Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
File:                     UTNdj7orxzOYOV-90-DW8_89G2Q.mft (raw, json)
Hash identifier:          B4fGKSqkgd9pmhuu0F6kHzTjB/k5hMWhsy8shaHY7Ok=
Subject key identifier:   89:52:25:AB:C2:06:35:FE:F3:0E:84:4D:86:D9:71:8F:7D:85:87:02
Authority key identifier: 51:33:5D:8F:BA:2B:C7:33:98:39:5F:BD:D3:E0:D6:F3:FF:3D:1B:64
Certificate issuer:       /CN=51335d8fba2bc73398395fbdd3e0d6f3ff3d1b64
Certificate serial:       019A70A508047183ECF2B27342794A762570
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
Manifest number:          12B2
Signing time:             Tue 11 Nov 2025 02:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 02:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 02:00:54 +0000
Files and hashes:         1: UTNdj7orxzOYOV-90-DW8_89G2Q.crl (hash: fUYJrGR3OLcT5b2b5dPUclSJQZCQhOoWXs+HQsU3lJs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:08:04:71:83:ec:f2:b2:73:42:79:4a:76:25:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51335d8fba2bc73398395fbdd3e0d6f3ff3d1b64
        Validity
            Not Before: Nov 11 02:00:54 2025 GMT
            Not After : Nov 12 02:00:54 2025 GMT
        Subject: CN=895225abc20635fef30e844d86d9718f7d858702
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f0:4f:02:88:f1:61:69:9d:f3:08:cb:52:d2:
                    92:4f:a2:06:7a:53:68:28:44:bd:fc:3e:d3:bb:0d:
                    76:d1:81:e7:4f:45:e6:f6:08:f5:47:27:e8:1b:58:
                    42:61:82:a1:76:ff:b8:80:16:62:9e:6b:1e:74:3e:
                    f8:2e:06:ac:46:c1:36:e0:49:fa:37:a9:f8:d5:29:
                    ef:ed:11:2f:18:a6:30:66:25:34:42:4b:8d:86:a4:
                    27:6f:00:96:52:09:52:da:96:70:61:20:a6:51:a8:
                    6e:46:bb:97:ac:8f:0f:7a:c4:08:b3:19:4e:ad:d0:
                    2d:c5:57:c9:8e:72:e1:54:01:d8:e0:5d:cd:7e:79:
                    10:22:6c:0b:53:93:07:e1:1f:c7:7c:44:25:d8:35:
                    33:6d:87:c5:f4:96:22:f4:dd:b9:56:50:2b:0c:4d:
                    9b:e0:29:df:de:6a:3a:9e:5b:22:e3:d4:0f:53:04:
                    0b:61:64:f1:c5:54:9d:77:f0:35:75:99:b8:34:4e:
                    d0:9a:29:45:3f:55:cc:01:28:60:a7:ae:83:4a:71:
                    aa:27:5b:7f:6c:55:49:30:3a:d2:d1:a2:00:de:65:
                    92:fa:3f:7a:63:ac:d6:ac:f1:84:71:04:c8:2c:e0:
                    8d:93:24:0a:54:a5:ae:56:4f:f5:7a:6b:40:2e:ad:
                    4e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:52:25:AB:C2:06:35:FE:F3:0E:84:4D:86:D9:71:8F:7D:85:87:02
