Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft
File:                     sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft (raw, json)
Hash identifier:          8ozn/jGSjWaJUkIlLN4SkVRbNrdHc4z69Vq+dyofxQM=
Subject key identifier:   6B:95:B9:01:72:50:1C:3D:8D:20:45:AA:39:73:9B:33:FC:D3:24:5B
Authority key identifier: B0:7F:DF:43:7C:6F:5B:C7:3C:7D:CD:55:CE:58:CD:92:E4:9D:60:2E
Certificate issuer:       /CN=b07fdf437c6f5bc73c7dcd55ce58cd92e49d602e
Certificate serial:       0199FE103199F0367A776A32467DFA64C728
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sH_fQ3xvW8c8fc1VzljNkuSdYC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 20:01:37 +0000
Manifest this update:     Sun 19 Oct 2025 20:01:37 +0000
Manifest next update:     Mon 20 Oct 2025 20:01:37 +0000
Files and hashes:         1: sH_fQ3xvW8c8fc1VzljNkuSdYC4.crl (hash: eHADLcrxFyXp9oBsiv3lJ+QQCkfRcyLHcBI8vCy81go=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sH_fQ3xvW8c8fc1VzljNkuSdYC4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:10:31:99:f0:36:7a:77:6a:32:46:7d:fa:64:c7:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b07fdf437c6f5bc73c7dcd55ce58cd92e49d602e
        Validity
            Not Before: Oct 19 20:01:37 2025 GMT
            Not After : Oct 20 20:01:37 2025 GMT
        Subject: CN=6b95b90172501c3d8d2045aa39739b33fcd3245b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:fe:cf:20:8a:80:45:4b:8d:07:21:77:52:36:
                    c0:f2:66:f6:cd:93:de:76:9d:21:3f:a2:f8:38:0a:
                    3e:21:86:d6:b5:c9:6f:00:4a:02:50:61:93:54:7c:
                    1c:a7:c7:b9:fa:f8:11:9f:e3:c3:01:3c:85:aa:0a:
                    4f:4c:b1:00:dd:ed:df:be:aa:ca:b1:2b:f4:0b:0d:
                    09:6a:d9:17:3f:68:e6:06:76:3a:dc:b2:f1:e2:06:
                    77:5e:ee:98:87:9f:20:6e:4a:5e:1f:0e:82:d1:de:
                    51:b5:c5:50:b6:42:fc:b9:5f:fa:e9:8c:e5:ad:09:
                    d2:71:91:89:06:88:95:a0:73:28:37:83:72:3b:98:
                    e1:d9:93:f5:d3:02:2e:41:f8:56:94:5a:44:0c:b9:
                    b8:e3:7d:40:03:43:14:b6:a5:ca:38:54:ad:9a:3f:
                    16:b6:83:fd:b5:c7:db:74:5e:bc:37:59:69:9b:3e:
                    31:04:b6:40:e6:e9:38:7e:3a:04:15:30:66:8f:67:
                    36:23:d3:b1:d4:44:5b:9b:62:11:86:e4:48:a0:d6:
                    9f:33:d8:f5:e4:f4:ad:eb:bb:09:82:3c:f6:88:da:
                    0b:4c:42:eb:a0:9d:5a:98:0b:96:fc:8b:90:6e:46:
                    9d:59:72:7b:cf:9e:d9:ea:c8:5f:82:d6:29:7f:47:
                    66:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:95:B9:01:72:50:1C:3D:8D:20:45:AA:39:73:9B:33:FC:D3:24:5B
            X509v3 Authority Key Identifier:
