Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft
File:                     ubrpYJaypQez1LDCdLwv9Ynp-aI.mft (raw, json)
Hash identifier:          b9g+7TBUStdbd1MiiTfVwRVHTPcONG0/JiTKzQlp1Xg=
Subject key identifier:   14:A8:A5:15:30:14:67:92:1B:87:2F:0C:08:6D:68:77:02:76:F4:7B
Authority key identifier: B9:BA:E9:60:96:B2:A5:07:B3:D4:B0:C2:74:BC:2F:F5:89:E9:F9:A2
Certificate issuer:       /CN=b9bae96096b2a507b3d4b0c274bc2ff589e9f9a2
Certificate serial:       019A71EEE5CA51D3C9C465C31027B7ADC1CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ubrpYJaypQez1LDCdLwv9Ynp-aI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft
Manifest number:          0125
Signing time:             Tue 11 Nov 2025 08:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:13 +0000
Files and hashes:         1: ubrpYJaypQez1LDCdLwv9Ynp-aI.crl (hash: Twa2NXVCI7/QJp2xMJOEYj0QrlifV1W6Er6jLcg4+BM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ubrpYJaypQez1LDCdLwv9Ynp-aI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:e5:ca:51:d3:c9:c4:65:c3:10:27:b7:ad:c1:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9bae96096b2a507b3d4b0c274bc2ff589e9f9a2
        Validity
            Not Before: Nov 11 08:01:13 2025 GMT
            Not After : Nov 12 08:01:13 2025 GMT
        Subject: CN=14a8a515301467921b872f0c086d68770276f47b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5c:26:3b:33:37:20:16:12:57:d8:71:4a:22:
                    75:a7:56:0d:a2:b6:a9:ce:a7:b7:c4:c1:4a:ce:6a:
                    dc:98:1f:53:f8:53:d2:6a:b9:12:0c:e3:60:8e:14:
                    c1:e2:42:d0:73:a8:0f:c7:fe:72:f0:9c:36:6a:8f:
                    04:c2:1f:25:1e:eb:35:8c:be:89:24:ec:57:34:7a:
                    b3:46:9e:0c:5f:fd:29:b4:0d:42:f3:e4:e6:6c:fe:
                    3f:7a:5c:a2:29:a7:b5:5a:56:fe:d5:92:dd:22:80:
                    7f:4b:16:45:54:42:b2:e7:fe:b1:2d:c1:14:42:2a:
                    44:d2:12:10:13:77:d5:65:2a:03:70:32:28:1b:ea:
                    59:16:0a:6b:0e:8e:71:b1:21:f9:96:0a:92:e6:8e:
                    7b:1a:6c:24:5c:fd:8b:a2:79:98:31:d3:e6:bf:14:
                    d4:41:fa:d5:b6:3b:b6:1b:6f:9f:c8:96:0b:5c:85:
                    01:47:19:53:34:89:ee:05:de:6f:75:b6:02:da:4b:
                    2e:77:6e:09:ed:28:ef:d4:1f:a8:cf:91:75:04:96:
                    ec:a0:e8:0e:a7:41:71:01:a4:96:ed:71:ef:55:03:
                    24:18:a3:ee:18:a9:39:6c:d2:1f:db:d8:bd:e6:e3:
                    5d:64:2b:de:28:d1:30:36:4c:f4:d3:9d:00:59:3a:
                    f1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:A8:A5:15:30:14:67:92:1B:87:2F:0C:08:6D:68:77:02:76:F4:7B
            X509v3 Authority Key Identifier:
