Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
File:                     urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft (raw, json)
Hash identifier:          kPvM1cswnWgJfP0st0Lxmwur+nBCGVmmT4/W7LN0zAs=
Subject key identifier:   67:C2:3D:C6:7D:2D:1B:CB:B9:F2:2C:EF:A0:D9:32:4F:61:39:2D:78
Authority key identifier: BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B
Certificate issuer:       /CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
Certificate serial:       0199FFC7621D9771FE20DFE6A214CDA0F9AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
Manifest number:          0C01
Signing time:             Mon 20 Oct 2025 04:01:20 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:20 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:20 +0000
Files and hashes:         1: urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl (hash: K2OaUEKDUAUIvl4LMFjP03M+8jgEijdziS6ganBix9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:62:1d:97:71:fe:20:df:e6:a2:14:cd:a0:f9:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
        Validity
            Not Before: Oct 20 04:01:20 2025 GMT
            Not After : Oct 21 04:01:20 2025 GMT
        Subject: CN=67c23dc67d2d1bcbb9f22cefa0d9324f61392d78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e3:de:c6:0b:e9:f8:5f:e6:ff:aa:bc:c7:6c:
                    a8:2f:b0:c7:c3:7f:76:3e:6a:1e:72:5c:94:91:dc:
                    d1:e4:2a:f4:bd:ea:79:44:04:0e:28:dd:e2:0e:03:
                    2a:c6:7d:6b:91:d9:f8:f5:a9:e7:c2:24:0c:e1:82:
                    8b:76:a3:8f:69:b5:9c:c1:c4:af:a5:02:6c:91:84:
                    e5:f9:7b:42:b1:26:99:ac:42:06:d7:06:a1:49:7a:
                    fe:53:8c:09:b4:fc:5f:d3:75:e8:a8:60:c0:df:3f:
                    f8:b7:79:0a:3d:3e:b0:00:2a:c6:61:b3:fd:1c:9f:
                    d9:2c:b5:3e:2a:60:59:24:2c:75:7a:93:73:d3:f0:
                    9a:19:43:7f:ea:24:f7:ed:55:70:73:2d:d1:7d:96:
                    3e:29:9d:dc:13:e0:c3:af:b5:46:41:c4:cd:7c:56:
                    63:19:0a:24:fe:76:1e:de:ca:3f:bc:e3:40:f1:4d:
                    c8:61:25:17:0f:1b:a6:14:7f:bf:3c:ee:fc:86:83:
                    d3:04:4b:59:b3:f1:20:9d:a6:cf:57:50:16:7c:63:
                    78:3f:a9:1e:0a:50:eb:6c:49:c6:73:77:8a:a3:9d:
                    b0:0d:fc:28:1b:2f:22:f7:8b:1a:84:3f:1b:27:19:
                    25:f9:f1:fe:ad:a1:bd:ae:19:65:75:59:72:ee:97:
                    ac:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C2:3D:C6:7D:2D:1B:CB:B9:F2:2C:EF:A0:D9:32:4F:61:39:2D:78
            X509v3 Authority Key Identifier:
                keyid:BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:74:8c:e6:b6:d3:8f:37:06:a7:0d:12:ec:32:38:61:4f:53:
         c2:48:ee:17:68:37:44:a0:d2:97:1d:e7:01:50:04:61:9d:a0:
         41:cd:47:24:ce:e8:3c:b0:fc:1e:18:8d:25:92:0e:e5:fb:5e:
         29:fa:a4:7f:c5:16:2d:27:c5:15:a2:6d:17:10:86:0a:93:8d:
         38:39:db:06:b1:94:99:cf:9c:74:2e:79:85:ac:f9:bd:65:d6:
         97:c3:90:04:68:b9:d0:9d:6c:13:9a:aa:22:d5:b9:77:55:1e:
         e6:7e:68:32:cf:28:52:25:7b:41:5f:e9:53:00:21:26:ad:f2:
         4b:45:65:9d:86:75:10:5a:d6:4a:07:13:7c:8e:9f:10:18:e4:
         01:25:9a:e5:f5:dd:7f:02:fd:a0:50:9e:e0:71:36:37:68:ac:
         57:f3:01:68:c8:35:56:0e:f4:95:88:d7:2b:5a:52:16:a1:8a:
         9d:51:a4:14:2b:c4:4e:68:94:87:7e:11:c8:91:0f:c2:6d:61:
         5c:62:46:0c:2e:41:51:d7:07:c8:34:d6:17:e5:84:13:aa:ab:
         57:74:e9:48:2d:47:57:ad:97:73:fe:9f:16:49:92:3f:1c:14:
         c3:54:3e:19:8c:8b:8c:24:57:0d:e2:3b:3c:ab:75:b4:bf:35:
         c6:ff:a7:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x2Idl3H+IN/mohTNoPmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjliYmMyNGU5YWMzZDllYzdlMTBiZjk1NzQ3ZGFiNWM0
NWRkMmIwHhcNMjUxMDIwMDQwMTIwWhcNMjUxMDIxMDQwMTIwWjAzMTEwLwYDVQQD
Eyg2N2MyM2RjNjdkMmQxYmNiYjlmMjJjZWZhMGQ5MzI0ZjYxMzkyZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArePexgvp+F/m/6q8x2yoL7DHw392
PmoeclyUkdzR5Cr0vep5RAQOKN3iDgMqxn1rkdn49annwiQM4YKLdqOPabWcwcSv
pQJskYTl+XtCsSaZrEIG1wahSXr+U4wJtPxf03XoqGDA3z/4t3kKPT6wACrGYbP9
HJ/ZLLU+KmBZJCx1epNz0/CaGUN/6iT37VVwcy3RfZY+KZ3cE+DDr7VGQcTNfFZj
GQok/nYe3so/vONA8U3IYSUXDxumFH+/PO78hoPTBEtZs/EgnabPV1AWfGN4P6ke
ClDrbEnGc3eKo52wDfwoGy8i94sahD8bJxkl+fH+raG9rhlldVly7pesnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfCPcZ9LRvLufIs76DZMk9hOS14MB8GA1UdIwQY
MBaAFLq5u8JOmsPZ7H4Qv5V0fatcRd0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjIt
MmViYzY0NDhmNjAyLzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjItMmViYzY0NDhmNjAy
LzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXSM5rbT
jzcGpw0S7DI4YU9TwkjuF2g3RKDSlx3nAVAEYZ2gQc1HJM7oPLD8HhiNJZIO5fte
Kfqkf8UWLSfFFaJtFxCGCpONODnbBrGUmc+cdC55haz5vWXWl8OQBGi50J1sE5qq
ItW5d1Ue5n5oMs8oUiV7QV/pUwAhJq3yS0VlnYZ1EFrWSgcTfI6fEBjkASWa5fXd
fwL9oFCe4HE2N2isV/MBaMg1Vg70lYjXK1pSFqGKnVGkFCvETmiUh34RyJEPwm1h
XGJGDC5BUdcHyDTWF+WEE6qrV3TpSC1HV62Xc/6fFkmSPxwUw1Q+GYyLjCRXDeI7
PKt1tL81xv+n9Q==
-----END CERTIFICATE-----