Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
File:                     uaY9guJ4W32wBSjcVacGncUQpC8.mft (raw, json)
Hash identifier:          BLt5gbJgBS0DByiiw9MRSSw3U7r4Eb0PDOen7oN8ckY=
Subject key identifier:   76:91:D0:FD:F1:C8:E5:CB:1A:05:3C:53:96:66:1D:87:F1:0D:F1:A9
Authority key identifier: B9:A6:3D:82:E2:78:5B:7D:B0:05:28:DC:55:A7:06:9D:C5:10:A4:2F
Certificate issuer:       /CN=b9a63d82e2785b7db00528dc55a7069dc510a42f
Certificate serial:       0199239FC386045A5A75A27F58DADFEA4387
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
Manifest number:          0523
Signing time:             Sun 07 Sep 2025 10:01:36 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:36 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:36 +0000
Files and hashes:         1: uaY9guJ4W32wBSjcVacGncUQpC8.crl (hash: JXLikrDmytAU+TzE/yxnzGVS7QKh2SBJzqvWL/Bq+z8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:c3:86:04:5a:5a:75:a2:7f:58:da:df:ea:43:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9a63d82e2785b7db00528dc55a7069dc510a42f
        Validity
            Not Before: Sep  7 10:01:36 2025 GMT
            Not After : Sep  8 10:01:36 2025 GMT
        Subject: CN=7691d0fdf1c8e5cb1a053c5396661d87f10df1a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:97:ba:35:9c:3d:ba:3e:00:d0:1f:2e:3d:10:
                    4f:ff:63:03:57:9b:1f:45:49:db:f0:b7:eb:91:a1:
                    18:e5:69:32:90:37:08:58:49:ca:f1:a1:06:cf:a4:
                    e2:7d:8c:29:17:86:c1:24:b0:34:44:4e:83:dc:bc:
                    f6:48:2d:f2:cb:e6:2f:b3:47:6d:ac:b2:04:17:8d:
                    ba:83:eb:eb:df:02:ec:c8:d5:df:a0:d6:c4:74:60:
                    78:29:c0:1a:1d:c6:ab:7e:0b:16:1f:19:c3:50:1b:
                    bd:10:62:55:97:20:33:67:74:68:1d:5f:c5:e9:6f:
                    1c:58:0f:f3:c3:ae:83:43:33:60:68:36:07:a0:92:
                    cd:64:08:7a:cd:ed:70:a7:73:58:58:c0:0d:7b:e7:
                    dd:3e:bf:ff:a0:9e:ae:58:f4:bd:c4:f6:f6:05:c7:
                    21:90:b2:25:8d:c6:41:97:c8:8c:05:26:69:02:53:
                    b9:28:fb:c5:50:5e:e4:81:3b:9e:1a:c4:b4:f9:d7:
                    d4:58:d5:7a:a4:32:9c:32:29:cb:ef:de:58:98:2c:
                    49:b1:ce:ba:b2:48:2f:07:97:e7:40:1a:97:54:7f:
                    02:77:2f:96:25:34:97:b3:2f:66:69:f9:7c:ee:75:
                    90:64:56:d1:a4:15:79:06:a0:32:c5:d2:b0:8e:b2:
                    b0:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:91:D0:FD:F1:C8:E5:CB:1A:05:3C:53:96:66:1D:87:F1:0D:F1:A9
            X509v3 Authority Key Identifier:
