Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
File:                     b_rHiuobz0OKYe-RUCRI9glkHS0.mft (raw, json)
Hash identifier:          PrGCiTjQSBNIQlnOtATg9OzYNT/6zeEYeu5Ux9xNk7A=
Subject key identifier:   57:9B:EA:A8:80:69:38:3F:F5:6D:55:B3:3D:A9:7E:16:47:77:07:BE
Authority key identifier: 6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D
Certificate issuer:       /CN=6ffac78aea1bcf438a61ef91502448f609641d2d
Certificate serial:       0199FF227AF7279D7B72E164D9580FFFA649
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
Manifest number:          1375
Signing time:             Mon 20 Oct 2025 01:01:13 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:13 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:13 +0000
Files and hashes:         1: b_rHiuobz0OKYe-RUCRI9glkHS0.crl (hash: /dSuu6adEuNjPHY+eY6jOqf6TJzEX5LDFafd0jxpLNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:7a:f7:27:9d:7b:72:e1:64:d9:58:0f:ff:a6:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ffac78aea1bcf438a61ef91502448f609641d2d
        Validity
            Not Before: Oct 20 01:01:13 2025 GMT
            Not After : Oct 21 01:01:13 2025 GMT
        Subject: CN=579beaa88069383ff56d55b33da97e16477707be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:4f:ad:0d:82:64:c1:1f:5f:be:69:7c:84:41:
                    f6:59:59:bf:67:fc:53:98:cc:77:82:26:e1:73:87:
                    05:39:bf:1d:21:82:2a:32:5c:57:bf:6f:71:1c:5a:
                    04:b5:91:92:c3:da:d5:e0:c3:10:1b:c7:fd:e1:24:
                    af:17:3f:50:39:a1:2e:e5:28:bd:2d:ee:14:39:0b:
                    a1:40:a5:80:d0:04:60:0a:5d:3a:45:bd:ea:59:77:
                    0f:d8:3d:7a:99:a4:41:d1:8e:f8:a5:cf:22:d0:55:
                    1b:14:fa:c3:99:5a:1e:f7:7a:31:52:0c:79:64:89:
                    07:30:f9:07:6c:bc:c6:1d:db:3c:bc:4c:6c:d3:f6:
                    7a:8a:48:f9:56:1c:9e:e3:cf:ba:c8:7e:8b:32:96:
                    65:d5:d9:d2:24:98:97:43:fc:30:15:be:e3:6d:1e:
                    da:23:54:44:f0:fc:4c:e9:c4:c5:0e:73:c8:7a:aa:
                    e5:8a:59:65:2d:65:73:59:90:ab:41:36:13:74:a6:
                    c4:ec:92:a7:01:2e:dc:b2:de:8b:36:98:49:e6:a9:
                    b9:a6:41:f9:29:55:a4:cc:8d:b1:22:72:4c:fa:48:
                    a4:9d:42:bc:f1:ac:ea:bc:82:fa:91:98:0b:d2:c2:
                    8a:db:42:17:40:c6:57:42:fa:1a:74:e9:d4:59:6a:
                    d8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:9B:EA:A8:80:69:38:3F:F5:6D:55:B3:3D:A9:7E:16:47:77:07:BE
            X509v3 Authority Key Identifier:
                keyid:6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:e0:a7:47:64:8c:79:47:c5:08:7b:c7:ff:3c:f3:27:6a:f8:
         55:79:ad:e4:9d:c3:b4:7c:ce:68:a7:a3:ed:67:9c:9b:28:08:
         89:ce:78:b4:1e:ae:da:cc:88:e7:86:63:ae:92:6b:da:4e:e0:
         12:90:15:0e:43:f6:56:bb:f9:b4:3d:0a:e1:d6:be:df:68:b1:
         2d:87:b2:e7:99:0e:6a:80:79:32:cc:ce:af:7d:e5:26:e1:37:
         92:ff:35:59:9c:89:6d:c1:cc:20:95:7c:10:37:28:94:b5:ed:
         69:cd:92:1b:23:a7:83:1c:79:f1:ee:38:d7:bc:a4:ef:b3:52:
         77:a6:60:08:fe:19:03:cf:05:04:d0:3d:d8:7f:1c:b7:a0:dc:
         0c:2d:07:bf:1d:0d:5c:93:de:00:aa:11:eb:02:c0:66:d5:65:
         95:a6:64:84:35:64:c1:b0:11:4c:8b:a0:fd:f2:50:3f:85:c5:
         31:e9:5b:3f:c1:f4:b2:70:d0:bd:c6:95:30:bc:15:60:f6:22:
         e2:27:a1:40:19:24:3a:6a:19:a0:05:c3:e9:3f:a1:96:35:42:
         20:cd:c5:28:bb:5a:37:72:41:ff:99:f5:f5:6e:d1:54:e6:b6:
         74:9a:29:e4:64:f8:c7:c6:b9:fc:18:a4:0a:84:5a:eb:c9:b6:
         9e:11:37:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/Inr3J517cuFk2VgP/6ZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmFjNzhhZWExYmNmNDM4YTYxZWY5MTUwMjQ0OGY2MDk2
NDFkMmQwHhcNMjUxMDIwMDEwMTEzWhcNMjUxMDIxMDEwMTEzWjAzMTEwLwYDVQQD
Eyg1NzliZWFhODgwNjkzODNmZjU2ZDU1YjMzZGE5N2UxNjQ3NzcwN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50+tDYJkwR9fvml8hEH2WVm/Z/xT
mMx3gibhc4cFOb8dIYIqMlxXv29xHFoEtZGSw9rV4MMQG8f94SSvFz9QOaEu5Si9
Le4UOQuhQKWA0ARgCl06Rb3qWXcP2D16maRB0Y74pc8i0FUbFPrDmVoe93oxUgx5
ZIkHMPkHbLzGHds8vExs0/Z6ikj5Vhye48+6yH6LMpZl1dnSJJiXQ/wwFb7jbR7a
I1RE8PxM6cTFDnPIeqrlilllLWVzWZCrQTYTdKbE7JKnAS7cst6LNphJ5qm5pkH5
KVWkzI2xInJM+kiknUK88azqvIL6kZgL0sKK20IXQMZXQvoadOnUWWrYMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFeb6qiAaTg/9W1Vsz2pfhZHdwe+MB8GA1UdIwQY
MBaAFG/6x4rqG89DimHvkVAkSPYJZB0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAt
MGMzNDM1MTNhZGUzLzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAtMGMzNDM1MTNhZGUz
LzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV+CnR2SM
eUfFCHvH/zzzJ2r4VXmt5J3DtHzOaKej7WecmygIic54tB6u2syI54ZjrpJr2k7g
EpAVDkP2Vrv5tD0K4da+32ixLYey55kOaoB5MszOr33lJuE3kv81WZyJbcHMIJV8
EDcolLXtac2SGyOngxx58e4417yk77NSd6ZgCP4ZA88FBNA92H8ct6DcDC0Hvx0N
XJPeAKoR6wLAZtVllaZkhDVkwbARTIug/fJQP4XFMelbP8H0snDQvcaVMLwVYPYi
4iehQBkkOmoZoAXD6T+hljVCIM3FKLtaN3JB/5n19W7RVOa2dJop5GT4x8a5/Bik
CoRa68m2nhE3gA==
-----END CERTIFICATE-----