            X509v3 Authority Key Identifier:
                keyid:51:33:5D:8F:BA:2B:C7:33:98:39:5F:BD:D3:E0:D6:F3:FF:3D:1B:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:7f:9f:a2:6a:02:55:3e:8e:ff:69:b2:91:7b:2c:39:9e:62:
         80:2a:5a:68:f0:18:64:c4:d7:c8:79:ed:3a:c2:3b:d6:d1:3b:
         75:5c:b8:69:48:cf:37:03:64:f9:50:ad:c0:f4:dd:13:59:e9:
         eb:17:11:29:a1:9b:7c:2a:d1:50:83:2a:90:04:8b:e3:31:66:
         96:bb:9d:4e:a3:25:76:89:32:a7:10:8f:19:f5:1b:c3:6f:f0:
         08:e0:b3:a5:78:31:a7:a7:02:56:64:b2:49:ed:d6:98:c8:3a:
         86:bb:19:ea:6b:6e:ef:c8:c2:39:04:c2:2d:44:0f:b1:49:11:
         c9:38:83:e7:a9:9a:be:70:1a:29:4c:a1:ff:d9:c3:95:20:34:
         30:e2:e2:ec:27:22:5f:14:ba:1f:42:22:c0:56:95:24:db:93:
         07:6c:91:65:03:37:6e:b9:77:8b:cc:15:f6:86:a0:be:10:ad:
         da:06:43:83:19:81:07:1d:98:3e:e6:40:8b:6f:d6:50:50:f3:
         4c:98:fe:eb:05:99:d3:8f:d1:14:7d:24:96:bc:45:86:d0:9d:
         2b:21:db:18:60:61:03:c9:27:32:4d:c3:68:07:29:91:1c:49:
         7c:4b:59:73:50:48:26:8d:0e:e6:fb:a0:dc:8f:98:20:2f:d5:
         7b:75:9f:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpQgEcYPs8rJzQnlKdiVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMzM1ZDhmYmEyYmM3MzM5ODM5NWZiZGQzZTBkNmYzZmYz
ZDFiNjQwHhcNMjUxMTExMDIwMDU0WhcNMjUxMTEyMDIwMDU0WjAzMTEwLwYDVQQD
Eyg4OTUyMjVhYmMyMDYzNWZlZjMwZTg0NGQ4NmQ5NzE4ZjdkODU4NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvBPAojxYWmd8wjLUtKST6IGelNo
KES9/D7Tuw120YHnT0Xm9gj1RyfoG1hCYYKhdv+4gBZinmsedD74LgasRsE24En6
N6n41Snv7REvGKYwZiU0QkuNhqQnbwCWUglS2pZwYSCmUahuRruXrI8PesQIsxlO
rdAtxVfJjnLhVAHY4F3NfnkQImwLU5MH4R/HfEQl2DUzbYfF9JYi9N25VlArDE2b
4Cnf3mo6nlsi49QPUwQLYWTxxVSdd/A1dZm4NE7QmilFP1XMAShgp66DSnGqJ1t/
bFVJMDrS0aIA3mWS+j96Y6zWrPGEcQTILOCNkyQKVKWuVk/1emtALq1OXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlSJavCBjX+8w6ETYbZcY99hYcCMB8GA1UdIwQY
MBaAFFEzXY+6K8czmDlfvdPg1vP/PRtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80MmIzMTctMTJjOC00ZGQxLTljNTUt
YmZhOTY5ZTU2N2IxLzEvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80MmIzMTctMTJjOC00ZGQxLTljNTUtYmZhOTY5ZTU2N2Ix
LzEvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO3+fomoC
VT6O/2mykXssOZ5igCpaaPAYZMTXyHntOsI71tE7dVy4aUjPNwNk+VCtwPTdE1np
6xcRKaGbfCrRUIMqkASL4zFmlrudTqMldokypxCPGfUbw2/wCOCzpXgxp6cCVmSy
Se3WmMg6hrsZ6mtu78jCOQTCLUQPsUkRyTiD56mavnAaKUyh/9nDlSA0MOLi7Cci
XxS6H0IiwFaVJNuTB2yRZQM3brl3i8wV9oagvhCt2gZDgxmBBx2YPuZAi2/WUFDz
TJj+6wWZ04/RFH0klrxFhtCdKyHbGGBhA8knMk3DaAcpkRxJfEtZc1BIJo0O5vug
3I+YIC/Ve3WfNQ==
-----END CERTIFICATE-----