Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
File:                     S2T4wOGznYqO-OjItaD_7itTtYc.mft (raw, json)
Hash identifier:          Wn1iGgwOy0uWsSXQ8KsZpxj/5yT2ZP9UAShHU7u79Mg=
Subject key identifier:   9E:DD:BA:65:56:A8:34:FA:A8:AD:0E:08:A1:80:A3:32:74:86:78:D8
Authority key identifier: 4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87
Certificate issuer:       /CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
Certificate serial:       0199FBEB00E756D3806BE82E2A66A9ECAF3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
Manifest number:          080C
Signing time:             Sun 19 Oct 2025 10:01:46 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:46 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:46 +0000
Files and hashes:         1: S2T4wOGznYqO-OjItaD_7itTtYc.crl (hash: 0UiV7DOpNFFImigKOQCjy5KXfunU7lXvDZNOqoyZEC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:00:e7:56:d3:80:6b:e8:2e:2a:66:a9:ec:af:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
        Validity
            Not Before: Oct 19 10:01:46 2025 GMT
            Not After : Oct 20 10:01:46 2025 GMT
        Subject: CN=9eddba6556a834faa8ad0e08a180a332748678d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:cf:34:d2:cb:eb:59:18:f8:78:b5:bc:4a:2e:
                    c0:d0:ba:80:e5:5b:0c:7b:25:69:91:8a:87:09:ca:
                    6e:88:16:11:4a:8e:c4:a9:d5:6c:84:f0:e2:b3:5b:
                    52:58:93:f7:6c:7f:4e:39:f0:0f:b7:c3:4a:82:7b:
                    c8:a9:16:6a:54:03:0b:c0:6b:65:90:56:86:a0:11:
                    f8:fa:95:fa:7a:73:98:5b:3e:66:31:f9:0d:33:16:
                    35:39:1a:23:29:26:02:32:a5:0c:7c:66:02:f0:15:
                    1d:ea:60:e6:16:04:a2:a2:cb:cc:ec:ab:c1:af:bc:
                    c5:90:88:22:d5:cb:f2:39:84:b4:5e:47:db:14:9d:
                    9d:44:07:9d:0b:96:20:ca:fd:53:de:fb:6e:0c:1b:
                    95:92:b4:22:9f:83:5d:f2:4b:21:ba:34:9c:e5:63:
                    e4:18:c3:b7:c9:6d:bd:aa:58:e8:52:cd:17:68:0e:
                    6e:13:cf:37:01:6e:99:b9:de:bf:17:6d:71:1a:28:
                    a4:f5:4f:17:28:5e:ac:a1:34:60:fa:55:98:9d:d8:
                    13:8d:87:60:b5:c2:0f:1c:93:b5:48:86:be:20:2b:
                    c3:81:1f:1e:16:cd:05:ec:c1:11:fd:b2:5c:fd:12:
                    68:85:05:bd:78:69:1b:cb:e2:63:95:37:b3:d6:a0:
                    be:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:DD:BA:65:56:A8:34:FA:A8:AD:0E:08:A1:80:A3:32:74:86:78:D8
            X509v3 Authority Key Identifier:
                keyid:4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:c0:54:71:fc:22:57:bf:7d:9d:95:12:ed:61:2e:8f:c0:86:
         23:51:39:ed:c6:79:a0:e0:fd:2c:ad:0e:8c:63:d6:fc:55:c7:
         0d:48:79:26:14:0a:ad:04:b5:5a:01:a5:3a:9b:d8:47:63:b9:
         7d:f0:d3:b9:6c:3a:d4:52:ce:b7:99:63:08:a2:3c:51:22:7a:
         20:d6:d9:46:07:84:5e:cd:65:b9:55:b4:d7:21:3c:f1:55:68:
         d6:10:2b:b9:1c:e6:19:2b:95:85:00:43:e3:0f:ae:41:76:f5:
         8a:15:08:f4:34:66:25:48:52:51:6f:08:1f:05:f5:e2:e9:2a:
         97:b5:2b:b5:f9:8f:b1:47:d4:f2:97:05:19:c6:8f:37:98:96:
         34:2e:ae:65:da:6c:df:fb:6d:b2:e3:99:42:77:b4:bc:a8:3d:
         c5:34:ee:48:53:33:6f:f7:71:9e:db:17:58:dd:87:3a:ec:56:
         8d:e9:f2:35:6b:bc:73:b9:66:05:22:ff:89:b9:c5:87:1c:6d:
         13:af:cd:3b:78:f7:1c:5f:b9:c6:7e:6c:4b:ae:47:4d:38:e3:
         9f:ee:4d:04:5b:2d:91:77:4c:1b:3a:0a:66:9a:bf:a1:72:e4:
         05:66:1e:e8:9f:d7:b0:93:b0:1c:f6:f5:57:1d:58:8d:a6:2d:
         70:bc:8a:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wDnVtOAa+guKmap7K8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjRmOGMwZTFiMzlkOGE4ZWY4ZThjOGI1YTBmZmVlMmI1
M2I1ODcwHhcNMjUxMDE5MTAwMTQ2WhcNMjUxMDIwMTAwMTQ2WjAzMTEwLwYDVQQD
Eyg5ZWRkYmE2NTU2YTgzNGZhYThhZDBlMDhhMTgwYTMzMjc0ODY3OGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM800svrWRj4eLW8Si7A0LqA5VsM
eyVpkYqHCcpuiBYRSo7EqdVshPDis1tSWJP3bH9OOfAPt8NKgnvIqRZqVAMLwGtl
kFaGoBH4+pX6enOYWz5mMfkNMxY1ORojKSYCMqUMfGYC8BUd6mDmFgSiosvM7KvB
r7zFkIgi1cvyOYS0XkfbFJ2dRAedC5Ygyv1T3vtuDBuVkrQin4Nd8kshujSc5WPk
GMO3yW29qljoUs0XaA5uE883AW6Zud6/F21xGiik9U8XKF6soTRg+lWYndgTjYdg
tcIPHJO1SIa+ICvDgR8eFs0F7MER/bJc/RJohQW9eGkby+JjlTez1qC+/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7dumVWqDT6qK0OCKGAozJ0hnjYMB8GA1UdIwQY
MBaAFEtk+MDhs52KjvjoyLWg/+4rU7WHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUt
OTVkNWUxNmNkZGVmLzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUtOTVkNWUxNmNkZGVm
LzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALMBUcfwi
V799nZUS7WEuj8CGI1E57cZ5oOD9LK0OjGPW/FXHDUh5JhQKrQS1WgGlOpvYR2O5
ffDTuWw61FLOt5ljCKI8USJ6INbZRgeEXs1luVW01yE88VVo1hAruRzmGSuVhQBD
4w+uQXb1ihUI9DRmJUhSUW8IHwX14ukql7UrtfmPsUfU8pcFGcaPN5iWNC6uZdps
3/ttsuOZQne0vKg9xTTuSFMzb/dxntsXWN2HOuxWjenyNWu8c7lmBSL/ibnFhxxt
E6/NO3j3HF+5xn5sS65HTTjjn+5NBFstkXdMGzoKZpq/oXLkBWYe6J/XsJOwHPb1
Vx1YjaYtcLyKzQ==
-----END CERTIFICATE-----