Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft
File:                     MtYmm4lSBJZffsl_Gdi12ckwt40.mft (raw, json)
Hash identifier:          FRjqmBsIxt+/GsW/YNm4qtMf0xRyKGBPU0MDpGX7D8g=
Subject key identifier:   50:04:6D:62:33:66:1C:82:A8:F1:F7:2C:C6:1C:32:B2:2A:42:20:F0
Authority key identifier: 32:D6:26:9B:89:52:04:96:5F:7E:C9:7F:19:D8:B5:D9:C9:30:B7:8D
Certificate issuer:       /CN=32d6269b895204965f7ec97f19d8b5d9c930b78d
Certificate serial:       0199FFC7D67FD721F97F517245C707947C71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MtYmm4lSBJZffsl_Gdi12ckwt40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft
Manifest number:          0198
Signing time:             Mon 20 Oct 2025 04:01:50 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:50 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:50 +0000
Files and hashes:         1: MtYmm4lSBJZffsl_Gdi12ckwt40.crl (hash: quBo6R2dV3uhdoJsvUDPa/QHxm4mxAI9GKIyhvDEHSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MtYmm4lSBJZffsl_Gdi12ckwt40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:d6:7f:d7:21:f9:7f:51:72:45:c7:07:94:7c:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32d6269b895204965f7ec97f19d8b5d9c930b78d
        Validity
            Not Before: Oct 20 04:01:50 2025 GMT
            Not After : Oct 21 04:01:50 2025 GMT
        Subject: CN=50046d6233661c82a8f1f72cc61c32b22a4220f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:00:e4:e5:88:25:b1:86:2f:6a:fc:5f:f0:15:
                    24:43:c3:e5:a5:41:99:93:cd:8b:b4:9e:22:21:66:
                    ca:02:18:90:c2:5f:22:74:6d:a7:c0:99:43:3a:33:
                    d3:9a:e3:1a:45:a2:4b:24:d0:b5:5d:5b:23:5b:56:
                    e0:f1:5b:4f:f7:35:2a:82:5f:db:13:16:29:36:6e:
                    95:d1:da:bd:ca:2d:cd:41:10:26:13:0a:02:9c:15:
                    77:50:56:c6:54:d9:e3:0c:41:72:4c:f5:33:89:39:
                    3b:4c:0b:08:03:28:ea:88:76:39:cd:d9:1d:19:e6:
                    dd:84:c5:1c:ee:b6:35:52:1d:a4:f3:25:32:ab:96:
                    f9:14:ad:ac:ca:a7:50:67:bb:53:3e:93:43:e1:b1:
                    0d:49:32:62:6b:f2:c3:2d:2b:e9:10:22:d8:9d:10:
                    3b:72:03:90:94:0a:b4:01:19:0d:df:ad:dc:26:e1:
                    d4:e3:d8:ca:a4:99:e9:21:29:e6:cf:0d:7c:46:3a:
                    b6:4f:1d:03:ae:64:9f:86:54:40:77:81:3e:a7:48:
                    20:70:e2:91:f3:2e:ac:bb:4e:fc:d3:c0:b7:b5:83:
                    a8:40:c3:b3:53:a8:e1:f5:db:48:c2:c9:8e:e4:87:
                    cf:50:bf:11:cb:08:66:c1:28:50:b4:32:50:60:54:
                    75:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:04:6D:62:33:66:1C:82:A8:F1:F7:2C:C6:1C:32:B2:2A:42:20:F0
            X509v3 Authority Key Identifier:
