Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          s9ZiH4WVCVgKOVjU0mq8x02ZupyuwnsHQkZMM0Oj9LI=
Subject key identifier:   98:C4:8D:C4:53:1F:FB:9A:A6:0A:0E:71:03:B0:DB:9C:A0:F4:49:64
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       0199FBEA7F5D98B8EB9791255DCC042884B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 10:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:13 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: Hio6B+I1oshK1GO6n7EbYCJVY+1heoTqEgCxwktQm1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:7f:5d:98:b8:eb:97:91:25:5d:cc:04:28:84:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: Oct 19 10:01:13 2025 GMT
            Not After : Oct 20 10:01:13 2025 GMT
        Subject: CN=98c48dc4531ffb9aa60a0e7103b0db9ca0f44964
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c0:0d:91:43:ac:ce:5a:4f:c8:45:57:7e:9c:
                    40:39:dd:8b:43:9d:25:f8:28:af:d1:7e:db:db:de:
                    ad:7a:21:85:a1:8e:c4:73:5a:b1:48:00:58:86:73:
                    a9:40:25:25:d6:f1:70:46:5b:f3:56:3b:54:78:24:
                    c3:c0:9c:3c:8f:17:c8:f4:fd:3c:e9:e4:db:59:23:
                    27:44:00:f6:ed:73:11:61:4d:43:9e:8c:22:51:77:
                    18:12:5e:83:dc:4d:e3:95:96:98:45:d3:60:97:27:
                    70:e0:07:bd:31:22:8b:55:d7:67:31:cf:0b:25:d1:
                    83:8e:5e:e4:fe:3a:91:51:d9:4e:95:e5:da:72:51:
                    60:5f:e0:67:19:21:fd:a3:b7:5b:7b:df:60:b4:63:
                    4a:41:32:c3:39:3c:7c:3b:d6:1c:f3:fc:72:01:ba:
                    30:b9:ae:9d:db:09:ec:83:42:13:6f:04:e8:20:ac:
                    e1:7b:92:b3:35:1c:15:bc:d7:29:ce:a6:c4:bd:63:
                    65:08:8c:47:75:f4:9e:55:e5:b5:6c:c1:73:8c:92:
                    c1:0c:68:45:76:62:ae:a0:67:eb:2c:1e:7a:0d:66:
                    4e:74:5c:13:bf:02:95:59:c2:bb:65:b9:1a:53:51:
                    8c:bb:69:0e:2e:20:5a:c2:9c:7b:69:ea:80:ca:38:
                    b8:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:C4:8D:C4:53:1F:FB:9A:A6:0A:0E:71:03:B0:DB:9C:A0:F4:49:64
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:b8:64:e2:57:8a:9e:db:6b:e7:09:0a:ad:bc:ac:98:eb:84:
         37:07:b3:8f:da:f8:3f:f6:fb:2f:c4:c3:bb:f1:9a:0c:db:90:
         bd:69:74:c7:e9:7b:0f:a0:e3:18:26:d3:61:c0:e5:48:5b:7f:
         cb:30:b2:3f:8a:0e:63:f5:a2:15:f3:13:c3:52:50:43:4e:6e:
         9b:c7:a6:01:32:09:ef:e3:99:3c:eb:fd:cb:67:d1:48:68:09:
         fe:5d:3a:c4:b0:80:5c:da:2c:12:38:74:b6:bd:37:45:63:73:
         c8:eb:1b:45:f7:b6:91:bb:07:19:58:71:f7:d3:63:cb:88:4c:
         4b:2d:ac:1b:92:ac:b2:23:63:62:91:94:e0:32:29:ee:60:c9:
         0d:57:cb:c2:54:85:ee:e3:b4:28:97:41:2c:99:ed:43:6f:77:
         8a:68:1c:75:75:e9:5a:50:1e:d8:73:de:1d:a7:08:39:c3:49:
         2c:23:f6:28:8d:fe:b7:e7:4c:8b:c7:aa:27:56:16:54:2c:93:
         e1:98:62:5c:b3:c0:94:4b:cd:fe:2e:f1:9d:4c:e9:16:ae:29:
         04:ea:ac:92:88:66:90:b3:bd:7f:06:f0:22:f7:1c:85:e7:ae:
         63:f4:e4:a2:6c:1e:ab:ad:00:38:45:32:e1:53:8a:de:99:16:
         3c:15:36:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76n9dmLjrl5ElXcwEKISzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjUxMDE5MTAwMTEzWhcNMjUxMDIwMTAwMTEzWjAzMTEwLwYDVQQD
Eyg5OGM0OGRjNDUzMWZmYjlhYTYwYTBlNzEwM2IwZGI5Y2EwZjQ0OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsANkUOszlpPyEVXfpxAOd2LQ50l
+Civ0X7b296teiGFoY7Ec1qxSABYhnOpQCUl1vFwRlvzVjtUeCTDwJw8jxfI9P08
6eTbWSMnRAD27XMRYU1DnowiUXcYEl6D3E3jlZaYRdNglydw4Ae9MSKLVddnMc8L
JdGDjl7k/jqRUdlOleXaclFgX+BnGSH9o7dbe99gtGNKQTLDOTx8O9Yc8/xyAbow
ua6d2wnsg0ITbwToIKzhe5KzNRwVvNcpzqbEvWNlCIxHdfSeVeW1bMFzjJLBDGhF
dmKuoGfrLB56DWZOdFwTvwKVWcK7ZbkaU1GMu2kOLiBawpx7aeqAyji48wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjEjcRTH/uapgoOcQOw25yg9ElkMB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFbhk4leK
nttr5wkKrbysmOuENwezj9r4P/b7L8TDu/GaDNuQvWl0x+l7D6DjGCbTYcDlSFt/
yzCyP4oOY/WiFfMTw1JQQ05um8emATIJ7+OZPOv9y2fRSGgJ/l06xLCAXNosEjh0
tr03RWNzyOsbRfe2kbsHGVhx99Njy4hMSy2sG5KssiNjYpGU4DIp7mDJDVfLwlSF
7uO0KJdBLJntQ293imgcdXXpWlAe2HPeHacIOcNJLCP2KI3+t+dMi8eqJ1YWVCyT
4ZhiXLPAlEvN/i7xnUzpFq4pBOqskohmkLO9fwbwIvccheeuY/Tkomweq60AOEUy
4VOK3pkWPBU2YA==
-----END CERTIFICATE-----