Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
File:                     Us3j-fOkO7GGEIo8M9n2NVeh14w.mft (raw, json)
Hash identifier:          f1vU16UyuyyO0VvNCZtRNx/oK+qjjE4l61lMTFQcVy8=
Subject key identifier:   1E:9F:37:8F:3F:F4:C5:7F:9F:AD:7B:4C:13:6C:29:A3:00:F5:31:22
Authority key identifier: 52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C
Certificate issuer:       /CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
Certificate serial:       0199FBEB791C19B43CE49455FBD6F758B051
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
Manifest number:          0196
Signing time:             Sun 19 Oct 2025 10:02:17 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:17 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:17 +0000
Files and hashes:         1: Us3j-fOkO7GGEIo8M9n2NVeh14w.crl (hash: 7drum7hO8GTaH4hYv9qzcPVo56OhMfBHJKS0Ph5N94k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:79:1c:19:b4:3c:e4:94:55:fb:d6:f7:58:b0:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
        Validity
            Not Before: Oct 19 10:02:17 2025 GMT
            Not After : Oct 20 10:02:17 2025 GMT
        Subject: CN=1e9f378f3ff4c57f9fad7b4c136c29a300f53122
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:72:43:a7:c7:eb:47:f4:e6:ac:91:8d:6f:e2:
                    4f:ce:77:77:ae:fd:b3:77:2b:4d:b8:3f:9b:06:fa:
                    b8:3a:d8:f7:21:61:98:86:00:13:99:b2:53:33:26:
                    f4:43:0f:5f:3f:34:45:7e:fd:ba:ba:e3:fe:18:85:
                    9c:31:17:8f:18:62:8d:ff:cd:72:66:57:62:54:ec:
                    95:45:75:ac:9f:28:ad:08:fd:cd:1a:56:90:11:fe:
                    03:e0:fb:9a:d5:23:4c:25:f0:5a:b0:03:46:32:15:
                    f1:56:dd:64:ff:e0:3e:20:f6:63:12:f4:5e:6d:db:
                    ac:85:23:9f:31:16:cb:b1:35:81:7b:86:c1:63:83:
                    50:93:82:45:b9:96:48:14:b8:d7:e1:21:f0:a2:3d:
                    10:81:af:f1:25:15:2a:3e:88:19:9c:d3:7f:e6:ad:
                    84:a9:33:0d:0b:ab:d0:ba:e2:0a:db:2f:e3:ed:63:
                    ca:a1:93:af:b0:bf:4a:f5:92:34:af:87:99:65:ed:
                    57:cb:95:8c:43:2f:52:0c:78:aa:bb:f5:ee:97:b8:
                    91:7f:fb:a5:df:5f:f1:63:6e:dd:37:9d:a1:a3:a4:
                    9d:96:03:be:e2:ab:1c:81:a0:d4:4c:6a:29:ad:1b:
                    46:94:11:bd:0c:7e:f3:cc:04:a0:b4:fc:d8:a3:d0:
                    8b:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:9F:37:8F:3F:F4:C5:7F:9F:AD:7B:4C:13:6C:29:A3:00:F5:31:22
            X509v3 Authority Key Identifier:
                keyid:52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:08:bf:95:7a:26:53:96:f2:45:01:2d:83:5a:43:45:b7:b3:
         88:ce:ba:6f:8b:30:aa:5e:cd:27:24:4b:44:91:3d:ec:09:61:
         63:4c:9f:10:c6:17:62:08:fd:d4:16:96:8d:81:bc:e2:58:14:
         98:7c:a4:ef:7b:28:6a:44:8c:9b:15:75:78:c8:da:93:e4:78:
         92:92:b4:0c:ef:f6:0c:9d:7c:12:aa:41:6e:f5:58:06:a1:80:
         57:cc:4c:1f:bd:81:57:ff:da:11:d9:d5:93:88:6a:70:52:77:
         32:5f:03:03:65:39:f0:3d:b5:d1:40:aa:ac:58:f0:e2:6b:63:
         42:52:15:f7:17:5a:25:97:70:63:1f:d1:fc:71:62:90:90:a7:
         b3:d0:4a:47:ec:33:ed:ca:e2:e5:f7:34:34:f0:51:28:43:58:
         0a:8c:27:c0:b2:ad:68:31:bb:12:f0:b5:16:f3:cd:53:c7:99:
         b4:b0:ce:df:d5:f6:f8:74:9b:0c:28:9b:6c:3d:28:2e:af:18:
         88:03:ff:eb:9d:a1:6f:9e:34:ec:3b:5c:29:20:ac:e2:26:ee:
         16:b9:4e:71:86:9a:6a:61:b3:1e:84:d8:68:75:31:71:fd:46:
         ea:6f:62:49:f9:d8:c9:a7:5c:e5:30:85:fa:23:ee:01:9a:d2:
         2f:05:9e:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn763kcGbQ85JRV+9b3WLBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2RlM2Y5ZjNhNDNiYjE4NjEwOGEzYzMzZDlmNjM1NTdh
MWQ3OGMwHhcNMjUxMDE5MTAwMjE3WhcNMjUxMDIwMTAwMjE3WjAzMTEwLwYDVQQD
EygxZTlmMzc4ZjNmZjRjNTdmOWZhZDdiNGMxMzZjMjlhMzAwZjUzMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHJDp8frR/TmrJGNb+JPznd3rv2z
dytNuD+bBvq4Otj3IWGYhgATmbJTMyb0Qw9fPzRFfv26uuP+GIWcMRePGGKN/81y
ZldiVOyVRXWsnyitCP3NGlaQEf4D4Pua1SNMJfBasANGMhXxVt1k/+A+IPZjEvRe
bdushSOfMRbLsTWBe4bBY4NQk4JFuZZIFLjX4SHwoj0Qga/xJRUqPogZnNN/5q2E
qTMNC6vQuuIK2y/j7WPKoZOvsL9K9ZI0r4eZZe1Xy5WMQy9SDHiqu/Xul7iRf/ul
31/xY27dN52ho6SdlgO+4qscgaDUTGoprRtGlBG9DH7zzASgtPzYo9CLSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6fN48/9MV/n617TBNsKaMA9TEiMB8GA1UdIwQY
MBaAFFLN4/nzpDuxhhCKPDPZ9jVXodeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzct
NjA0NmMwMDQ5NmJjLzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzctNjA0NmMwMDQ5NmJj
LzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQi/lXom
U5byRQEtg1pDRbeziM66b4swql7NJyRLRJE97AlhY0yfEMYXYgj91BaWjYG84lgU
mHyk73soakSMmxV1eMjak+R4kpK0DO/2DJ18EqpBbvVYBqGAV8xMH72BV//aEdnV
k4hqcFJ3Ml8DA2U58D210UCqrFjw4mtjQlIV9xdaJZdwYx/R/HFikJCns9BKR+wz
7cri5fc0NPBRKENYCownwLKtaDG7EvC1FvPNU8eZtLDO39X2+HSbDCibbD0oLq8Y
iAP/652hb5407DtcKSCs4ibuFrlOcYaaamGzHoTYaHUxcf1G6m9iSfnYyadc5TCF
+iPuAZrSLwWefw==
-----END CERTIFICATE-----