                keyid:32:D6:26:9B:89:52:04:96:5F:7E:C9:7F:19:D8:B5:D9:C9:30:B7:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtYmm4lSBJZffsl_Gdi12ckwt40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:58:0e:9d:3f:28:77:8d:8f:67:8b:e3:b2:ab:ae:be:cd:60:
         06:7a:fd:5b:b6:28:c3:26:71:30:45:39:7e:32:a5:f5:52:8b:
         06:e5:a6:09:96:4f:93:9f:7e:34:56:2d:ab:25:2f:04:8c:32:
         c9:f8:ec:08:8c:d8:c3:cd:e1:98:98:34:7c:d7:81:c6:62:08:
         70:39:c9:6e:31:bf:89:4e:42:22:5e:61:88:48:e6:7f:10:15:
         a8:44:93:6c:b7:1a:19:32:42:35:45:72:62:4e:9e:49:07:48:
         bb:e5:e6:67:ac:de:8c:00:86:12:e1:78:19:43:e7:cf:83:6a:
         9a:6b:5e:7b:18:a0:51:fb:85:34:96:35:ce:0a:f4:9c:2d:e8:
         b8:7e:61:4c:5a:4e:4c:9c:4f:47:85:c2:6e:50:df:6a:e4:f1:
         9a:9f:00:5c:d7:76:6f:9b:d9:8d:15:6b:a2:9f:9c:8e:7c:ab:
         33:c8:63:91:8b:a5:85:85:86:9b:0c:37:93:98:c9:5a:4f:0b:
         49:bb:fa:0e:df:94:96:41:93:e7:d9:5e:0b:46:75:26:75:a4:
         93:dc:93:7c:58:a3:1b:db:68:2f:71:79:d5:7c:6d:89:2d:0c:
         6a:56:13:de:98:07:da:d7:45:4a:79:9d:89:4a:85:c5:de:f1:
         cc:86:53:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x9Z/1yH5f1FyRccHlHxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZDYyNjliODk1MjA0OTY1ZjdlYzk3ZjE5ZDhiNWQ5Yzkz
MGI3OGQwHhcNMjUxMDIwMDQwMTUwWhcNMjUxMDIxMDQwMTUwWjAzMTEwLwYDVQQD
Eyg1MDA0NmQ2MjMzNjYxYzgyYThmMWY3MmNjNjFjMzJiMjJhNDIyMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQDk5YglsYYvavxf8BUkQ8PlpUGZ
k82LtJ4iIWbKAhiQwl8idG2nwJlDOjPTmuMaRaJLJNC1XVsjW1bg8VtP9zUqgl/b
ExYpNm6V0dq9yi3NQRAmEwoCnBV3UFbGVNnjDEFyTPUziTk7TAsIAyjqiHY5zdkd
GebdhMUc7rY1Uh2k8yUyq5b5FK2syqdQZ7tTPpND4bENSTJia/LDLSvpECLYnRA7
cgOQlAq0ARkN363cJuHU49jKpJnpISnmzw18Rjq2Tx0DrmSfhlRAd4E+p0ggcOKR
8y6su07808C3tYOoQMOzU6jh9dtIwsmO5IfPUL8RywhmwShQtDJQYFR12wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFAEbWIzZhyCqPH3LMYcMrIqQiDwMB8GA1UdIwQY
MBaAFDLWJpuJUgSWX37JfxnYtdnJMLeNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXRZbW00bFNCSlpmZnNsX0dkaTEyY2t3dDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNzI3N2UtZjhkYi00ZTMyLWJkZGQt
OTgxNTI0OWFhZGVmLzEvTXRZbW00bFNCSlpmZnNsX0dkaTEyY2t3dDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNzI3N2UtZjhkYi00ZTMyLWJkZGQtOTgxNTI0OWFhZGVm
LzEvTXRZbW00bFNCSlpmZnNsX0dkaTEyY2t3dDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs1gOnT8o
d42PZ4vjsquuvs1gBnr9W7YowyZxMEU5fjKl9VKLBuWmCZZPk59+NFYtqyUvBIwy
yfjsCIzYw83hmJg0fNeBxmIIcDnJbjG/iU5CIl5hiEjmfxAVqESTbLcaGTJCNUVy
Yk6eSQdIu+XmZ6zejACGEuF4GUPnz4NqmmteexigUfuFNJY1zgr0nC3ouH5hTFpO
TJxPR4XCblDfauTxmp8AXNd2b5vZjRVrop+cjnyrM8hjkYulhYWGmww3k5jJWk8L
Sbv6Dt+UlkGT59leC0Z1JnWkk9yTfFijG9toL3F51XxtiS0MalYT3pgH2tdFSnmd
iUqFxd7xzIZTSw==
-----END CERTIFICATE-----