Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          EgJx3EcdKOHs51MwVZG27g6JjdHQsBBN+WEAOIjSve0=
Subject key identifier:   E3:15:E0:80:2D:62:44:50:03:4F:27:74:DF:5E:F8:67:AE:E9:F1:8A
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       0199FDD8D3A5FB00C186DD29CD1F09035C5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 19:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:09 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: TsDM/vmwd9hJlAwVmLz2Urm7tokPh79LX1t3kyeH2us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:d3:a5:fb:00:c1:86:dd:29:cd:1f:09:03:5c:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Oct 19 19:01:09 2025 GMT
            Not After : Oct 20 19:01:09 2025 GMT
        Subject: CN=e315e0802d624450034f2774df5ef867aee9f18a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:df:84:2c:8e:bd:6d:ec:b5:fa:bc:02:2d:2c:
                    4f:a0:41:cc:30:7f:1c:b7:54:e0:8d:5c:4f:82:5b:
                    9c:cd:49:3c:a3:ae:a9:9e:4b:12:9e:f0:f1:05:54:
                    89:7e:7d:33:40:75:2d:ec:82:01:2c:43:c9:fd:00:
                    8e:59:f0:9b:c5:3a:1a:d5:fe:12:0f:8f:1d:ea:51:
                    89:62:dd:78:12:8b:87:cf:c1:d4:7a:99:a6:56:1e:
                    ae:61:6d:5b:89:04:1b:e7:7d:01:ab:e1:92:59:3e:
                    0d:b2:0a:0d:11:23:ed:19:ed:5c:66:f9:27:b2:ac:
                    9e:cb:f2:d5:99:18:25:8f:3b:0b:6a:6f:2e:21:dd:
                    6a:be:9e:c4:c1:bb:d7:25:ca:ef:47:a3:fa:fe:10:
                    19:9e:c3:08:11:e6:9e:2b:61:51:63:c2:dc:4a:73:
                    f2:3d:de:ca:7c:d1:9a:63:c4:e8:d4:99:67:35:ca:
                    7d:93:6d:d1:7c:df:f1:e1:8a:60:35:74:33:d3:70:
                    b3:15:da:6a:50:26:49:1c:f9:16:63:9a:db:40:d2:
                    ef:60:ef:43:8f:a2:ae:5a:8a:3d:b0:a2:9e:39:aa:
                    6f:90:53:de:5e:88:7c:b7:3d:95:c3:30:a4:38:3b:
                    93:69:95:e4:45:5a:08:00:9b:2d:14:67:08:4d:f9:
                    67:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:15:E0:80:2D:62:44:50:03:4F:27:74:DF:5E:F8:67:AE:E9:F1:8A
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:0e:3b:14:60:fc:df:d1:ab:7b:08:3b:cb:5a:32:e0:74:02:
         72:24:51:41:b3:c3:4d:17:1d:b8:52:31:62:06:df:8d:ec:32:
         3d:37:5f:3b:87:41:f4:16:ad:e8:67:6e:8d:f3:68:52:33:d5:
         33:3d:37:1e:df:22:93:07:30:8d:51:56:7c:a4:73:31:ef:af:
         04:6a:27:99:3f:77:26:c7:e2:b2:05:2c:bc:e8:87:89:ef:f9:
         f3:d3:25:8f:0f:d9:2e:20:83:9f:bf:9c:9b:76:73:f4:73:95:
         0a:f2:dd:ee:7e:ee:07:d6:2b:f9:4f:3e:a2:c7:11:c6:7d:b3:
         b0:e1:0c:6d:dd:c7:bf:96:ee:00:df:ec:7d:21:09:1a:6e:f6:
         ee:9c:93:6e:cf:48:65:b4:57:a0:79:94:b7:14:9f:f5:49:e1:
         02:dd:30:d5:0c:0e:0b:22:e5:8e:54:6e:0b:f9:5b:42:d4:11:
         c2:ce:02:66:4d:71:28:0a:3b:32:1f:d3:f2:84:a9:40:7f:82:
         87:25:05:d9:94:aa:cf:1d:29:b3:5e:ef:ed:b1:65:75:b4:b4:
         45:0e:7e:bc:3c:72:3d:ed:fc:f5:24:d1:d0:c7:52:ba:d7:81:
         b0:50:94:8f:6b:29:1f:a0:b9:82:c9:3e:cc:34:e1:b8:57:ea:
         e4:5e:1f:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92NOl+wDBht0pzR8JA1xdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjUxMDE5MTkwMTA5WhcNMjUxMDIwMTkwMTA5WjAzMTEwLwYDVQQD
EyhlMzE1ZTA4MDJkNjI0NDUwMDM0ZjI3NzRkZjVlZjg2N2FlZTlmMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN+ELI69bey1+rwCLSxPoEHMMH8c
t1TgjVxPgluczUk8o66pnksSnvDxBVSJfn0zQHUt7IIBLEPJ/QCOWfCbxToa1f4S
D48d6lGJYt14EouHz8HUepmmVh6uYW1biQQb530Bq+GSWT4NsgoNESPtGe1cZvkn
sqyey/LVmRgljzsLam8uId1qvp7EwbvXJcrvR6P6/hAZnsMIEeaeK2FRY8LcSnPy
Pd7KfNGaY8To1JlnNcp9k23RfN/x4YpgNXQz03CzFdpqUCZJHPkWY5rbQNLvYO9D
j6KuWoo9sKKeOapvkFPeXoh8tz2VwzCkODuTaZXkRVoIAJstFGcITflnEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMV4IAtYkRQA08ndN9e+Geu6fGKMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtw47FGD8
39Grewg7y1oy4HQCciRRQbPDTRcduFIxYgbfjewyPTdfO4dB9Bat6GdujfNoUjPV
Mz03Ht8ikwcwjVFWfKRzMe+vBGonmT93JsfisgUsvOiHie/589Mljw/ZLiCDn7+c
m3Zz9HOVCvLd7n7uB9Yr+U8+oscRxn2zsOEMbd3Hv5buAN/sfSEJGm727pyTbs9I
ZbRXoHmUtxSf9UnhAt0w1QwOCyLljlRuC/lbQtQRws4CZk1xKAo7Mh/T8oSpQH+C
hyUF2ZSqzx0ps17v7bFldbS0RQ5+vDxyPe389STR0MdSuteBsFCUj2spH6C5gsk+
zDThuFfq5F4fSw==
-----END CERTIFICATE-----