Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/f1d439-7cc7-449f-a9e2-2ea6f5efb27f/1/I_ifV9ByhJ4MqyGVzQuvJVeTXqA.mft
File:                     I_ifV9ByhJ4MqyGVzQuvJVeTXqA.mft (raw, json)
Hash identifier:          U6rLTfSif0a5Yflac1vKSN8Fi7dQJuj5cVDi2JEemfI=
Subject key identifier:   1C:0A:60:36:23:D2:C6:EF:F1:99:3A:28:44:1A:A9:0D:ED:4B:DE:F2
Authority key identifier: 23:F8:9F:57:D0:72:84:9E:0C:AB:21:95:CD:0B:AF:25:57:93:5E:A0
Certificate issuer:       /CN=23f89f57d072849e0cab2195cd0baf2557935ea0
Certificate serial:       0199FF229CBAD7DDC15F09846523D5DFB9A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_ifV9ByhJ4MqyGVzQuvJVeTXqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/f1d439-7cc7-449f-a9e2-2ea6f5efb27f/1/I_ifV9ByhJ4MqyGVzQuvJVeTXqA.mft
Manifest number:          16E0
Signing time:             Mon 20 Oct 2025 01:01:22 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:22 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:22 +0000
Files and hashes:         1: I_ifV9ByhJ4MqyGVzQuvJVeTXqA.crl (hash: PWMLHvnebvIEwIswYKdlPM9bFy7yePcb3eCeSZN1UP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/f1d439-7cc7-449f-a9e2-2ea6f5efb27f/1/I_ifV9ByhJ4MqyGVzQuvJVeTXqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/f1d439-7cc7-449f-a9e2-2ea6f5efb27f/1/I_ifV9ByhJ4MqyGVzQuvJVeTXqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_ifV9ByhJ4MqyGVzQuvJVeTXqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:9c:ba:d7:dd:c1:5f:09:84:65:23:d5:df:b9:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f89f57d072849e0cab2195cd0baf2557935ea0
        Validity
            Not Before: Oct 20 01:01:22 2025 GMT
            Not After : Oct 21 01:01:22 2025 GMT
        Subject: CN=1c0a603623d2c6eff1993a28441aa90ded4bdef2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:4a:ad:30:fa:b6:d6:33:55:0a:56:4d:d4:fb:
                    88:44:b6:60:e9:38:a8:57:8d:bd:7c:33:eb:c8:fc:
                    b5:2f:ff:34:31:63:71:6f:70:7b:c8:fd:72:e0:b1:
                    07:dd:8f:73:7f:3a:b5:de:ab:fa:e8:38:70:b5:ac:
                    20:54:96:59:d1:19:ab:e7:62:fb:bc:cb:be:9d:a1:
                    ac:8d:71:b7:2f:ea:40:af:eb:04:c2:bd:40:7e:46:
                    88:29:9f:88:e7:2b:87:bf:5f:42:da:2e:a4:31:df:
                    76:5a:b3:b8:76:b6:84:29:66:91:11:33:84:9e:29:
                    87:77:b5:0c:51:93:2b:38:bb:1b:0a:a1:e5:ff:b0:
                    23:bd:65:27:dc:00:60:e6:57:6a:56:24:ed:9d:3f:
                    3e:7d:55:4f:8a:53:aa:ed:9f:f0:88:db:70:ac:65:
                    f2:58:ab:5f:a2:21:33:da:86:1f:d8:e1:8e:c0:38:
                    ab:ab:38:64:b0:2a:8d:9c:a3:af:5b:00:c5:e5:8f:
                    ff:0c:8e:48:46:e7:52:63:f8:81:35:0d:92:92:ad:
                    9d:81:12:5e:7a:7b:21:95:1a:02:5e:a9:b4:84:7f:
                    ec:6b:22:e3:39:82:61:b5:0a:a9:db:2b:78:14:01:
                    0d:6e:ff:4c:ad:52:8b:c7:8a:73:39:a9:7f:a1:c5:
                    ca:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:0A:60:36:23:D2:C6:EF:F1:99:3A:28:44:1A:A9:0D:ED:4B:DE:F2
