDlPESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wNjNiMWItN2JkZS00OGNjLWIxYWMt
ZmFkNzA3ZDljNGY2LzEvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wNjNiMWItN2JkZS00OGNjLWIxYWMtZmFkNzA3ZDljNGY2
LzEvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABfAzjTxv
fUtim7xNYNy5MZTkWOF2aG0xCQw6ktSfIchGbTOG8PXls75hNIlRayo4g2d3Z1QI
DT6A0iqQnubVK50bcnv5Daboxgh4zfsFkzJc5K+ewcPipM7ZT+XjyqdRdARPrVGB
71LoBBsbmN6gu59yPHcLrS0QMZh95FTjoEUsluWO/tC8v+TrrvDdoyafLpLXPv2w
mH8alX5UOE8R1YAba+4XfxCCS41rsvllgT8hyYUrCvAXCyyRGoj+urg9RLols7U0
KjMsvFv8pvllyOeM80V6VJHW/V2dzG+EMgbbHiAaHz77mO7CMVP85Kk7XKic3nqT
TJ1zaleV0ryR+Q==
-----END CERTIFICATE-----