Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft
File:                     UEwHY-3Lox64nwmD3djdGIkYwu4.mft (raw, json)
Hash identifier:          9o7JWnQXwu7epucgKTWmNiFkQtbkFleLKgDgQF01Kuc=
Subject key identifier:   32:6D:9D:7E:53:B4:3F:CA:40:1F:89:B8:A8:D1:49:F1:6D:BE:35:8C
Authority key identifier: 50:4C:07:63:ED:CB:A3:1E:B8:9F:09:83:DD:D8:DD:18:89:18:C2:EE
Certificate issuer:       /CN=504c0763edcba31eb89f0983ddd8dd188918c2ee
Certificate serial:       019A725C48AD1EB001723DA207DD04DCB115
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UEwHY-3Lox64nwmD3djdGIkYwu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft
Manifest number:          0A48
Signing time:             Tue 11 Nov 2025 10:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:41 +0000
Files and hashes:         1: UEwHY-3Lox64nwmD3djdGIkYwu4.crl (hash: S9mfmKqjgXQ0GE9/h53H+Uy6mtsYLmrKR9sCVZsxct4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UEwHY-3Lox64nwmD3djdGIkYwu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:48:ad:1e:b0:01:72:3d:a2:07:dd:04:dc:b1:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=504c0763edcba31eb89f0983ddd8dd188918c2ee
        Validity
            Not Before: Nov 11 10:00:41 2025 GMT
            Not After : Nov 12 10:00:41 2025 GMT
        Subject: CN=326d9d7e53b43fca401f89b8a8d149f16dbe358c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e8:23:22:52:60:4c:ac:f3:8b:08:5d:79:8a:
                    fd:41:05:ef:d8:26:e6:78:35:91:dd:09:42:52:cb:
                    d1:21:15:8c:f3:67:79:39:f5:ca:9b:ec:fe:37:3f:
                    83:c7:b2:a1:54:39:bf:dc:3d:b0:67:a2:72:83:78:
                    40:62:0b:a3:12:bd:9e:60:66:00:a0:32:38:c2:79:
                    8b:53:aa:b1:57:cb:f0:ba:01:0a:ca:d3:c8:1e:73:
                    a3:13:67:5a:7c:1a:c6:1d:f8:94:ab:c7:41:f0:78:
                    ff:d9:cf:54:fb:ea:95:0c:b0:1e:41:51:ff:53:70:
                    f0:f8:eb:55:00:af:23:5b:27:87:81:a6:27:a9:44:
                    7d:db:8a:ea:53:fa:2f:bb:5a:37:82:1c:22:db:44:
                    97:e9:dd:5e:1e:4c:34:8e:80:4c:0c:a0:7f:07:60:
                    14:63:6c:87:70:67:18:91:55:a1:5f:65:fc:c9:62:
                    7a:c4:16:32:cf:3f:43:5f:9a:07:44:2a:ac:53:4c:
                    4b:7f:85:99:cb:c2:8d:c0:36:b3:85:37:ae:11:3d:
                    af:45:72:b4:16:d6:4f:33:af:fd:5f:86:c2:71:d4:
                    25:60:57:87:fb:00:c5:f3:44:31:56:b0:cf:ad:b5:
                    db:5e:fe:e8:8b:30:08:61:23:70:94:b7:33:5b:18:
                    aa:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:6D:9D:7E:53:B4:3F:CA:40:1F:89:B8:A8:D1:49:F1:6D:BE:35:8C
            X509v3 Authority Key Identifier:
                keyid:50:4C:07:63:ED:CB:A3:1E:B8:9F:09:83:DD:D8:DD:18:89:18:C2:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UEwHY-3Lox64nwmD3djdGIkYwu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:72:57:cf:61:ab:63:91:0c:ad:48:c6:19:ed:39:2b:e0:63:
         8c:6c:8c:72:95:21:34:68:31:10:82:78:25:4a:08:60:01:0b:
         40:e2:94:a6:de:d8:70:69:e9:b6:a3:09:6f:67:1a:d5:69:21:
         56:63:f3:34:1d:c5:7c:c0:10:85:65:45:e8:8d:ac:f0:6b:b2:
         34:78:f8:79:59:db:9d:38:fb:a6:7d:56:05:e1:ca:c8:93:bf:
         8e:e4:4a:69:a6:d8:eb:ad:b4:ad:d7:8a:56:42:99:69:29:81:
         cb:92:96:4c:c1:6f:85:30:5e:2f:41:ac:b3:b9:f2:12:b4:6a:
         5f:26:46:50:f3:c9:83:44:fe:31:02:b5:c7:a4:1e:c5:8b:87:
         06:63:0c:3a:fe:02:3e:aa:d3:e4:ec:e3:34:3c:e2:31:00:7e:
         0e:df:3d:49:c5:45:25:bc:e3:54:c4:2a:8c:86:ea:bf:ee:74:
         20:2d:b5:47:64:39:c2:63:9f:bf:e0:fb:07:00:17:db:67:6b:
         98:51:74:a8:32:a0:4b:cf:1c:63:0a:43:91:69:1c:b6:9a:80:
         70:28:a5:b0:43:ee:c9:c6:09:56:fd:65:07:89:2f:70:ab:e9:
         0b:05:c8:13:30:13:92:7f:f1:48:13:ba:45:98:f6:bb:e9:c0:
         57:25:6e:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXEitHrABcj2iB90E3LEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNGMwNzYzZWRjYmEzMWViODlmMDk4M2RkZDhkZDE4ODkx
OGMyZWUwHhcNMjUxMTExMTAwMDQxWhcNMjUxMTEyMTAwMDQxWjAzMTEwLwYDVQQD
EygzMjZkOWQ3ZTUzYjQzZmNhNDAxZjg5YjhhOGQxNDlmMTZkYmUzNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+gjIlJgTKzziwhdeYr9QQXv2Cbm
eDWR3QlCUsvRIRWM82d5OfXKm+z+Nz+Dx7KhVDm/3D2wZ6Jyg3hAYgujEr2eYGYA
oDI4wnmLU6qxV8vwugEKytPIHnOjE2dafBrGHfiUq8dB8Hj/2c9U++qVDLAeQVH/
U3Dw+OtVAK8jWyeHgaYnqUR924rqU/ovu1o3ghwi20SX6d1eHkw0joBMDKB/B2AU
Y2yHcGcYkVWhX2X8yWJ6xBYyzz9DX5oHRCqsU0xLf4WZy8KNwDazhTeuET2vRXK0
FtZPM6/9X4bCcdQlYFeH+wDF80QxVrDPrbXbXv7oizAIYSNwlLczWxiqDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJtnX5TtD/KQB+JuKjRSfFtvjWMMB8GA1UdIwQY
MBaAFFBMB2Pty6MeuJ8Jg93Y3RiJGMLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUV3SFktM0xveDY0bndtRDNkamRHSWtZd3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lMTlhM2YtMDVhYy00ZGNhLWE4OTUt
ODY2MmM3MTE4NmM2LzEvVUV3SFktM0xveDY0bndtRDNkamRHSWtZd3U0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lMTlhM2YtMDVhYy00ZGNhLWE4OTUtODY2MmM3MTE4NmM2
LzEvVUV3SFktM0xveDY0bndtRDNkamRHSWtZd3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJHJXz2Gr
Y5EMrUjGGe05K+BjjGyMcpUhNGgxEIJ4JUoIYAELQOKUpt7YcGnptqMJb2ca1Wkh
VmPzNB3FfMAQhWVF6I2s8GuyNHj4eVnbnTj7pn1WBeHKyJO/juRKaabY6620rdeK
VkKZaSmBy5KWTMFvhTBeL0Gss7nyErRqXyZGUPPJg0T+MQK1x6QexYuHBmMMOv4C
PqrT5OzjNDziMQB+Dt89ScVFJbzjVMQqjIbqv+50IC21R2Q5wmOfv+D7BwAX22dr
mFF0qDKgS88cYwpDkWkctpqAcCilsEPuycYJVv1lB4kvcKvpCwXIEzATkn/xSBO6
RZj2u+nAVyVuqg==
-----END CERTIFICATE-----