Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          M3C0/dtaeqYfk9LFb8g8Tv20qBAiAYvK4Xz14BUd4ig=
Subject key identifier:   80:B7:87:F9:44:4D:6D:E5:D1:80:B4:B9:B1:45:C4:0D:A9:66:B2:2D
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       019A70DC6E47C3E8B2F0E0E750908B64BE11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          044B
Signing time:             Tue 11 Nov 2025 03:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:25 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: VbUQBFkYGmCClLVoOZZmWiegWUGGR+qB2RjXidvjFe8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:6e:47:c3:e8:b2:f0:e0:e7:50:90:8b:64:be:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Nov 11 03:01:25 2025 GMT
            Not After : Nov 12 03:01:25 2025 GMT
        Subject: CN=80b787f9444d6de5d180b4b9b145c40da966b22d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:48:83:af:9c:74:1c:c6:93:ef:45:0c:8e:24:
                    f1:66:b7:09:5c:61:e9:02:7e:e9:16:99:58:ff:70:
                    b1:f2:69:e1:24:ad:e6:a9:08:73:61:e8:0b:bd:d3:
                    31:f7:60:6e:2c:64:5b:ee:43:be:68:df:ff:32:78:
                    9a:a4:3c:4f:9e:90:f1:6f:6f:3c:e3:66:7a:d8:94:
                    08:fc:89:03:12:cf:31:74:98:67:25:f7:62:15:3c:
                    47:ab:8b:67:2b:2c:40:3f:85:5f:58:87:0e:3e:95:
                    45:0a:2a:5e:da:27:66:e1:dd:93:f3:af:3a:40:29:
                    6a:ec:7d:5f:dc:13:fb:36:4f:b3:5a:1c:55:78:1e:
                    d0:6e:ff:02:e1:f5:25:b7:4a:f4:76:18:a4:de:8d:
                    34:0f:de:a0:67:86:8b:98:6d:47:a1:21:cd:6d:51:
                    24:f3:70:a4:83:47:f7:82:9e:38:50:ba:4a:42:91:
                    70:1c:89:f8:32:e7:69:1f:b3:5d:ae:d0:e4:5e:fe:
                    ae:5e:76:4a:50:dd:3a:ba:24:a8:eb:88:b2:51:07:
                    36:34:68:c5:99:28:aa:10:43:a0:e7:08:b4:b5:b4:
                    b8:d7:75:1a:42:4c:ba:50:7e:39:cc:ca:f5:ae:14:
                    3a:98:66:16:c4:60:62:df:58:96:09:e5:e1:d4:c5:
                    2c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:B7:87:F9:44:4D:6D:E5:D1:80:B4:B9:B1:45:C4:0D:A9:66:B2:2D
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:7e:9e:97:14:90:76:80:fe:bc:e1:da:34:13:bb:8f:d7:15:
         8b:9b:76:ff:d6:17:1c:fd:97:08:37:a5:67:00:a0:72:de:4c:
         db:7a:e9:49:1d:d0:45:39:51:c5:df:ef:77:f0:bc:ce:33:23:
         cb:c8:96:81:05:a9:54:b6:30:53:e9:fe:20:94:cd:a4:f0:8e:
         ad:0d:4b:cb:71:7c:25:35:90:f7:1c:c1:07:af:6c:fc:50:1d:
         a5:41:d4:2b:3f:0c:53:e5:54:84:ef:c7:1d:72:54:3a:88:59:
         82:ab:52:da:8e:d5:c5:2e:d5:2b:5f:0e:56:36:f6:f9:54:15:
         27:95:18:41:a2:bd:30:a8:ce:86:e7:41:43:85:2c:17:45:b5:
         95:7e:48:74:8f:4d:df:c4:05:5e:76:ab:25:e1:43:27:15:c5:
         df:fc:a8:e8:33:9b:51:dd:15:57:11:1c:36:f6:5d:40:90:91:
         54:64:8e:82:42:c9:bc:6c:c2:20:4d:84:04:e0:f0:3a:af:0f:
         e7:18:35:9b:0a:9f:ca:c0:83:b0:fa:db:b1:63:83:48:8d:28:
         dc:46:77:e6:eb:d6:c1:3f:c7:a8:91:71:3b:dd:b4:16:94:f5:
         a8:12:b8:23:3e:3e:ef:46:1e:5c:9f:59:a1:4d:f2:48:68:4f:
         1f:b3:3c:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3G5Hw+iy8ODnUJCLZL4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjUxMTExMDMwMTI1WhcNMjUxMTEyMDMwMTI1WjAzMTEwLwYDVQQD
Eyg4MGI3ODdmOTQ0NGQ2ZGU1ZDE4MGI0YjliMTQ1YzQwZGE5NjZiMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEiDr5x0HMaT70UMjiTxZrcJXGHp
An7pFplY/3Cx8mnhJK3mqQhzYegLvdMx92BuLGRb7kO+aN//MniapDxPnpDxb288
42Z62JQI/IkDEs8xdJhnJfdiFTxHq4tnKyxAP4VfWIcOPpVFCipe2idm4d2T8686
QClq7H1f3BP7Nk+zWhxVeB7Qbv8C4fUlt0r0dhik3o00D96gZ4aLmG1HoSHNbVEk
83Ckg0f3gp44ULpKQpFwHIn4MudpH7NdrtDkXv6uXnZKUN06uiSo64iyUQc2NGjF
mSiqEEOg5wi0tbS413UaQky6UH45zMr1rhQ6mGYWxGBi31iWCeXh1MUsmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIC3h/lETW3l0YC0ubFFxA2pZrItMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPX6elxSQ
doD+vOHaNBO7j9cVi5t2/9YXHP2XCDelZwCgct5M23rpSR3QRTlRxd/vd/C8zjMj
y8iWgQWpVLYwU+n+IJTNpPCOrQ1Ly3F8JTWQ9xzBB69s/FAdpUHUKz8MU+VUhO/H
HXJUOohZgqtS2o7VxS7VK18OVjb2+VQVJ5UYQaK9MKjOhudBQ4UsF0W1lX5IdI9N
38QFXnarJeFDJxXF3/yo6DObUd0VVxEcNvZdQJCRVGSOgkLJvGzCIE2EBODwOq8P
5xg1mwqfysCDsPrbsWODSI0o3EZ35uvWwT/HqJFxO920FpT1qBK4Iz4+70YeXJ9Z
oU3ySGhPH7M8Og==
-----END CERTIFICATE-----