Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
File:                     JKtnE2v5kKqL6IV6aNLDmezWKZo.mft (raw, json)
Hash identifier:          w1vaZJy6R3ZhzdT87hKk8o+nxTtqNObH+CEnocWqP6U=
Subject key identifier:   41:52:98:D1:94:84:98:7F:61:FB:87:45:72:A9:29:14:CA:83:8C:44
Authority key identifier: 24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A
Certificate issuer:       /CN=24ab67136bf990aa8be8857a68d2c399ecd6299a
Certificate serial:       0199FC58AB36ADDF3294173262C7E8B53DD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
Manifest number:          1671
Signing time:             Sun 19 Oct 2025 12:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:33 +0000
Files and hashes:         1: JKtnE2v5kKqL6IV6aNLDmezWKZo.crl (hash: L66x7g95L5tPvUrH02Njw15DwxSfK5ngfJFNssIgRs4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:ab:36:ad:df:32:94:17:32:62:c7:e8:b5:3d:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24ab67136bf990aa8be8857a68d2c399ecd6299a
        Validity
            Not Before: Oct 19 12:01:33 2025 GMT
            Not After : Oct 20 12:01:33 2025 GMT
        Subject: CN=415298d19484987f61fb874572a92914ca838c44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:77:a9:30:c9:ed:d8:c9:22:de:54:9f:72:25:
                    01:0c:fe:f6:6e:b0:92:3c:03:fb:c4:c4:12:09:ec:
                    bd:0e:6c:ba:5e:31:6b:6c:d5:2e:3b:db:48:9c:15:
                    be:a5:f8:d2:0c:37:b6:e6:49:76:0f:46:a0:3c:00:
                    c7:c4:cd:9f:66:0f:c8:1c:86:53:a7:e0:a8:7f:d9:
                    89:c8:ec:1a:41:a4:2b:a1:4a:99:5d:92:19:b1:54:
                    3e:3b:11:74:4b:01:a7:d5:23:24:55:ce:3d:99:52:
                    92:d1:cc:8a:40:00:33:1f:3d:70:71:23:9d:f5:cc:
                    f0:a3:9c:97:53:f3:d1:94:46:95:1d:0a:6d:56:d0:
                    57:5a:5f:40:b6:78:44:17:0d:1e:21:e4:7f:ec:85:
                    8f:5b:0c:bb:61:4b:5e:0f:ad:9e:ee:cd:56:44:fa:
                    a7:9c:1b:23:dd:9e:de:71:3e:f7:58:8b:3b:4a:ed:
                    ab:39:2c:aa:a9:56:f4:e3:02:c5:5a:56:ca:6d:71:
                    57:20:5d:b3:45:8f:4d:64:27:4a:d5:33:02:f8:66:
                    64:25:0c:99:b0:5a:b3:f4:55:ee:f7:63:ff:97:f2:
                    25:c2:37:23:e4:c9:8b:98:4d:60:48:d5:38:a3:25:
                    17:f7:9c:e2:b6:dc:09:77:f8:14:81:d3:c5:fe:ae:
                    f3:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:52:98:D1:94:84:98:7F:61:FB:87:45:72:A9:29:14:CA:83:8C:44
            X509v3 Authority Key Identifier:
                keyid:24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:82:72:05:5e:86:aa:82:58:88:ed:00:de:30:20:64:0f:7b:
         d7:59:1c:07:a4:c5:f9:1a:2b:72:c9:a8:24:2c:4c:4f:2e:52:
         3d:fb:ff:ab:5e:01:d7:e4:da:d5:75:05:17:fa:e3:49:c8:0d:
         fc:4e:16:cf:af:5d:1c:21:c8:20:b6:1b:fd:44:76:9d:cb:c3:
         3c:92:c4:89:1a:fd:a1:8b:5b:6e:31:87:88:ed:88:5c:2c:61:
         db:69:9b:31:6f:a2:2c:3d:21:fd:e1:13:80:8d:0e:4b:b5:8e:
         77:be:3c:99:81:1f:4a:32:de:8d:e5:27:02:0f:a5:f3:fc:40:
         8b:01:d5:9a:32:fb:c4:47:9e:f1:e5:9c:c9:9f:cb:31:44:f0:
         7f:7f:c9:ab:7b:43:9c:1e:d8:1c:b3:be:cf:58:99:16:93:83:
         fa:c9:41:86:ef:b0:19:d5:fd:73:15:13:fd:d6:5f:59:7d:5d:
         15:5b:09:ce:13:e3:df:cc:ff:12:b1:30:63:38:4a:70:65:df:
         6f:00:32:f7:c2:ce:7b:22:59:08:54:04:a5:15:25:55:83:6b:
         21:23:ef:f1:44:20:68:f3:34:c9:76:f3:93:f4:41:af:e7:19:
         7c:cb:df:14:4b:92:8a:33:01:0c:df:a8:cb:92:bf:03:84:96:
         1c:92:bc:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WKs2rd8ylBcyYsfotT3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YWI2NzEzNmJmOTkwYWE4YmU4ODU3YTY4ZDJjMzk5ZWNk
NjI5OWEwHhcNMjUxMDE5MTIwMTMzWhcNMjUxMDIwMTIwMTMzWjAzMTEwLwYDVQQD
Eyg0MTUyOThkMTk0ODQ5ODdmNjFmYjg3NDU3MmE5MjkxNGNhODM4YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXepMMnt2Mki3lSfciUBDP72brCS
PAP7xMQSCey9Dmy6XjFrbNUuO9tInBW+pfjSDDe25kl2D0agPADHxM2fZg/IHIZT
p+Cof9mJyOwaQaQroUqZXZIZsVQ+OxF0SwGn1SMkVc49mVKS0cyKQAAzHz1wcSOd
9czwo5yXU/PRlEaVHQptVtBXWl9AtnhEFw0eIeR/7IWPWwy7YUteD62e7s1WRPqn
nBsj3Z7ecT73WIs7Su2rOSyqqVb04wLFWlbKbXFXIF2zRY9NZCdK1TMC+GZkJQyZ
sFqz9FXu92P/l/Ilwjcj5MmLmE1gSNU4oyUX95zittwJd/gUgdPF/q7z4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFSmNGUhJh/YfuHRXKpKRTKg4xEMB8GA1UdIwQY
MBaAFCSrZxNr+ZCqi+iFemjSw5ns1imaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMt
ZGQzMzYwMzkzMzkxLzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMtZGQzMzYwMzkzMzkx
LzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQoJyBV6G
qoJYiO0A3jAgZA9711kcB6TF+RorcsmoJCxMTy5SPfv/q14B1+Ta1XUFF/rjScgN
/E4Wz69dHCHIILYb/UR2ncvDPJLEiRr9oYtbbjGHiO2IXCxh22mbMW+iLD0h/eET
gI0OS7WOd748mYEfSjLejeUnAg+l8/xAiwHVmjL7xEee8eWcyZ/LMUTwf3/Jq3tD
nB7YHLO+z1iZFpOD+slBhu+wGdX9cxUT/dZfWX1dFVsJzhPj38z/ErEwYzhKcGXf
bwAy98LOeyJZCFQEpRUlVYNrISPv8UQgaPM0yXbzk/RBr+cZfMvfFEuSijMBDN+o
y5K/A4SWHJK8bw==
-----END CERTIFICATE-----