Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
File:                     ucN059N57ajbliAKTu_lvBwok58.mft (raw, json)
Hash identifier:          FZD6XsM+2Rz85JmVn1Fhbd7BN7aSJkz+QgKdh7E5D/M=
Subject key identifier:   FD:6F:1B:1F:DC:70:68:5F:31:CB:D9:A4:71:CF:8C:D9:4A:F9:6A:7B
Authority key identifier: B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F
Certificate issuer:       /CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
Certificate serial:       019A71B947418C9B21A5C08678BA84746F4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
Manifest number:          0DD6
Signing time:             Tue 11 Nov 2025 07:02:39 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:39 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:39 +0000
Files and hashes:         1: ucN059N57ajbliAKTu_lvBwok58.crl (hash: S51M0skxHhEX1a+adm0NYWS0dcOEaXQxFP6/DXgdX6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:47:41:8c:9b:21:a5:c0:86:78:ba:84:74:6f:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
        Validity
            Not Before: Nov 11 07:02:39 2025 GMT
            Not After : Nov 12 07:02:39 2025 GMT
        Subject: CN=fd6f1b1fdc70685f31cbd9a471cf8cd94af96a7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:94:05:38:f4:98:59:a1:66:15:bb:a2:9d:8f:
                    50:15:7a:a2:52:65:c1:75:53:9e:81:09:d3:b1:54:
                    cc:66:64:cd:0b:0e:1e:01:b8:f4:43:b9:1d:65:5d:
                    ac:f3:d9:21:91:c0:c1:31:2f:89:fa:ac:03:e0:e7:
                    49:16:ad:ab:5a:7c:e9:e7:37:f3:c8:15:51:56:3b:
                    42:9f:8c:d3:ed:4c:08:7d:1c:07:0b:14:45:3f:9c:
                    b7:2f:92:39:11:d0:4c:e0:c3:28:b8:f7:88:ad:81:
                    cd:2e:6a:66:9e:29:0c:90:21:02:82:52:92:63:04:
                    a0:08:7c:14:ea:34:41:a0:dd:51:f2:d3:83:37:e8:
                    cd:fa:f2:4e:95:4e:40:65:53:54:4a:9a:61:49:09:
                    d4:1a:85:bb:be:b3:3c:f0:c6:43:0f:33:ae:90:3f:
                    0f:f8:ac:e5:e6:b0:be:ac:32:0e:c5:8e:46:ff:c3:
                    1f:25:43:85:a2:ed:b8:83:fd:17:e7:eb:d9:01:49:
                    64:7f:14:c7:a1:80:9b:34:59:2f:c3:39:58:ca:5b:
                    62:bb:04:0d:91:5e:08:45:af:84:5e:3f:45:b3:59:
                    f2:d3:7f:77:16:e3:b6:1c:97:10:4c:30:2b:da:af:
                    10:5d:cd:45:c2:81:a9:f4:5b:28:03:5d:e2:30:a4:
                    62:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:6F:1B:1F:DC:70:68:5F:31:CB:D9:A4:71:CF:8C:D9:4A:F9:6A:7B
            X509v3 Authority Key Identifier:
                keyid:B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:3f:48:86:84:26:1f:be:52:2d:9b:16:18:64:7d:77:63:7c:
         14:26:dc:78:0b:7d:12:04:c1:f8:27:f1:5d:36:18:6a:f5:3f:
         58:0a:39:4f:b2:1a:14:f5:27:13:0e:0e:3e:4e:94:4e:0f:ed:
         86:e3:a7:1a:b1:b2:7c:a5:79:28:01:01:26:f2:fb:48:f1:97:
         b8:5e:f2:83:b3:68:1d:1a:5e:9e:75:69:37:d5:52:56:41:d0:
         04:4c:d9:eb:82:b4:1c:83:e0:a9:cb:18:c6:81:dc:a5:3c:cc:
         62:91:9a:65:6d:60:6f:25:34:05:59:34:ba:30:58:fa:38:07:
         df:f4:f4:30:3b:c7:58:9a:af:11:98:0f:66:36:a9:1d:1d:90:
         08:26:a3:f2:4a:b8:5a:7a:b0:c5:80:3f:a0:4d:51:1e:34:89:
         0a:d3:05:64:74:2b:a5:b3:b3:2a:ec:30:d1:60:8a:76:1e:84:
         1f:78:6c:6a:2c:1a:a7:e8:4c:da:00:68:9c:0d:4a:12:87:6b:
         f7:96:0e:71:41:a5:a2:ae:82:11:1e:a2:f4:95:70:c8:e4:4b:
         d0:37:27:9f:fd:03:f8:7c:0a:bc:cf:85:82:17:9c:a9:86:54:
         f8:ab:77:6c:43:f3:7c:69:18:72:e5:2c:b5:ae:84:fe:3d:49:
         4f:0b:00:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuUdBjJshpcCGeLqEdG9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM3NGU3ZDM3OWVkYThkYjk2MjAwYTRlZWZlNWJjMWMy
ODkzOWYwHhcNMjUxMTExMDcwMjM5WhcNMjUxMTEyMDcwMjM5WjAzMTEwLwYDVQQD
EyhmZDZmMWIxZmRjNzA2ODVmMzFjYmQ5YTQ3MWNmOGNkOTRhZjk2YTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJQFOPSYWaFmFbuinY9QFXqiUmXB
dVOegQnTsVTMZmTNCw4eAbj0Q7kdZV2s89khkcDBMS+J+qwD4OdJFq2rWnzp5zfz
yBVRVjtCn4zT7UwIfRwHCxRFP5y3L5I5EdBM4MMouPeIrYHNLmpmnikMkCECglKS
YwSgCHwU6jRBoN1R8tODN+jN+vJOlU5AZVNUSpphSQnUGoW7vrM88MZDDzOukD8P
+Kzl5rC+rDIOxY5G/8MfJUOFou24g/0X5+vZAUlkfxTHoYCbNFkvwzlYyltiuwQN
kV4IRa+EXj9Fs1ny0393FuO2HJcQTDAr2q8QXc1FwoGp9FsoA13iMKRilwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1vGx/ccGhfMcvZpHHPjNlK+Wp7MB8GA1UdIwQY
MBaAFLnDdOfTee2o25YgCk7v5bwcKJOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgt
YjMyYWRmNjFhYjQ3LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgtYjMyYWRmNjFhYjQ3
LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHz9IhoQm
H75SLZsWGGR9d2N8FCbceAt9EgTB+CfxXTYYavU/WAo5T7IaFPUnEw4OPk6UTg/t
huOnGrGyfKV5KAEBJvL7SPGXuF7yg7NoHRpennVpN9VSVkHQBEzZ64K0HIPgqcsY
xoHcpTzMYpGaZW1gbyU0BVk0ujBY+jgH3/T0MDvHWJqvEZgPZjapHR2QCCaj8kq4
WnqwxYA/oE1RHjSJCtMFZHQrpbOzKuww0WCKdh6EH3hsaiwap+hM2gBonA1KEodr
95YOcUGloq6CER6i9JVwyORL0Dcnn/0D+HwKvM+FghecqYZU+Kt3bEPzfGkYcuUs
ta6E/j1JTwsAfQ==
-----END CERTIFICATE-----