                keyid:B9:BA:E9:60:96:B2:A5:07:B3:D4:B0:C2:74:BC:2F:F5:89:E9:F9:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubrpYJaypQez1LDCdLwv9Ynp-aI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:13:e8:09:80:94:3d:9d:51:8a:15:5c:bc:92:99:cf:82:51:
         9b:e0:f8:27:29:18:b3:04:d8:e8:17:54:a2:21:c7:b8:73:47:
         89:2f:e0:de:13:97:f4:79:a9:48:1f:44:05:f7:a3:4f:0d:54:
         14:26:12:e5:4f:a5:cf:6d:f4:42:07:d1:41:be:79:39:30:26:
         86:54:13:cf:f1:98:c0:53:24:6a:a6:69:dd:45:86:89:11:c2:
         5a:5e:1d:4a:b2:a9:7f:b8:1e:d5:99:bb:37:70:5d:87:55:70:
         9a:2e:87:d2:b7:34:ae:79:61:11:d1:04:1e:63:0c:7e:4c:6f:
         1f:68:f4:7a:95:fb:63:e9:57:6c:8b:95:07:0e:43:ad:15:4b:
         d1:23:c5:80:9b:d2:39:8d:e1:a7:5c:48:21:d5:39:48:9a:b9:
         54:a0:42:bd:0c:92:00:bd:c8:ac:3c:84:7a:f2:48:99:1b:7c:
         0a:c5:b3:3e:39:da:bc:d3:c9:ad:dc:07:60:93:1b:19:aa:f9:
         69:e4:2a:9f:e9:0b:d5:bb:13:08:fc:d8:7f:79:de:f4:e8:02:
         21:ac:d0:0a:3f:56:54:ab:e2:e9:67:8e:15:9f:69:a1:df:64:
         41:08:bd:e2:db:91:79:cd:91:5e:40:fc:4c:6c:c2:55:90:17:
         54:d8:b8:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7uXKUdPJxGXDECe3rcHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YmFlOTYwOTZiMmE1MDdiM2Q0YjBjMjc0YmMyZmY1ODll
OWY5YTIwHhcNMjUxMTExMDgwMTEzWhcNMjUxMTEyMDgwMTEzWjAzMTEwLwYDVQQD
EygxNGE4YTUxNTMwMTQ2NzkyMWI4NzJmMGMwODZkNjg3NzAyNzZmNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVwmOzM3IBYSV9hxSiJ1p1YNorap
zqe3xMFKzmrcmB9T+FPSarkSDONgjhTB4kLQc6gPx/5y8Jw2ao8Ewh8lHus1jL6J
JOxXNHqzRp4MX/0ptA1C8+TmbP4/elyiKae1Wlb+1ZLdIoB/SxZFVEKy5/6xLcEU
QipE0hIQE3fVZSoDcDIoG+pZFgprDo5xsSH5lgqS5o57GmwkXP2LonmYMdPmvxTU
QfrVtju2G2+fyJYLXIUBRxlTNInuBd5vdbYC2ksud24J7Sjv1B+oz5F1BJbsoOgO
p0FxAaSW7XHvVQMkGKPuGKk5bNIf29i95uNdZCveKNEwNkz0050AWTrxMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSopRUwFGeSG4cvDAhtaHcCdvR7MB8GA1UdIwQY
MBaAFLm66WCWsqUHs9SwwnS8L/WJ6fmiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJycFlKYXlwUWV6MUxEQ2RMd3Y5WW5wLWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zNGU3NTktYzllMy00NWJhLTg4MWIt
MDg3Mzg2NWU0NDMyLzEvdWJycFlKYXlwUWV6MUxEQ2RMd3Y5WW5wLWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zNGU3NTktYzllMy00NWJhLTg4MWItMDg3Mzg2NWU0NDMy
LzEvdWJycFlKYXlwUWV6MUxEQ2RMd3Y5WW5wLWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZRPoCYCU
PZ1RihVcvJKZz4JRm+D4JykYswTY6BdUoiHHuHNHiS/g3hOX9HmpSB9EBfejTw1U
FCYS5U+lz230QgfRQb55OTAmhlQTz/GYwFMkaqZp3UWGiRHCWl4dSrKpf7ge1Zm7
N3Bdh1Vwmi6H0rc0rnlhEdEEHmMMfkxvH2j0epX7Y+lXbIuVBw5DrRVL0SPFgJvS
OY3hp1xIIdU5SJq5VKBCvQySAL3IrDyEevJImRt8CsWzPjnavNPJrdwHYJMbGar5
aeQqn+kL1bsTCPzYf3ne9OgCIazQCj9WVKvi6WeOFZ9pod9kQQi94tuRec2RXkD8
TGzCVZAXVNi4jw==
-----END CERTIFICATE-----