Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          3iryTofpLRuTDEEcDiTSwLWFRQ2XDSBnmF968YZ0Kf4=
Subject key identifier:   9C:8B:62:DE:C1:16:43:A9:EB:FF:7B:09:77:19:C8:78:88:F0:4E:F5
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       0199FD3470806371402C47FD39EFE012D763
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          07D7
Signing time:             Sun 19 Oct 2025 16:01:36 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:36 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:36 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: 0bhByjPyxSs9SuQTKXjeRjfFrvhyYKtTQ2rJ4Flnc3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:70:80:63:71:40:2c:47:fd:39:ef:e0:12:d7:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: Oct 19 16:01:36 2025 GMT
            Not After : Oct 20 16:01:36 2025 GMT
        Subject: CN=9c8b62dec11643a9ebff7b097719c87888f04ef5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f6:d1:1b:34:30:61:da:0d:99:2f:89:d7:83:
                    8a:64:90:86:82:56:59:87:ab:5a:ec:ab:1f:36:d3:
                    b2:25:e0:07:13:21:48:a9:cd:da:67:cc:d7:0f:2f:
                    87:5d:5c:91:ef:9e:e0:72:38:a3:6c:ee:1f:f5:78:
                    99:c9:8f:9e:b6:26:b8:d8:b2:c9:a0:ef:4c:72:b5:
                    70:f1:6d:10:a1:71:12:55:1c:8a:dc:6a:a3:dd:59:
                    ed:4d:04:69:74:ca:6a:66:f1:15:fe:b9:6b:10:ca:
                    e6:d7:ca:58:fe:11:26:a8:ea:00:9c:9c:72:db:2d:
                    46:77:0e:bf:de:99:b7:60:d5:b0:37:fe:32:25:89:
                    e7:2f:2d:69:e4:97:57:2a:85:e6:39:89:62:e1:2b:
                    e0:26:c4:38:7f:f8:47:bf:7a:a2:42:cb:5c:b3:21:
                    41:10:cd:a6:10:9b:a6:0b:3c:3c:bc:e8:f7:fb:06:
                    9d:d1:1d:04:64:10:59:a3:bc:07:c8:ae:91:a2:76:
                    25:9d:99:de:44:93:73:81:35:83:94:f6:6f:8c:fa:
                    0b:33:ab:07:1f:26:1b:f6:a7:b7:57:e0:cc:98:32:
                    74:64:92:5c:c7:17:d0:6f:e0:2e:1b:b9:56:36:a0:
                    5b:05:f9:66:9c:2c:85:25:90:be:e7:9e:a6:98:1a:
                    7e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:8B:62:DE:C1:16:43:A9:EB:FF:7B:09:77:19:C8:78:88:F0:4E:F5
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:24:41:1f:9b:a9:a3:cf:0b:6b:d9:34:08:fc:c6:7f:98:3b:
         e2:35:0d:4a:d1:fa:24:53:a1:1c:86:2d:60:ae:72:92:9b:4e:
         62:9a:df:9e:af:a6:25:08:c1:67:e0:a2:da:0c:67:38:cc:89:
         85:16:f8:ea:c7:ed:68:53:3d:e7:ac:2a:55:83:38:75:66:f4:
         d6:83:8f:b4:57:21:13:11:f9:d2:66:73:42:f3:1e:04:0f:26:
         f7:74:13:b7:9f:8e:39:5f:2c:8c:e5:dd:c4:d0:d6:72:81:23:
         06:a3:1c:99:e3:d8:be:81:fc:3a:d4:2c:1e:eb:0d:45:d4:6a:
         84:88:aa:6b:ef:86:6c:b1:74:f8:10:f4:01:6a:ae:45:65:60:
         f4:aa:3a:ba:ee:89:9c:b1:11:22:4d:7e:38:9b:69:8f:06:31:
         aa:7b:8b:3d:22:2d:33:86:55:9e:e2:1b:77:89:ed:39:e4:6a:
         d9:a5:dc:2b:84:06:f3:65:40:ac:df:35:b2:00:4c:52:af:35:
         78:32:98:59:99:28:7b:a7:41:e9:29:53:9e:ca:8a:70:49:3d:
         7a:0d:3d:8e:56:f3:56:74:32:bc:b1:79:6e:1c:4b:a6:19:12:
         12:72:7e:fe:ce:03:8c:05:32:ef:21:c6:38:d6:3e:6b:4d:b0:
         6a:c2:04:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NHCAY3FALEf9Oe/gEtdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjUxMDE5MTYwMTM2WhcNMjUxMDIwMTYwMTM2WjAzMTEwLwYDVQQD
Eyg5YzhiNjJkZWMxMTY0M2E5ZWJmZjdiMDk3NzE5Yzg3ODg4ZjA0ZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvbRGzQwYdoNmS+J14OKZJCGglZZ
h6ta7KsfNtOyJeAHEyFIqc3aZ8zXDy+HXVyR757gcjijbO4f9XiZyY+etia42LLJ
oO9McrVw8W0QoXESVRyK3Gqj3VntTQRpdMpqZvEV/rlrEMrm18pY/hEmqOoAnJxy
2y1Gdw6/3pm3YNWwN/4yJYnnLy1p5JdXKoXmOYli4SvgJsQ4f/hHv3qiQstcsyFB
EM2mEJumCzw8vOj3+wad0R0EZBBZo7wHyK6RonYlnZneRJNzgTWDlPZvjPoLM6sH
HyYb9qe3V+DMmDJ0ZJJcxxfQb+AuG7lWNqBbBflmnCyFJZC+556mmBp++QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyLYt7BFkOp6/97CXcZyHiI8E71MB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATSRBH5up
o88La9k0CPzGf5g74jUNStH6JFOhHIYtYK5ykptOYprfnq+mJQjBZ+Ci2gxnOMyJ
hRb46sftaFM956wqVYM4dWb01oOPtFchExH50mZzQvMeBA8m93QTt5+OOV8sjOXd
xNDWcoEjBqMcmePYvoH8OtQsHusNRdRqhIiqa++GbLF0+BD0AWquRWVg9Ko6uu6J
nLERIk1+OJtpjwYxqnuLPSItM4ZVnuIbd4ntOeRq2aXcK4QG82VArN81sgBMUq81
eDKYWZkoe6dB6SlTnsqKcEk9eg09jlbzVnQyvLF5bhxLphkSEnJ+/s4DjAUy7yHG
ONY+a02wasIE6Q==
-----END CERTIFICATE-----