Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
File:                     goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json)
Hash identifier:          QnqaK6gbAxePKTTuvz1Ka370e6/t9jDT0UrAV6uyncE=
Subject key identifier:   1E:6D:B4:50:47:A2:ED:EB:4A:8E:6B:99:23:ED:73:D6:65:1C:BD:CA
Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16
Certificate issuer:       /CN=82821e92cc2700761930398e2380c23aa4755f16
Certificate serial:       0199FBEAB4F43BBF23CC1BAB17C415D1C542
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
Manifest number:          0797
Signing time:             Sun 19 Oct 2025 10:01:26 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:26 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:26 +0000
Files and hashes:         1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: N/Z1KUCtOlYAWRELLHCADjqeM3YiN+yUgyBglx511QA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:b4:f4:3b:bf:23:cc:1b:ab:17:c4:15:d1:c5:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16
        Validity
            Not Before: Oct 19 10:01:26 2025 GMT
            Not After : Oct 20 10:01:26 2025 GMT
        Subject: CN=1e6db45047a2edeb4a8e6b9923ed73d6651cbdca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:a9:f9:f1:5b:5b:30:a1:86:71:2b:d3:5c:42:
                    ef:7f:94:23:7b:77:df:8b:98:32:10:ef:37:1e:a9:
                    2b:e2:81:f3:8b:08:df:1c:20:4c:5e:1e:98:28:1b:
                    ef:1e:c3:b0:f7:a2:38:c3:0c:0d:a4:15:14:c3:c9:
                    29:9d:2e:44:43:a1:e9:7a:eb:65:2b:fe:0b:7c:24:
                    8b:a6:63:f9:6d:45:58:73:66:3a:95:db:76:b7:a3:
                    43:8b:ae:13:c2:5b:93:89:a3:11:d0:5a:0a:db:71:
                    4e:f7:2f:f5:73:5c:a5:6c:86:70:5e:fb:3e:f7:13:
                    86:df:6d:18:da:c1:e7:54:7d:85:a1:36:dc:0d:49:
                    a1:85:cf:4b:38:0f:3f:2d:9d:70:35:e1:09:27:cd:
                    b5:35:a7:9c:a3:c5:c8:01:07:2d:b9:bb:1b:bf:51:
                    c8:76:6c:d7:c0:5c:e7:71:55:db:a2:45:e8:31:f5:
                    b2:10:31:bc:63:d2:cb:50:a6:e3:d9:80:86:15:1f:
                    63:43:b0:31:87:1d:03:b8:d4:48:65:6a:14:86:be:
                    3c:8b:f9:58:a5:b0:a8:4e:6f:4f:de:67:47:8d:c4:
                    f1:1c:3c:39:32:94:ae:81:e2:8b:23:23:8b:43:02:
                    cf:b3:ad:81:45:23:08:3a:a5:f7:f1:81:f8:31:48:
                    42:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:6D:B4:50:47:A2:ED:EB:4A:8E:6B:99:23:ED:73:D6:65:1C:BD:CA
            X509v3 Authority Key Identifier:
                keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:0d:d2:9b:7e:60:42:7b:59:69:49:ab:4e:1d:c5:b7:d7:a4:
         22:74:8a:12:aa:de:e4:7a:0e:3b:2f:6c:26:39:d9:9d:f7:4c:
         fb:55:ff:b4:4a:f0:ca:1f:22:82:7e:97:5a:8c:35:29:86:b1:
         e5:9a:2a:c6:5f:84:42:97:43:1d:73:ab:84:03:c2:c5:46:56:
         07:05:e8:f8:d5:ba:a7:8a:7e:31:52:7f:ea:52:27:b3:ec:b0:
         83:c9:9e:cb:c3:50:f1:e5:87:6d:c7:12:6f:19:62:08:ef:cf:
         3f:f7:47:53:91:58:16:c5:e5:ab:9b:09:ab:f4:b9:ee:19:3b:
         d0:85:61:bd:d0:dc:ef:00:4c:e5:b5:23:fd:bb:7e:0f:d9:93:
         0b:aa:54:98:16:a1:a3:0f:69:e4:89:53:1c:fb:33:bd:51:5e:
         01:18:b7:44:92:aa:99:17:9e:d5:4b:2f:f0:e7:67:2a:86:3b:
         4f:ed:07:fe:af:a6:c7:9c:18:47:d4:cb:21:e4:2f:57:ad:a0:
         53:26:38:49:ee:be:6d:4c:77:93:ca:54:93:2c:9a:60:3a:b0:
         1f:6a:b6:d5:d3:07:52:8d:b6:ca:4c:a9:53:68:96:8e:cb:3e:
         c8:e1:ce:43:99:fa:2f:36:37:d6:0d:dd:e4:94:c5:a2:3a:86:
         2c:80:eb:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76rT0O78jzBurF8QV0cVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3
NTVmMTYwHhcNMjUxMDE5MTAwMTI2WhcNMjUxMDIwMTAwMTI2WjAzMTEwLwYDVQQD
EygxZTZkYjQ1MDQ3YTJlZGViNGE4ZTZiOTkyM2VkNzNkNjY1MWNiZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Kn58VtbMKGGcSvTXELvf5Qje3ff
i5gyEO83Hqkr4oHziwjfHCBMXh6YKBvvHsOw96I4wwwNpBUUw8kpnS5EQ6Hpeutl
K/4LfCSLpmP5bUVYc2Y6ldt2t6NDi64TwluTiaMR0FoK23FO9y/1c1ylbIZwXvs+
9xOG320Y2sHnVH2FoTbcDUmhhc9LOA8/LZ1wNeEJJ821Naeco8XIAQctubsbv1HI
dmzXwFzncVXbokXoMfWyEDG8Y9LLUKbj2YCGFR9jQ7Axhx0DuNRIZWoUhr48i/lY
pbCoTm9P3mdHjcTxHDw5MpSugeKLIyOLQwLPs62BRSMIOqX38YH4MUhCfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5ttFBHou3rSo5rmSPtc9ZlHL3KMB8GA1UdIwQY
MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt
MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx
LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPg3Sm35g
QntZaUmrTh3Ft9ekInSKEqre5HoOOy9sJjnZnfdM+1X/tErwyh8ign6XWow1KYax
5Zoqxl+EQpdDHXOrhAPCxUZWBwXo+NW6p4p+MVJ/6lIns+ywg8mey8NQ8eWHbccS
bxliCO/PP/dHU5FYFsXlq5sJq/S57hk70IVhvdDc7wBM5bUj/bt+D9mTC6pUmBah
ow9p5IlTHPszvVFeARi3RJKqmRee1Usv8OdnKoY7T+0H/q+mx5wYR9TLIeQvV62g
UyY4Se6+bUx3k8pUkyyaYDqwH2q21dMHUo22ykypU2iWjss+yOHOQ5n6LzY31g3d
5JTFojqGLIDrgA==
-----END CERTIFICATE-----