                keyid:B0:7F:DF:43:7C:6F:5B:C7:3C:7D:CD:55:CE:58:CD:92:E4:9D:60:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sH_fQ3xvW8c8fc1VzljNkuSdYC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:bc:da:89:ca:51:f5:c7:e7:bf:1e:75:56:f8:5a:ac:1b:97:
         7c:ff:db:c5:82:9d:7d:61:b6:b4:f9:99:ff:a2:73:99:0f:d9:
         d7:07:ee:5c:ac:e4:6b:a2:43:a4:ce:79:c5:4b:23:80:3a:64:
         8e:72:e8:42:36:b7:4f:af:32:ac:bf:c0:30:e5:9a:23:b4:7a:
         94:d9:67:d3:c7:c0:c4:d3:ae:3b:30:4c:5c:9f:50:35:51:56:
         d9:83:e5:4f:9e:af:af:0a:11:88:d6:b6:e0:b7:38:ff:56:6e:
         40:50:e0:56:67:f7:8f:16:32:f6:0f:b3:a2:66:63:06:4d:7e:
         fe:71:7d:ad:5c:04:17:89:8b:cf:b4:8e:9d:85:a5:6d:69:33:
         e7:eb:b7:74:60:31:c9:fd:ce:93:d0:3e:b2:dc:f8:c0:fd:d4:
         2f:47:85:8b:a5:ba:d1:8f:f0:d7:f9:64:0d:d8:46:32:98:2a:
         8c:1a:92:74:1e:7d:04:2f:9d:3c:18:ff:01:d8:bf:81:9f:4f:
         37:40:54:42:8c:85:30:f6:ce:f1:19:11:23:91:b6:3c:47:c2:
         f5:7a:40:f9:ff:f2:57:78:02:de:85:47:bd:7e:46:34:4f:4f:
         50:48:03:84:0a:f7:8d:2a:2f:ac:92:cc:c9:c3:77:47:6b:90:
         12:80:ab:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+EDGZ8DZ6d2oyRn36ZMcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2ZkZjQzN2M2ZjViYzczYzdkY2Q1NWNlNThjZDkyZTQ5
ZDYwMmUwHhcNMjUxMDE5MjAwMTM3WhcNMjUxMDIwMjAwMTM3WjAzMTEwLwYDVQQD
Eyg2Yjk1YjkwMTcyNTAxYzNkOGQyMDQ1YWEzOTczOWIzM2ZjZDMyNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP7PIIqARUuNByF3UjbA8mb2zZPe
dp0hP6L4OAo+IYbWtclvAEoCUGGTVHwcp8e5+vgRn+PDATyFqgpPTLEA3e3fvqrK
sSv0Cw0JatkXP2jmBnY63LLx4gZ3Xu6Yh58gbkpeHw6C0d5RtcVQtkL8uV/66Yzl
rQnScZGJBoiVoHMoN4NyO5jh2ZP10wIuQfhWlFpEDLm4431AA0MUtqXKOFStmj8W
toP9tcfbdF68N1lpmz4xBLZA5uk4fjoEFTBmj2c2I9Ox1ERbm2IRhuRIoNafM9j1
5PSt67sJgjz2iNoLTELroJ1amAuW/IuQbkadWXJ7z57Z6shfgtYpf0dmIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGuVuQFyUBw9jSBFqjlzmzP80yRbMB8GA1UdIwQY
MBaAFLB/30N8b1vHPH3NVc5YzZLknWAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hfZlEzeHZXOGM4ZmMxVnpsak5rdVNkWUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYjBhNDItNmExOS00NTc3LTk5ZDIt
YTc4Yjk3ZWVhNWMxLzEvc0hfZlEzeHZXOGM4ZmMxVnpsak5rdVNkWUM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYjBhNDItNmExOS00NTc3LTk5ZDItYTc4Yjk3ZWVhNWMx
LzEvc0hfZlEzeHZXOGM4ZmMxVnpsak5rdVNkWUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZLzaicpR
9cfnvx51VvharBuXfP/bxYKdfWG2tPmZ/6JzmQ/Z1wfuXKzka6JDpM55xUsjgDpk
jnLoQja3T68yrL/AMOWaI7R6lNln08fAxNOuOzBMXJ9QNVFW2YPlT56vrwoRiNa2
4Lc4/1ZuQFDgVmf3jxYy9g+zomZjBk1+/nF9rVwEF4mLz7SOnYWlbWkz5+u3dGAx
yf3Ok9A+stz4wP3UL0eFi6W60Y/w1/lkDdhGMpgqjBqSdB59BC+dPBj/Adi/gZ9P
N0BUQoyFMPbO8RkRI5G2PEfC9XpA+f/yV3gC3oVHvX5GNE9PUEgDhAr3jSovrJLM
ycN3R2uQEoCrsA==
-----END CERTIFICATE-----