            X509v3 Authority Key Identifier:
                keyid:23:F8:9F:57:D0:72:84:9E:0C:AB:21:95:CD:0B:AF:25:57:93:5E:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_ifV9ByhJ4MqyGVzQuvJVeTXqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/f1d439-7cc7-449f-a9e2-2ea6f5efb27f/1/I_ifV9ByhJ4MqyGVzQuvJVeTXqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/f1d439-7cc7-449f-a9e2-2ea6f5efb27f/1/I_ifV9ByhJ4MqyGVzQuvJVeTXqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:70:f0:37:75:51:82:61:31:59:e4:11:c7:9d:71:2a:3a:d4:
         70:fa:e2:98:cb:7a:1b:97:0a:ba:08:d7:0b:10:cc:9f:ea:2c:
         16:bf:6f:49:33:d5:4f:a6:5c:e6:9a:86:b5:46:c8:83:73:b1:
         f7:f1:68:bf:60:a0:73:92:f5:72:f8:21:8f:d5:8c:57:4c:f0:
         5d:63:11:6a:19:df:20:ce:33:5b:3d:77:ff:49:75:d8:cb:5f:
         e9:15:c1:fe:59:31:66:ac:be:1d:da:31:dc:d2:e3:e9:ed:28:
         66:c1:50:46:23:f3:2a:c4:6e:6f:75:6e:8f:4e:b2:b6:c8:4c:
         3e:c1:00:50:f1:89:f0:ed:c5:ae:7c:99:72:d6:7c:67:ca:cd:
         c9:07:04:f7:b1:06:47:c4:63:65:b9:36:e3:30:54:09:0b:76:
         2f:6f:6c:db:17:30:e3:12:81:f5:90:3d:c4:67:fe:12:ef:d4:
         57:75:10:a2:7a:f0:74:bc:a4:01:8a:e0:c1:b9:62:92:84:fb:
         9e:5f:3f:7c:98:6f:e0:b8:cb:70:ae:09:ae:7a:a0:b6:7c:fa:
         a1:ad:dd:ab:22:63:7b:f0:08:67:bd:d0:76:a7:72:ec:f1:35:
         ba:90:2e:32:cd:c5:2b:10:99:bc:1c:10:43:af:9b:bb:3f:bb:
         c8:59:5a:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/Ipy6193BXwmEZSPV37mnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjg5ZjU3ZDA3Mjg0OWUwY2FiMjE5NWNkMGJhZjI1NTc5
MzVlYTAwHhcNMjUxMDIwMDEwMTIyWhcNMjUxMDIxMDEwMTIyWjAzMTEwLwYDVQQD
EygxYzBhNjAzNjIzZDJjNmVmZjE5OTNhMjg0NDFhYTkwZGVkNGJkZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEqtMPq21jNVClZN1PuIRLZg6Tio
V429fDPryPy1L/80MWNxb3B7yP1y4LEH3Y9zfzq13qv66DhwtawgVJZZ0Rmr52L7
vMu+naGsjXG3L+pAr+sEwr1AfkaIKZ+I5yuHv19C2i6kMd92WrO4draEKWaRETOE
nimHd7UMUZMrOLsbCqHl/7AjvWUn3ABg5ldqViTtnT8+fVVPilOq7Z/wiNtwrGXy
WKtfoiEz2oYf2OGOwDirqzhksCqNnKOvWwDF5Y//DI5IRudSY/iBNQ2Skq2dgRJe
enshlRoCXqm0hH/sayLjOYJhtQqp2yt4FAENbv9MrVKLx4pzOal/ocXK0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwKYDYj0sbv8Zk6KEQaqQ3tS97yMB8GA1UdIwQY
MBaAFCP4n1fQcoSeDKshlc0LryVXk16gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9pZlY5QnloSjRNcXlHVnpRdXZKVmVUWHFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9mMWQ0MzktN2NjNy00NDlmLWE5ZTIt
MmVhNmY1ZWZiMjdmLzEvSV9pZlY5QnloSjRNcXlHVnpRdXZKVmVUWHFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9mMWQ0MzktN2NjNy00NDlmLWE5ZTItMmVhNmY1ZWZiMjdm
LzEvSV9pZlY5QnloSjRNcXlHVnpRdXZKVmVUWHFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW3DwN3VR
gmExWeQRx51xKjrUcPrimMt6G5cKugjXCxDMn+osFr9vSTPVT6Zc5pqGtUbIg3Ox
9/Fov2Cgc5L1cvghj9WMV0zwXWMRahnfIM4zWz13/0l12Mtf6RXB/lkxZqy+Hdox
3NLj6e0oZsFQRiPzKsRub3Vuj06ytshMPsEAUPGJ8O3FrnyZctZ8Z8rNyQcE97EG
R8RjZbk24zBUCQt2L29s2xcw4xKB9ZA9xGf+Eu/UV3UQonrwdLykAYrgwblikoT7
nl8/fJhv4LjLcK4Jrnqgtnz6oa3dqyJje/AIZ73Qdqdy7PE1upAuMs3FKxCZvBwQ
Q6+buz+7yFlaJg==
-----END CERTIFICATE-----