Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
File:                     ROzsULCd1G04TQgbUH0juv71HJw.mft (raw, json)
Hash identifier:          TJLvEM/X02UIyWdbpol9hKPfJUFpQjIWroHOtdKNZbQ=
Subject key identifier:   9E:16:FF:8D:81:1A:AC:FE:91:84:EF:24:0C:B0:67:85:8C:F0:37:7A
Authority key identifier: 44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C
Certificate issuer:       /CN=44ecec50b09dd46d384d081b507d23bafef51c9c
Certificate serial:       0199FE7E04AB65CBD0F426C5069F01AD0164
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 22:01:35 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:35 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:35 +0000
Files and hashes:         1: ROzsULCd1G04TQgbUH0juv71HJw.crl (hash: PpJYwyS2CPUeHkgQk82u8veRgSJIaFvE8JWUeH7Ne9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7e:04:ab:65:cb:d0:f4:26:c5:06:9f:01:ad:01:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecec50b09dd46d384d081b507d23bafef51c9c
        Validity
            Not Before: Oct 19 22:01:35 2025 GMT
            Not After : Oct 20 22:01:35 2025 GMT
        Subject: CN=9e16ff8d811aacfe9184ef240cb067858cf0377a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:70:4d:51:55:83:96:18:cd:9a:84:86:f9:a1:
                    85:ac:ba:81:86:30:55:98:a8:a9:1a:1f:f9:f6:95:
                    1e:0f:e7:5b:c1:f3:ef:9d:b0:21:e0:1c:a1:00:87:
                    c2:61:3d:87:85:20:29:44:e2:32:b8:12:dd:a0:ed:
                    0c:19:df:89:33:e5:4c:3b:bb:f9:d9:34:4d:a2:a9:
                    23:af:4e:68:4b:46:4a:d7:10:79:1a:64:13:1f:e1:
                    48:71:17:db:64:61:c5:7a:43:99:db:c5:ec:ea:47:
                    63:71:d9:40:e2:34:7e:11:ae:27:37:16:3a:f6:0f:
                    54:8c:b9:80:44:54:bb:94:1a:8f:70:b2:e9:fd:e9:
                    79:4c:f1:cf:58:39:ba:38:0e:c2:59:84:79:a4:88:
                    18:c7:97:07:95:36:3a:b1:f9:f1:6b:a1:61:17:2a:
                    f5:d2:8e:44:ac:79:a0:05:5f:39:02:b6:d4:7e:f7:
                    f0:d6:e3:e4:d2:aa:92:73:ba:1c:a4:c9:7a:39:b9:
                    e2:bd:81:78:df:1d:3a:a2:43:47:71:e8:ec:59:2c:
                    08:62:37:6c:79:b2:f1:a7:b1:4a:00:85:bb:29:aa:
                    ff:28:1a:d1:95:da:2f:47:d2:49:97:35:ff:c3:d7:
                    ab:aa:73:68:ea:e8:2d:84:67:61:de:b1:7c:84:a1:
                    b7:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:16:FF:8D:81:1A:AC:FE:91:84:EF:24:0C:B0:67:85:8C:F0:37:7A
            X509v3 Authority Key Identifier:
                keyid:44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:46:59:93:dc:71:68:b5:ad:bf:06:7f:44:35:4a:77:61:aa:
         bd:97:c6:a4:03:f3:63:aa:90:0b:82:cb:f4:9b:bd:ad:f2:57:
         1d:c1:8b:ce:62:57:76:e4:4b:55:4a:a9:ae:6a:9d:25:fd:cd:
         4f:a8:18:d2:5b:d2:39:f4:42:8c:3f:94:9f:b5:95:fc:9d:a4:
         d9:b1:a4:2f:fe:95:8e:1b:11:df:0d:a5:d5:89:d6:86:8e:da:
         73:da:09:64:0c:f4:28:64:60:24:26:4b:1c:dd:42:e1:fa:9c:
         08:5e:b9:b1:da:64:7a:62:54:4f:63:21:a6:e5:86:fc:5d:37:
         bb:a6:fe:57:e6:5c:db:f5:2b:49:e8:f0:9a:e8:2d:7d:13:bc:
         4e:bf:a4:f9:fc:a8:91:72:59:cf:eb:8c:ee:a3:cd:a9:41:ee:
         94:7c:0b:3e:4d:16:c0:08:0f:83:3f:46:5c:6a:7a:42:0f:0f:
         43:8b:5b:c9:64:42:02:3a:62:3c:2c:0b:7b:88:53:48:d0:dc:
         16:c3:de:7a:ba:49:d6:c8:4c:38:8a:77:86:37:70:31:08:e7:
         84:1f:97:c7:d3:de:8a:d3:d4:80:79:92:00:c7:b0:12:e3:2a:
         23:12:33:47:46:fa:bf:ab:fc:fc:9f:47:1e:c7:44:3a:51:a4:
         d6:d2:d8:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fgSrZcvQ9CbFBp8BrQFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlYzUwYjA5ZGQ0NmQzODRkMDgxYjUwN2QyM2JhZmVm
NTFjOWMwHhcNMjUxMDE5MjIwMTM1WhcNMjUxMDIwMjIwMTM1WjAzMTEwLwYDVQQD
Eyg5ZTE2ZmY4ZDgxMWFhY2ZlOTE4NGVmMjQwY2IwNjc4NThjZjAzNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHBNUVWDlhjNmoSG+aGFrLqBhjBV
mKipGh/59pUeD+dbwfPvnbAh4ByhAIfCYT2HhSApROIyuBLdoO0MGd+JM+VMO7v5
2TRNoqkjr05oS0ZK1xB5GmQTH+FIcRfbZGHFekOZ28Xs6kdjcdlA4jR+Ea4nNxY6
9g9UjLmARFS7lBqPcLLp/el5TPHPWDm6OA7CWYR5pIgYx5cHlTY6sfnxa6FhFyr1
0o5ErHmgBV85ArbUfvfw1uPk0qqSc7ocpMl6ObnivYF43x06okNHcejsWSwIYjds
ebLxp7FKAIW7Kar/KBrRldovR9JJlzX/w9erqnNo6ugthGdh3rF8hKG3WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4W/42BGqz+kYTvJAywZ4WM8Dd6MB8GA1UdIwQY
MBaAFETs7FCwndRtOE0IG1B9I7r+9RycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAt
ZTMyZDZmNmYzY2NjLzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAtZTMyZDZmNmYzY2Nj
LzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANUZZk9xx
aLWtvwZ/RDVKd2GqvZfGpAPzY6qQC4LL9Ju9rfJXHcGLzmJXduRLVUqprmqdJf3N
T6gY0lvSOfRCjD+Un7WV/J2k2bGkL/6VjhsR3w2l1YnWho7ac9oJZAz0KGRgJCZL
HN1C4fqcCF65sdpkemJUT2MhpuWG/F03u6b+V+Zc2/UrSejwmugtfRO8Tr+k+fyo
kXJZz+uM7qPNqUHulHwLPk0WwAgPgz9GXGp6Qg8PQ4tbyWRCAjpiPCwLe4hTSNDc
FsPeerpJ1shMOIp3hjdwMQjnhB+Xx9PeitPUgHmSAMewEuMqIxIzR0b6v6v8/J9H
HsdEOlGk1tLYng==
-----END CERTIFICATE-----