Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
File:                     U_tSQvmM_53qm6qMiuRmpCtTfFw.mft (raw, json)
Hash identifier:          e5gAS7CUMO5bJb/GAENcwLxaF4eZn8bAmr+Ym1+bGFA=
Subject key identifier:   5D:9C:6B:3C:10:66:2A:56:67:CD:CB:E9:8B:77:4B:5C:88:A0:60:4D
Authority key identifier: 53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C
Certificate issuer:       /CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
Certificate serial:       0199161A45905A25529D198754B5EE334C03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
Manifest number:          1650
Signing time:             Thu 04 Sep 2025 19:00:44 +0000
Manifest this update:     Thu 04 Sep 2025 19:00:44 +0000
Manifest next update:     Fri 05 Sep 2025 19:00:44 +0000
Files and hashes:         1: U_tSQvmM_53qm6qMiuRmpCtTfFw.crl (hash: 3eXnRx/kqP8yGT7jgqAmACJ/7X+pTZT+mMgh+pWe1aU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:1a:45:90:5a:25:52:9d:19:87:54:b5:ee:33:4c:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
        Validity
            Not Before: Sep  4 19:00:44 2025 GMT
            Not After : Sep  5 19:00:44 2025 GMT
        Subject: CN=5d9c6b3c10662a5667cdcbe98b774b5c88a0604d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:50:92:61:7b:c4:d7:bc:74:dd:52:ef:19:70:
                    2f:d7:75:93:3d:71:eb:70:93:a7:55:2c:a0:5c:5b:
                    de:61:c6:fb:03:91:59:9b:58:68:c3:a4:1b:15:ad:
                    61:48:85:34:9c:59:69:22:ef:94:c2:1f:99:3f:af:
                    b9:67:df:33:42:70:bf:92:b7:92:47:10:74:8c:2b:
                    8b:7c:a3:cf:10:ed:77:7f:f2:49:7b:b1:21:2c:c5:
                    0e:43:bf:bb:5b:43:28:85:56:d8:98:53:bb:5e:87:
                    42:73:ee:ed:e3:aa:d0:f9:79:9c:33:79:f4:7f:f5:
                    4a:83:8e:e9:58:57:3a:c4:84:40:ec:8c:83:53:95:
                    2f:96:bc:ea:9c:d8:01:fb:7a:d5:e0:3c:51:9b:83:
                    bf:4f:c4:96:cf:06:7f:7c:98:49:3c:14:95:d0:1a:
                    43:0e:11:ae:b2:96:35:c6:77:9f:85:d4:4c:3e:d4:
                    e3:8d:82:c2:3a:cb:0c:a2:ac:16:de:ef:a8:79:8b:
                    72:0f:7e:23:e9:a2:b4:64:21:c4:93:52:d2:f2:07:
                    cb:22:ea:f9:87:f0:80:b9:5d:82:0d:23:10:f0:80:
                    fa:71:eb:d3:b2:de:78:38:86:3d:d3:d7:1d:fd:aa:
                    ce:99:25:63:db:ab:2a:2b:82:f3:6b:65:56:9c:9d:
                    66:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:9C:6B:3C:10:66:2A:56:67:CD:CB:E9:8B:77:4B:5C:88:A0:60:4D
            X509v3 Authority Key Identifier:
                keyid:53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:d3:03:20:7d:5e:80:3c:4a:22:ca:b4:fd:1b:5e:6c:68:84:
         26:98:fc:e3:f4:b2:4c:f2:58:9d:bb:f3:29:57:fb:6a:55:e4:
         70:90:c5:f9:28:c2:6c:3d:12:19:b1:fe:0d:71:b8:59:55:3a:
         17:56:67:34:7d:be:c7:f3:27:82:e4:07:2a:3c:22:40:34:6f:
         0c:6c:24:98:a7:47:00:61:57:55:e2:0a:11:d9:5e:88:10:c9:
         16:c7:1b:8b:52:2e:65:14:7b:ce:4c:c2:74:71:91:ec:3c:ca:
         e5:57:58:ee:87:af:f1:b4:95:04:73:9a:bf:9a:5d:2c:1c:6a:
         67:a1:48:71:ff:e8:c3:36:f7:18:46:75:bb:09:1d:9a:af:97:
         c4:71:f2:9a:73:34:0d:98:e3:2f:c7:7f:78:f4:76:d9:9e:6f:
         e5:4e:69:f3:ac:7d:c8:3f:76:0e:6f:c8:ee:48:ec:2e:d2:02:
         42:8b:60:89:51:42:04:02:7f:85:1a:f6:58:62:07:28:22:be:
         22:41:86:47:d3:e0:65:bb:fb:47:54:9a:63:04:3d:4b:1f:c1:
         61:2f:cf:b5:39:23:4a:8b:81:35:2b:4c:29:e6:9e:fc:fa:c2:
         b6:29:64:f8:1c:1b:d4:64:07:5b:cf:67:1a:e0:a9:7b:f1:b9:
         6b:96:96:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWGkWQWiVSnRmHVLXuM0wDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZmI1MjQyZjk4Y2ZmOWRlYTliYWE4YzhhZTQ2NmE0MmI1
MzdjNWMwHhcNMjUwOTA0MTkwMDQ0WhcNMjUwOTA1MTkwMDQ0WjAzMTEwLwYDVQQD
Eyg1ZDljNmIzYzEwNjYyYTU2NjdjZGNiZTk4Yjc3NGI1Yzg4YTA2MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VCSYXvE17x03VLvGXAv13WTPXHr
cJOnVSygXFveYcb7A5FZm1how6QbFa1hSIU0nFlpIu+Uwh+ZP6+5Z98zQnC/kreS
RxB0jCuLfKPPEO13f/JJe7EhLMUOQ7+7W0MohVbYmFO7XodCc+7t46rQ+XmcM3n0
f/VKg47pWFc6xIRA7IyDU5UvlrzqnNgB+3rV4DxRm4O/T8SWzwZ/fJhJPBSV0BpD
DhGuspY1xnefhdRMPtTjjYLCOssMoqwW3u+oeYtyD34j6aK0ZCHEk1LS8gfLIur5
h/CAuV2CDSMQ8ID6cevTst54OIY909cd/arOmSVj26sqK4Lza2VWnJ1mIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2cazwQZipWZ83L6Yt3S1yIoGBNMB8GA1UdIwQY
MBaAFFP7UkL5jP+d6puqjIrkZqQrU3xcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lNGQ3YzYtYTI5OS00Yjg4LTgyNDct
OWM0MDMyOTYzZTE3LzEvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lNGQ3YzYtYTI5OS00Yjg4LTgyNDctOWM0MDMyOTYzZTE3
LzEvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNMDIH1e
gDxKIsq0/RtebGiEJpj84/SyTPJYnbvzKVf7alXkcJDF+SjCbD0SGbH+DXG4WVU6
F1ZnNH2+x/MnguQHKjwiQDRvDGwkmKdHAGFXVeIKEdleiBDJFscbi1IuZRR7zkzC
dHGR7DzK5VdY7oev8bSVBHOav5pdLBxqZ6FIcf/owzb3GEZ1uwkdmq+XxHHymnM0
DZjjL8d/ePR22Z5v5U5p86x9yD92Dm/I7kjsLtICQotgiVFCBAJ/hRr2WGIHKCK+
IkGGR9PgZbv7R1SaYwQ9Sx/BYS/PtTkjSouBNStMKeae/PrCtilk+Bwb1GQHW89n
GuCpe/G5a5aWlw==
-----END CERTIFICATE-----