                keyid:B9:A6:3D:82:E2:78:5B:7D:B0:05:28:DC:55:A7:06:9D:C5:10:A4:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uaY9guJ4W32wBSjcVacGncUQpC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8a06f4-986e-4669-bdf9-8ee2f9dcb1ed/1/uaY9guJ4W32wBSjcVacGncUQpC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:52:21:ed:b1:0d:65:77:50:e9:90:9e:a1:27:ee:9a:1a:aa:
         d1:c4:08:4c:c3:46:88:fb:35:ae:ab:08:45:10:2e:c6:8d:3a:
         b0:e0:66:8c:4e:68:9c:60:7a:68:cf:25:be:dd:fe:d8:81:d0:
         ba:d8:38:f3:b0:35:83:b3:9b:77:14:ef:af:ed:02:54:7f:3e:
         57:21:c3:ae:3b:e4:51:c4:c6:38:7d:3d:ac:88:b1:fd:09:af:
         03:ff:c3:bf:ff:bd:a5:e9:a1:20:a6:47:57:66:0a:7b:17:24:
         f8:f5:06:88:76:c6:25:d1:c0:2b:91:c6:cb:74:fd:83:7d:c9:
         1c:7a:d3:bd:b3:d5:57:72:5f:26:63:5c:1f:68:12:c9:f8:df:
         84:e0:88:33:f5:2b:b5:53:d3:2c:74:7a:dd:70:3c:e7:a0:61:
         29:d9:81:c9:f6:6a:88:ec:c0:0e:fa:a7:49:b4:da:77:c0:10:
         77:19:04:ce:92:00:c8:81:c6:d5:43:68:17:e5:38:7d:3a:e4:
         62:05:cc:a7:49:44:ca:af:fa:42:05:6c:d5:e2:34:b6:77:19:
         02:a3:94:ac:a1:b3:6a:32:15:a8:ff:1c:0d:20:ea:a0:bb:d7:
         c5:e1:0f:3a:82:70:37:c9:99:1a:d8:f0:da:10:68:b2:cd:48:
         82:bf:b4:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn8OGBFpadaJ/WNrf6kOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YTYzZDgyZTI3ODViN2RiMDA1MjhkYzU1YTcwNjlkYzUx
MGE0MmYwHhcNMjUwOTA3MTAwMTM2WhcNMjUwOTA4MTAwMTM2WjAzMTEwLwYDVQQD
Eyg3NjkxZDBmZGYxYzhlNWNiMWEwNTNjNTM5NjY2MWQ4N2YxMGRmMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpe6NZw9uj4A0B8uPRBP/2MDV5sf
RUnb8LfrkaEY5WkykDcIWEnK8aEGz6TifYwpF4bBJLA0RE6D3Lz2SC3yy+Yvs0dt
rLIEF426g+vr3wLsyNXfoNbEdGB4KcAaHcarfgsWHxnDUBu9EGJVlyAzZ3RoHV/F
6W8cWA/zw66DQzNgaDYHoJLNZAh6ze1wp3NYWMANe+fdPr//oJ6uWPS9xPb2Bcch
kLIljcZBl8iMBSZpAlO5KPvFUF7kgTueGsS0+dfUWNV6pDKcMinL795YmCxJsc66
skgvB5fnQBqXVH8Cdy+WJTSXsy9mafl87nWQZFbRpBV5BqAyxdKwjrKw9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaR0P3xyOXLGgU8U5ZmHYfxDfGpMB8GA1UdIwQY
MBaAFLmmPYLieFt9sAUo3FWnBp3FEKQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC84YTA2ZjQtOTg2ZS00NjY5LWJkZjkt
OGVlMmY5ZGNiMWVkLzEvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC84YTA2ZjQtOTg2ZS00NjY5LWJkZjktOGVlMmY5ZGNiMWVk
LzEvdWFZOWd1SjRXMzJ3QlNqY1ZhY0duY1VRcEM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA1Ih7bEN
ZXdQ6ZCeoSfumhqq0cQITMNGiPs1rqsIRRAuxo06sOBmjE5onGB6aM8lvt3+2IHQ
utg487A1g7ObdxTvr+0CVH8+VyHDrjvkUcTGOH09rIix/QmvA//Dv/+9pemhIKZH
V2YKexck+PUGiHbGJdHAK5HGy3T9g33JHHrTvbPVV3JfJmNcH2gSyfjfhOCIM/Ur
tVPTLHR63XA856BhKdmByfZqiOzADvqnSbTad8AQdxkEzpIAyIHG1UNoF+U4fTrk
YgXMp0lEyq/6QgVs1eI0tncZAqOUrKGzajIVqP8cDSDqoLvXxeEPOoJwN8mZGtjw
2hBoss1Igr+0mA==
-----END CERTIFICATE-----