Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
File:                     Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft (raw, json)
Hash identifier:          upOozuhsO+4oeNJMulpMmaMoBmVQxkOqbnYaV9jGkEs=
Subject key identifier:   C9:FF:C4:8F:9D:70:2D:58:38:1B:E1:F0:4F:EC:04:5C:E9:8A:39:5A
Authority key identifier: 46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75
Certificate issuer:       /CN=468ecba10e7599a030aa613088688a6c26d62d75
Certificate serial:       0199FD33E0F35F5A5BC32652FA7B339C3E2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
Manifest number:          1373
Signing time:             Sun 19 Oct 2025 16:00:59 +0000
Manifest this update:     Sun 19 Oct 2025 16:00:59 +0000
Manifest next update:     Mon 20 Oct 2025 16:00:59 +0000
Files and hashes:         1: Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl (hash: gUEuZnUn2cfv0Q67V7sllXdn7zWZ0oUvdMu2vhb5ZT4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:33:e0:f3:5f:5a:5b:c3:26:52:fa:7b:33:9c:3e:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468ecba10e7599a030aa613088688a6c26d62d75
        Validity
            Not Before: Oct 19 16:00:59 2025 GMT
            Not After : Oct 20 16:00:59 2025 GMT
        Subject: CN=c9ffc48f9d702d58381be1f04fec045ce98a395a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4d:7e:d2:72:25:5b:b9:e1:e5:76:5b:1c:fa:
                    65:08:69:11:ca:58:5a:e0:8f:cc:36:c6:3e:9a:f2:
                    0d:0b:45:10:3a:c5:67:a0:b2:ab:be:6f:ac:f6:f1:
                    e8:c3:e3:0d:a4:b1:41:3f:38:81:13:2c:77:8f:6e:
                    66:c3:d6:92:9a:16:d8:a8:87:76:b5:d9:46:cf:f0:
                    0f:4f:c1:78:a2:98:c1:5d:c3:b8:46:f4:4d:9e:94:
                    00:a1:86:20:95:bc:ff:ee:7f:85:ae:8b:2f:42:d8:
                    a5:be:c5:1c:46:93:a4:f8:db:9e:c6:d9:55:38:f4:
                    02:e5:a9:46:c2:26:77:b6:5d:09:b1:a8:6b:d6:39:
                    da:fb:39:e2:2e:58:b1:1e:95:b8:a5:43:cd:20:f8:
                    08:7c:7f:a9:a1:65:68:de:65:8a:e7:a2:88:19:59:
                    1c:dc:9a:eb:ce:ef:0b:a2:97:42:ff:ca:ac:35:5b:
                    e4:57:20:bc:96:b9:97:ff:f9:72:3b:3e:3f:50:3e:
                    1a:f8:49:cb:16:f3:19:ff:47:f9:8b:e9:e9:3e:23:
                    4f:74:f3:62:de:5a:55:7d:b1:1c:35:c3:a7:55:77:
                    f2:65:06:b6:35:60:84:f0:23:f1:65:bf:06:2d:1d:
                    81:f6:45:ee:45:86:ec:c2:8f:71:6d:37:3c:cf:10:
                    54:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:FF:C4:8F:9D:70:2D:58:38:1B:E1:F0:4F:EC:04:5C:E9:8A:39:5A
            X509v3 Authority Key Identifier:
                keyid:46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:a5:55:7e:88:51:09:dd:78:59:46:b8:f9:53:95:67:af:f3:
         1d:4b:b7:ac:3a:e2:cc:f0:c8:8a:2d:8b:0e:7c:08:51:f5:5e:
         68:6b:5d:a6:2e:a5:06:b0:ef:3a:7e:c7:e6:fe:cc:d1:f3:5d:
         8e:23:28:9c:52:08:e7:54:f0:8c:bd:53:73:fb:80:8f:2f:bb:
         af:65:81:b7:96:80:76:86:6b:69:60:fb:d8:48:94:7f:95:89:
         bb:f7:8d:bc:a3:b2:d5:c2:27:31:fd:63:f8:76:d0:89:7f:72:
         14:67:b7:99:e9:d6:78:a8:14:3a:24:b0:fa:23:87:a6:b4:d2:
         4b:89:c4:b6:a8:8a:24:dc:a5:e9:5a:53:39:a3:5a:af:fe:f8:
         e9:f0:c2:cb:ac:2c:41:38:64:42:f3:6d:09:5e:93:05:88:ed:
         c5:c4:96:42:91:3d:99:a8:f6:54:92:ed:91:e2:ab:0f:49:6b:
         0d:3b:d4:bd:06:fa:57:5f:70:f5:47:58:b0:b3:32:1a:d4:61:
         1a:60:f2:a6:40:ca:60:47:88:4c:f7:2f:56:24:40:b8:bd:b3:
         ac:5d:21:de:1a:8b:3b:9b:ca:5f:be:fb:87:66:5a:b6:02:9b:
         0b:43:9d:e9:ef:a8:79:67:f9:e4:62:4b:6f:55:f0:0e:6f:69:
         48:4b:83:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9M+DzX1pbwyZS+nsznD4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGVjYmExMGU3NTk5YTAzMGFhNjEzMDg4Njg4YTZjMjZk
NjJkNzUwHhcNMjUxMDE5MTYwMDU5WhcNMjUxMDIwMTYwMDU5WjAzMTEwLwYDVQQD
EyhjOWZmYzQ4ZjlkNzAyZDU4MzgxYmUxZjA0ZmVjMDQ1Y2U5OGEzOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE1+0nIlW7nh5XZbHPplCGkRylha
4I/MNsY+mvINC0UQOsVnoLKrvm+s9vHow+MNpLFBPziBEyx3j25mw9aSmhbYqId2
tdlGz/APT8F4opjBXcO4RvRNnpQAoYYglbz/7n+FrosvQtilvsUcRpOk+NuextlV
OPQC5alGwiZ3tl0Jsahr1jna+zniLlixHpW4pUPNIPgIfH+poWVo3mWK56KIGVkc
3Jrrzu8LopdC/8qsNVvkVyC8lrmX//lyOz4/UD4a+EnLFvMZ/0f5i+npPiNPdPNi
3lpVfbEcNcOnVXfyZQa2NWCE8CPxZb8GLR2B9kXuRYbswo9xbTc8zxBUEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMn/xI+dcC1YOBvh8E/sBFzpijlaMB8GA1UdIwQY
MBaAFEaOy6EOdZmgMKphMIhoimwm1i11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5Mjct
ZGY3ZTBiZDZmODE2LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5MjctZGY3ZTBiZDZmODE2
LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY6VVfohR
Cd14WUa4+VOVZ6/zHUu3rDrizPDIii2LDnwIUfVeaGtdpi6lBrDvOn7H5v7M0fNd
jiMonFII51TwjL1Tc/uAjy+7r2WBt5aAdoZraWD72EiUf5WJu/eNvKOy1cInMf1j
+HbQiX9yFGe3menWeKgUOiSw+iOHprTSS4nEtqiKJNyl6VpTOaNar/746fDCy6ws
QThkQvNtCV6TBYjtxcSWQpE9maj2VJLtkeKrD0lrDTvUvQb6V19w9UdYsLMyGtRh
GmDypkDKYEeITPcvViRAuL2zrF0h3hqLO5vKX777h2ZatgKbC0Od6e+oeWf55GJL
b1XwDm9pSEuDFg==
-----END CERTIFICATE-----