Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
File:                     G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json)
Hash identifier:          Sr1oyikOrKJogCTyEexkmyWdGXUZTylp/fFDQIFYEL4=
Subject key identifier:   C4:28:22:66:07:40:C5:E8:CF:4E:D3:CB:9A:C4:90:D2:CD:39:A2:7B
Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A
Certificate issuer:       /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
Certificate serial:       0199FC218BC6DFEA22C071A55FCD670DE763
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
Manifest number:          04BF
Signing time:             Sun 19 Oct 2025 11:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:20 +0000
Files and hashes:         1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: ypManVm4IetiNNEqtnBKvPmzW9vQ4S3TwTHKFBmGDgk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:8b:c6:df:ea:22:c0:71:a5:5f:cd:67:0d:e7:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
        Validity
            Not Before: Oct 19 11:01:20 2025 GMT
            Not After : Oct 20 11:01:20 2025 GMT
        Subject: CN=c42822660740c5e8cf4ed3cb9ac490d2cd39a27b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:13:04:db:ce:63:38:c5:68:bf:88:73:32:f2:
                    b3:5c:a5:c5:e6:58:2e:3c:00:71:3d:25:44:df:70:
                    a3:07:89:56:85:a3:e5:44:0a:8d:71:f3:37:0c:2a:
                    53:0a:64:64:c2:d4:4a:1c:5d:71:6d:07:bd:45:66:
                    6d:59:87:9d:a4:f4:9c:f8:44:d2:5f:9d:99:c4:37:
                    4f:0c:44:71:d8:6f:39:44:6a:67:13:9a:78:13:32:
                    27:f8:b6:02:2b:d6:3f:56:d1:ee:ed:e0:39:76:17:
                    26:ea:09:8b:b0:ed:a2:fb:5f:b3:55:f6:32:af:80:
                    53:19:46:32:d1:2f:98:54:84:a8:3a:37:b0:87:91:
                    76:b0:7c:cf:d0:2b:79:90:e3:32:ee:0a:05:2e:72:
                    94:55:46:65:40:ff:69:51:4a:a0:34:4a:e5:05:d4:
                    a2:fa:b8:96:95:75:3d:32:24:d5:72:3e:87:35:87:
                    5c:6e:02:6f:69:cf:9e:38:1a:3b:98:8d:ca:02:c6:
                    33:d8:d7:e0:cb:5f:e3:93:0c:7f:43:db:08:a5:bd:
                    ae:5e:44:46:f8:28:e7:aa:60:c2:a2:4e:e2:ad:e2:
                    94:19:df:0c:79:ad:65:1d:bc:86:08:b6:48:a2:1a:
                    e1:69:3d:40:d0:7d:98:98:24:80:1a:a0:ce:ad:d1:
                    ec:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:28:22:66:07:40:C5:E8:CF:4E:D3:CB:9A:C4:90:D2:CD:39:A2:7B
            X509v3 Authority Key Identifier:
                keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:1d:d4:d5:0a:f0:39:d6:15:0c:39:9c:97:24:b6:26:1f:c7:
         82:70:a6:9a:4e:28:2f:d9:44:60:18:c5:b4:1d:90:e5:10:07:
         0a:05:b0:76:10:0e:14:b6:f9:c5:8b:14:ac:46:42:2e:af:7e:
         30:c1:ad:05:1f:70:48:59:d4:64:5b:b6:d3:53:89:90:fc:a4:
         ab:8d:ee:91:d9:7f:41:6e:78:a3:52:c7:7c:49:38:cd:f6:d4:
         2b:29:a0:4d:69:2e:07:d8:14:36:33:7e:3a:24:f2:6f:04:51:
         21:e4:e3:a6:87:e5:a5:ab:4e:64:b9:df:42:eb:06:5e:ab:f4:
         85:fe:5c:02:f5:32:3a:5a:22:ee:71:7c:61:7b:07:14:d1:a3:
         b5:06:a0:05:d0:b1:d8:d8:5d:19:68:e0:46:45:d5:3c:ef:21:
         f6:d6:b1:56:1f:fc:83:ab:38:83:87:d4:01:28:5d:98:69:de:
         8e:c7:7b:69:e4:eb:87:f3:37:8f:62:92:ad:3e:f3:dd:da:cd:
         c9:aa:f8:d9:7d:4f:76:1e:fa:c6:4a:94:83:67:1d:94:c5:c3:
         d7:2a:80:6e:d0:08:c8:68:d0:97:6c:18:8e:a5:29:87:18:f9:
         94:7e:f3:ea:17:be:fc:c6:9b:25:72:6a:ca:41:8e:c6:72:97:
         31:36:ac:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IYvG3+oiwHGlX81nDedjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl
MThkOWEwHhcNMjUxMDE5MTEwMTIwWhcNMjUxMDIwMTEwMTIwWjAzMTEwLwYDVQQD
EyhjNDI4MjI2NjA3NDBjNWU4Y2Y0ZWQzY2I5YWM0OTBkMmNkMzlhMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxME285jOMVov4hzMvKzXKXF5lgu
PABxPSVE33CjB4lWhaPlRAqNcfM3DCpTCmRkwtRKHF1xbQe9RWZtWYedpPSc+ETS
X52ZxDdPDERx2G85RGpnE5p4EzIn+LYCK9Y/VtHu7eA5dhcm6gmLsO2i+1+zVfYy
r4BTGUYy0S+YVISoOjewh5F2sHzP0Ct5kOMy7goFLnKUVUZlQP9pUUqgNErlBdSi
+riWlXU9MiTVcj6HNYdcbgJvac+eOBo7mI3KAsYz2Nfgy1/jkwx/Q9sIpb2uXkRG
+CjnqmDCok7ireKUGd8Mea1lHbyGCLZIohrhaT1A0H2YmCSAGqDOrdHs2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMQoImYHQMXoz07Ty5rEkNLNOaJ7MB8GA1UdIwQY
MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt
M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl
LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFx3U1Qrw
OdYVDDmclyS2Jh/HgnCmmk4oL9lEYBjFtB2Q5RAHCgWwdhAOFLb5xYsUrEZCLq9+
MMGtBR9wSFnUZFu201OJkPykq43ukdl/QW54o1LHfEk4zfbUKymgTWkuB9gUNjN+
OiTybwRRIeTjpoflpatOZLnfQusGXqv0hf5cAvUyOloi7nF8YXsHFNGjtQagBdCx
2NhdGWjgRkXVPO8h9taxVh/8g6s4g4fUAShdmGnejsd7aeTrh/M3j2KSrT7z3drN
yar42X1Pdh76xkqUg2cdlMXD1yqAbtAIyGjQl2wYjqUphxj5lH7z6he+/MabJXJq
ykGOxnKXMTas3A==
-----END CERTIFICATE-----