Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
File:                     UtlINdtX9r4TjoZPWT7mrai4PtA.mft (raw, json)
Hash identifier:          3AbaBFhZ/BDBcOgz/Ba4qLZX8NrBEc4gDlWFSOCpDVs=
Subject key identifier:   EE:46:96:D7:54:C9:88:47:C3:D7:59:EF:51:75:C5:23:44:22:DA:07
Authority key identifier: 52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0
Certificate issuer:       /CN=52d94835db57f6be138e864f593ee6ada8b83ed0
Certificate serial:       019923A017AA3A188F0C9DA756C92A4877F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
Manifest number:          0126
Signing time:             Sun 07 Sep 2025 10:01:58 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:58 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:58 +0000
Files and hashes:         1: UtlINdtX9r4TjoZPWT7mrai4PtA.crl (hash: uwZS/V4mUUPwpWSFm0OsGlKEB/Owuv2bTrhqmZaM46g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:17:aa:3a:18:8f:0c:9d:a7:56:c9:2a:48:77:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52d94835db57f6be138e864f593ee6ada8b83ed0
        Validity
            Not Before: Sep  7 10:01:58 2025 GMT
            Not After : Sep  8 10:01:58 2025 GMT
        Subject: CN=ee4696d754c98847c3d759ef5175c5234422da07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ea:ed:23:a8:e4:05:03:40:58:83:47:d9:32:
                    4f:be:74:87:ee:a7:dd:d7:fb:70:ac:ac:da:ba:c2:
                    00:2c:df:29:65:7a:93:27:91:b1:ed:07:53:b9:bf:
                    60:68:89:7d:79:f4:f6:01:33:14:dd:3d:76:67:d9:
                    ff:b5:f4:95:8d:af:22:6c:12:d7:cf:81:ee:92:43:
                    95:55:d8:ed:fd:db:dc:17:eb:ed:f0:26:d8:52:13:
                    25:00:41:27:fe:dd:c7:a8:40:38:25:d8:63:92:60:
                    95:3f:73:30:48:de:87:b7:07:95:e2:a2:f8:20:25:
                    d2:1f:11:48:cb:cc:cd:e0:24:3e:c8:f5:d9:b4:2f:
                    6b:2e:73:eb:d3:4a:2d:f3:35:29:84:1a:9f:f3:7e:
                    25:43:00:17:44:dc:bf:87:a2:4f:a2:2d:ce:7a:a5:
                    ff:97:ff:aa:a1:0c:e1:66:2e:44:60:ff:a5:a4:88:
                    44:75:5c:c2:d2:72:da:79:8b:77:f8:50:eb:ef:75:
                    a6:b5:98:12:c6:56:7a:7d:de:b6:9b:96:dd:fd:89:
                    97:1d:49:bc:17:b8:19:68:97:b7:36:1d:bb:d5:3b:
                    9c:28:df:1a:1d:7d:ad:2e:5b:c1:2f:3a:56:a5:78:
                    40:cd:7d:54:eb:a7:e8:28:7b:1c:68:de:00:63:36:
                    35:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:46:96:D7:54:C9:88:47:C3:D7:59:EF:51:75:C5:23:44:22:DA:07
            X509v3 Authority Key Identifier:
                keyid:52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:33:ba:3d:64:a5:18:cd:a6:e3:c1:ba:59:5c:71:06:5b:06:
         93:54:f3:db:00:06:84:17:31:4e:b8:f5:bd:72:ca:d5:5d:48:
         64:9a:27:08:62:e7:24:94:89:03:f9:97:a1:a5:db:53:d6:2f:
         19:31:27:50:56:7a:dc:85:41:31:3b:be:5b:f0:b4:d2:40:fc:
         1d:02:ce:9b:41:79:85:75:6a:dd:e8:5e:98:fe:34:fa:05:4c:
         4e:7d:85:0f:aa:df:de:c5:ed:85:f3:d6:56:e2:14:40:e2:8b:
         a3:81:39:38:37:fe:1b:86:69:2b:e0:70:3a:d5:ad:35:ea:c6:
         e6:12:34:98:08:c1:4f:fd:a3:6f:a7:d1:fe:70:c7:f7:38:e1:
         45:a5:33:fa:97:95:7e:45:42:3f:9c:b5:09:30:00:a1:29:b0:
         70:a0:9e:7e:44:33:30:43:11:97:a8:c8:64:d6:93:7c:51:a7:
         2d:71:11:c4:0a:96:d1:fa:a7:98:71:1b:3a:d7:f3:2a:4b:46:
         4e:5d:cb:6c:00:d2:ca:29:ad:d4:49:70:7f:fc:e8:63:c8:ba:
         55:c0:78:82:f8:82:9a:6c:a8:85:91:46:01:ec:fa:99:f8:de:
         ab:f6:1a:6d:8a:14:0c:92:ca:f3:a7:e9:35:a8:b5:9e:21:5e:
         12:72:9b:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoBeqOhiPDJ2nVskqSHfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZDk0ODM1ZGI1N2Y2YmUxMzhlODY0ZjU5M2VlNmFkYThi
ODNlZDAwHhcNMjUwOTA3MTAwMTU4WhcNMjUwOTA4MTAwMTU4WjAzMTEwLwYDVQQD
EyhlZTQ2OTZkNzU0Yzk4ODQ3YzNkNzU5ZWY1MTc1YzUyMzQ0MjJkYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+rtI6jkBQNAWINH2TJPvnSH7qfd
1/twrKzausIALN8pZXqTJ5Gx7QdTub9gaIl9efT2ATMU3T12Z9n/tfSVja8ibBLX
z4HukkOVVdjt/dvcF+vt8CbYUhMlAEEn/t3HqEA4JdhjkmCVP3MwSN6HtweV4qL4
ICXSHxFIy8zN4CQ+yPXZtC9rLnPr00ot8zUphBqf834lQwAXRNy/h6JPoi3OeqX/
l/+qoQzhZi5EYP+lpIhEdVzC0nLaeYt3+FDr73WmtZgSxlZ6fd62m5bd/YmXHUm8
F7gZaJe3Nh271TucKN8aHX2tLlvBLzpWpXhAzX1U66foKHscaN4AYzY1QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5GltdUyYhHw9dZ71F1xSNEItoHMB8GA1UdIwQY
MBaAFFLZSDXbV/a+E46GT1k+5q2ouD7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEt
M2QwOGFhYmQ1ZTliLzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEtM2QwOGFhYmQ1ZTli
LzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfjO6PWSl
GM2m48G6WVxxBlsGk1Tz2wAGhBcxTrj1vXLK1V1IZJonCGLnJJSJA/mXoaXbU9Yv
GTEnUFZ63IVBMTu+W/C00kD8HQLOm0F5hXVq3ehemP40+gVMTn2FD6rf3sXthfPW
VuIUQOKLo4E5ODf+G4ZpK+BwOtWtNerG5hI0mAjBT/2jb6fR/nDH9zjhRaUz+peV
fkVCP5y1CTAAoSmwcKCefkQzMEMRl6jIZNaTfFGnLXERxAqW0fqnmHEbOtfzKktG
Tl3LbADSyimt1Elwf/zoY8i6VcB4gviCmmyohZFGAez6mfjeq/YabYoUDJLK86fp
Nai1niFeEnKbsw==
-----END CERTIFICATE-----