Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          diOYf6IzxBvW227oZFlR+TWMecMWG/udethoIuzhduA=
Subject key identifier:   A9:8C:D9:13:3C:86:A6:EC:59:83:65:F6:22:37:10:E4:3B:9C:C5:C8
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       019A73DD0EF1D7281997B2853AC16290454B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          1720
Signing time:             Tue 11 Nov 2025 17:00:58 +0000
Manifest this update:     Tue 11 Nov 2025 17:00:58 +0000
Manifest next update:     Wed 12 Nov 2025 17:00:58 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: WPnQITZ+EHn7jtJanrVqB+6Ki0HAmX2L6ZcHYEcQoTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:dd:0e:f1:d7:28:19:97:b2:85:3a:c1:62:90:45:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Nov 11 17:00:58 2025 GMT
            Not After : Nov 12 17:00:58 2025 GMT
        Subject: CN=a98cd9133c86a6ec598365f6223710e43b9cc5c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:09:05:51:a5:b6:a9:b0:c0:91:7a:6d:2f:d9:
                    98:12:aa:02:df:44:86:b4:20:f5:80:55:40:1f:7b:
                    4e:e5:83:cb:ff:74:e2:04:06:ff:cf:46:ad:52:70:
                    43:17:b4:75:21:19:66:85:40:19:96:41:0f:65:63:
                    24:73:17:8a:67:1d:2b:31:e1:ed:de:23:29:49:4a:
                    01:2f:19:e0:6c:3c:f8:a2:7c:38:b3:da:b9:09:5c:
                    f6:64:ee:2b:a4:6a:36:65:20:ef:9f:cd:c6:75:1d:
                    a9:7c:26:67:cb:fb:3b:36:9a:f2:92:cf:ec:67:da:
                    54:02:53:20:68:1f:f7:f4:7d:48:3a:63:79:7e:17:
                    5f:00:38:dc:d1:ea:16:de:88:6e:ad:fb:40:a5:57:
                    ad:a7:60:e4:f6:2e:75:ec:68:48:ac:a5:31:0d:3a:
                    85:c1:6f:11:30:3b:a3:18:49:64:05:9b:28:23:b4:
                    31:0d:13:8b:4f:c1:e7:64:41:c8:0a:58:84:2f:9a:
                    73:0e:d1:a3:e0:86:76:fa:21:2f:d4:78:c7:c3:f6:
                    65:00:ea:ba:0d:67:5f:ff:d2:92:30:c4:f0:80:87:
                    0a:26:4a:f8:be:c1:d7:ef:a0:c3:d8:34:10:8c:10:
                    d2:66:5a:36:ed:6e:a6:03:f8:a1:0e:b9:95:6a:75:
                    34:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:8C:D9:13:3C:86:A6:EC:59:83:65:F6:22:37:10:E4:3B:9C:C5:C8
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:4c:50:52:b7:87:a0:48:59:b2:5e:e4:ab:fe:aa:c4:7d:82:
         9e:98:83:c0:65:b8:fe:2c:f9:32:7e:cf:56:27:36:11:49:58:
         bc:c3:e3:aa:63:53:80:2c:4f:01:3f:ce:d6:da:93:a2:92:ae:
         37:4b:3e:0a:3a:cd:b3:5b:60:d6:b6:a9:ba:07:62:d1:84:59:
         24:ad:b0:81:f6:62:3e:aa:04:9f:79:e8:6e:16:d0:6b:4c:56:
         78:86:cd:14:53:42:65:d0:5e:ec:5c:09:90:5c:07:04:ba:1a:
         6b:e2:cb:2f:65:6e:69:da:24:7f:c4:29:d8:15:1f:02:93:b2:
         85:ae:1c:e3:16:c7:ca:ec:bc:a8:7c:d9:b9:ef:00:59:43:e0:
         24:f4:21:34:c3:ec:c4:d8:e0:34:0f:10:4d:9d:b5:dd:10:80:
         ba:b1:ee:d7:e7:be:14:c7:f3:23:05:85:72:84:c1:25:79:f9:
         ae:94:e9:3c:35:cd:48:0b:34:27:00:d1:e1:55:0e:1f:58:c4:
         63:1b:9d:50:5e:29:3c:63:74:2f:78:4f:3d:38:5a:f1:c7:53:
         8c:bc:26:9e:af:59:c2:63:b3:8b:0b:0b:aa:ae:01:be:c5:e1:
         55:44:fb:c1:e0:bd:86:74:1d:1f:a5:c5:68:02:61:15:a4:01:
         f1:d0:2a:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpz3Q7x1ygZl7KFOsFikEVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUxMTExMTcwMDU4WhcNMjUxMTEyMTcwMDU4WjAzMTEwLwYDVQQD
EyhhOThjZDkxMzNjODZhNmVjNTk4MzY1ZjYyMjM3MTBlNDNiOWNjNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAkFUaW2qbDAkXptL9mYEqoC30SG
tCD1gFVAH3tO5YPL/3TiBAb/z0atUnBDF7R1IRlmhUAZlkEPZWMkcxeKZx0rMeHt
3iMpSUoBLxngbDz4onw4s9q5CVz2ZO4rpGo2ZSDvn83GdR2pfCZny/s7Npryks/s
Z9pUAlMgaB/39H1IOmN5fhdfADjc0eoW3ohurftApVetp2Dk9i517GhIrKUxDTqF
wW8RMDujGElkBZsoI7QxDROLT8HnZEHICliEL5pzDtGj4IZ2+iEv1HjHw/ZlAOq6
DWdf/9KSMMTwgIcKJkr4vsHX76DD2DQQjBDSZlo27W6mA/ihDrmVanU0FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmM2RM8hqbsWYNl9iI3EOQ7nMXIMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKkxQUreH
oEhZsl7kq/6qxH2CnpiDwGW4/iz5Mn7PVic2EUlYvMPjqmNTgCxPAT/O1tqTopKu
N0s+CjrNs1tg1rapugdi0YRZJK2wgfZiPqoEn3nobhbQa0xWeIbNFFNCZdBe7FwJ
kFwHBLoaa+LLL2Vuadokf8Qp2BUfApOyha4c4xbHyuy8qHzZue8AWUPgJPQhNMPs
xNjgNA8QTZ213RCAurHu1+e+FMfzIwWFcoTBJXn5rpTpPDXNSAs0JwDR4VUOH1jE
YxudUF4pPGN0L3hPPTha8cdTjLwmnq9ZwmOziwsLqq4BvsXhVUT7weC9hnQdH6XF
aAJhFaQB8dAqGQ==
-----END CERTIFICATE-----