Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
File:                     U_8iLUoiYwLL8QBoyqb0xB97scs.mft (raw, json)
Hash identifier:          71Rx7wuW2V7G0qpDbma1DjPOVb85tnAeuWSLX9bc4Cc=
Subject key identifier:   15:D6:C6:15:91:34:D1:27:B0:44:40:83:D8:93:56:3F:76:B1:F7:A3
Authority key identifier: 53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB
Certificate issuer:       /CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
Certificate serial:       019A71B92CF603E9AACA80FE51A98A29B0EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
Manifest number:          02C5
Signing time:             Tue 11 Nov 2025 07:02:32 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:32 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:32 +0000
Files and hashes:         1: U_8iLUoiYwLL8QBoyqb0xB97scs.crl (hash: WFL8mZNj0zSvasda0Ihx2Wx4Eht07IWcwJmUuR3GBJA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:2c:f6:03:e9:aa:ca:80:fe:51:a9:8a:29:b0:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
        Validity
            Not Before: Nov 11 07:02:32 2025 GMT
            Not After : Nov 12 07:02:32 2025 GMT
        Subject: CN=15d6c6159134d127b0444083d893563f76b1f7a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:1c:ee:24:d9:13:1c:11:d5:fa:48:6a:dc:44:
                    4c:13:59:82:02:75:13:78:65:d8:90:e5:9e:11:75:
                    02:e3:ad:0f:cd:1c:77:57:6a:73:37:93:52:14:ac:
                    88:ed:8a:97:4a:11:4e:ad:e2:21:99:bb:3e:54:f3:
                    92:c1:ae:49:f7:20:5f:22:58:62:47:35:81:23:36:
                    5d:0f:07:91:a4:7b:d2:9f:9d:23:81:94:4c:30:79:
                    26:38:4c:40:db:bf:28:ba:23:37:19:27:fb:30:41:
                    bb:40:1c:06:77:13:02:4f:f2:9c:5b:df:c7:7f:6b:
                    e8:da:e9:e5:8f:d0:30:e8:09:ef:9b:23:9c:70:f2:
                    28:77:7b:e9:82:e0:ee:81:ff:92:c7:ec:14:76:b6:
                    ba:7b:65:52:ba:65:1b:56:3b:0b:c7:28:c5:ff:52:
                    fc:be:2a:5e:1d:8d:5b:63:ba:f3:2d:b6:ad:ef:06:
                    c0:8d:6b:70:e2:57:9c:75:6a:1e:60:3f:cb:49:43:
                    1d:fe:2c:b7:aa:46:69:3d:24:44:c4:62:a0:c8:27:
                    9e:17:b3:63:30:a4:2e:e0:78:21:47:5b:2f:fe:78:
                    b9:6a:1d:e0:0a:b2:c4:f5:cc:a3:8e:a3:6c:ae:67:
                    6d:2e:67:0e:29:ad:e2:04:a3:4a:a6:af:19:23:c0:
                    24:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:D6:C6:15:91:34:D1:27:B0:44:40:83:D8:93:56:3F:76:B1:F7:A3
            X509v3 Authority Key Identifier:
                keyid:53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:8b:7f:ad:c1:fa:70:12:68:0d:8c:ac:19:9c:49:90:1a:48:
         94:3f:9f:7d:21:ac:2f:43:33:c4:f9:68:30:c7:d7:6e:22:43:
         cf:b1:64:f7:36:21:3f:0b:95:92:fd:bb:11:14:ae:aa:50:f4:
         49:2d:91:8f:61:20:93:95:7a:c4:c9:b8:cc:83:de:40:57:2c:
         3a:4a:70:bd:7f:3a:8b:d8:18:d2:3d:69:ad:c5:9f:eb:ae:c5:
         09:62:85:ad:90:fb:13:5c:c7:23:70:19:48:fc:e2:ce:33:45:
         c1:50:b9:76:db:25:de:f3:e4:94:87:a2:ef:ca:3c:9f:8c:5e:
         61:be:d0:72:db:9f:1e:2b:43:bd:2b:9c:7f:1d:97:ca:e0:f3:
         ce:91:0d:b6:a2:87:a2:02:55:c1:f0:7f:e3:41:02:4b:54:5c:
         30:58:64:4f:4c:e2:7a:36:87:73:ad:07:48:d9:e7:0c:0f:1a:
         f4:b9:9e:d6:61:8e:bb:cf:38:7c:1a:59:98:ab:41:a1:4d:e0:
         cb:96:b4:1b:d9:96:9d:1d:78:70:96:11:20:d0:f7:aa:e4:f0:
         d3:d1:1d:1a:ea:62:ed:0e:73:18:d0:08:8b:08:e9:09:8f:43:
         9c:4d:28:3e:78:de:88:f5:ec:a5:a9:be:30:d5:af:4d:87:82:
         07:ae:8b:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSz2A+mqyoD+UamKKbDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZmYyMjJkNGEyMjYzMDJjYmYxMDA2OGNhYTZmNGM0MWY3
YmIxY2IwHhcNMjUxMTExMDcwMjMyWhcNMjUxMTEyMDcwMjMyWjAzMTEwLwYDVQQD
EygxNWQ2YzYxNTkxMzRkMTI3YjA0NDQwODNkODkzNTYzZjc2YjFmN2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhzuJNkTHBHV+khq3ERME1mCAnUT
eGXYkOWeEXUC460PzRx3V2pzN5NSFKyI7YqXShFOreIhmbs+VPOSwa5J9yBfIlhi
RzWBIzZdDweRpHvSn50jgZRMMHkmOExA278ouiM3GSf7MEG7QBwGdxMCT/KcW9/H
f2vo2unlj9Aw6AnvmyOccPIod3vpguDugf+Sx+wUdra6e2VSumUbVjsLxyjF/1L8
vipeHY1bY7rzLbat7wbAjWtw4lecdWoeYD/LSUMd/iy3qkZpPSRExGKgyCeeF7Nj
MKQu4HghR1sv/ni5ah3gCrLE9cyjjqNsrmdtLmcOKa3iBKNKpq8ZI8AkuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXWxhWRNNEnsERAg9iTVj92sfejMB8GA1UdIwQY
MBaAFFP/Ii1KImMCy/EAaMqm9MQfe7HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQt
Y2EzNmQ5OGIzYzRkLzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQtY2EzNmQ5OGIzYzRk
LzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR4t/rcH6
cBJoDYysGZxJkBpIlD+ffSGsL0MzxPloMMfXbiJDz7Fk9zYhPwuVkv27ERSuqlD0
SS2Rj2Egk5V6xMm4zIPeQFcsOkpwvX86i9gY0j1prcWf667FCWKFrZD7E1zHI3AZ
SPzizjNFwVC5dtsl3vPklIei78o8n4xeYb7QctufHitDvSucfx2XyuDzzpENtqKH
ogJVwfB/40ECS1RcMFhkT0ziejaHc60HSNnnDA8a9Lme1mGOu884fBpZmKtBoU3g
y5a0G9mWnR14cJYRIND3quTw09EdGupi7Q5zGNAIiwjpCY9DnE0oPnjeiPXspam+
MNWvTYeCB66L2Q==
-----END CERTIFICATE-----