Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft
File:                     21LN5wkMV9jpwx1Rh0jfkiueBM4.mft (raw, json)
Hash identifier:          ArvLo7CoPUu0zXXzVr9F8AZbH+I1MBKtrHLJ9PMGEXQ=
Subject key identifier:   DB:37:C7:5C:15:F2:79:83:4A:CD:70:72:BC:36:A7:D2:DE:A9:41:3F
Authority key identifier: DB:52:CD:E7:09:0C:57:D8:E9:C3:1D:51:87:48:DF:92:2B:9E:04:CE
Certificate issuer:       /CN=db52cde7090c57d8e9c31d518748df922b9e04ce
Certificate serial:       0199FF22522A0AB8E4EA8CAFB5DF901B062E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft
Manifest number:          1557
Signing time:             Mon 20 Oct 2025 01:01:03 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:03 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:03 +0000
Files and hashes:         1: 21LN5wkMV9jpwx1Rh0jfkiueBM4.crl (hash: bh6ujxH8C6fkgT5nrFMlysnO4LXcU1Ubres2iVokPkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 01:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:52:2a:0a:b8:e4:ea:8c:af:b5:df:90:1b:06:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db52cde7090c57d8e9c31d518748df922b9e04ce
        Validity
            Not Before: Oct 20 01:01:03 2025 GMT
            Not After : Oct 21 01:01:03 2025 GMT
        Subject: CN=db37c75c15f279834acd7072bc36a7d2dea9413f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:67:1f:a6:59:9b:53:0d:14:d7:32:0a:36:bf:
                    ef:bf:91:03:49:ba:0b:05:95:76:bc:be:dc:43:7f:
                    d5:e6:19:04:ad:89:b2:9a:72:f6:34:8b:e0:5f:80:
                    dc:69:7f:0f:42:ca:d6:26:05:11:46:0f:9a:a4:de:
                    c3:e6:b8:02:d9:a5:fd:35:05:98:a8:a7:d9:d1:a3:
                    80:c9:d2:78:1f:39:1f:34:d6:de:a3:c6:ca:10:e0:
                    6a:17:f6:9f:96:a9:8c:39:a4:9e:7e:a4:fa:ce:85:
                    96:0c:d0:a0:bd:9c:57:4f:4f:bb:1f:77:f7:e6:82:
                    32:c1:4e:c4:12:a5:f9:b1:61:eb:c8:73:77:84:67:
                    74:9f:c2:36:9e:a9:67:6a:23:40:f4:00:4e:02:fd:
                    7e:63:4a:38:d5:3f:56:eb:94:33:a4:e6:bd:b9:94:
                    02:ac:e0:df:43:61:93:d6:32:3a:ab:ae:76:8c:20:
                    ef:1f:71:6f:1c:80:01:54:ed:40:13:e0:ae:e4:48:
                    ff:88:96:4e:a6:ed:ae:a2:a0:cd:c0:f7:1b:de:c9:
                    7f:c5:47:ba:4f:6e:f0:42:4e:f7:21:8b:5a:d8:0b:
                    26:69:fb:6c:45:68:d6:8b:c3:26:e9:bb:71:79:21:
                    bb:2a:5d:ef:44:dc:44:a9:96:ad:1d:21:76:05:65:
                    23:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:37:C7:5C:15:F2:79:83:4A:CD:70:72:BC:36:A7:D2:DE:A9:41:3F
            X509v3 Authority Key Identifier:
                keyid:DB:52:CD:E7:09:0C:57:D8:E9:C3:1D:51:87:48:DF:92:2B:9E:04:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:dc:7f:83:c8:91:57:84:ac:12:3e:99:b6:a0:99:68:7c:eb:
         2a:6b:53:0f:ec:c6:6c:51:10:17:b9:35:60:9c:b8:ab:8a:5a:
         b7:de:4c:ce:8d:6b:24:0e:97:52:9e:a3:bc:18:97:f3:f4:b5:
         04:ae:a9:3d:26:7b:33:ff:7b:56:b7:45:18:a9:8a:ab:69:d0:
         f9:04:a1:b1:68:6e:fc:83:9d:b5:6b:61:2c:6c:3d:39:be:b2:
         be:89:8a:9e:6e:39:03:4d:10:3b:3b:c0:2b:9b:0b:68:e3:9e:
         62:95:60:e5:df:09:83:e3:d7:c3:ef:7b:e4:7e:cf:fb:03:30:
         c1:4e:59:38:1c:90:18:65:fe:d9:8b:87:d2:9d:1f:4a:f5:de:
         44:9a:7e:cb:8a:0f:1b:ce:a6:cc:50:80:cd:97:a1:20:f9:81:
         4b:1f:83:1e:5e:22:40:9a:5e:73:62:bf:e3:ce:ef:63:48:82:
         39:41:1b:ef:3e:5d:b0:27:ab:56:52:7f:38:2f:8b:12:74:9c:
         4c:48:bb:47:b4:93:9e:b6:93:9e:b2:f6:0f:f3:92:47:89:dc:
         9c:21:6e:19:8f:a8:0f:88:99:54:d3:ac:dc:81:8b:86:07:d5:
         ba:7c:85:1a:5b:f1:e2:99:ec:de:b8:0a:cd:3a:4e:12:e7:9d:
         5f:87:fe:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IlIqCrjk6oyvtd+QGwYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNTJjZGU3MDkwYzU3ZDhlOWMzMWQ1MTg3NDhkZjkyMmI5
ZTA0Y2UwHhcNMjUxMDIwMDEwMTAzWhcNMjUxMDIxMDEwMTAzWjAzMTEwLwYDVQQD
EyhkYjM3Yzc1YzE1ZjI3OTgzNGFjZDcwNzJiYzM2YTdkMmRlYTk0MTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWcfplmbUw0U1zIKNr/vv5EDSboL
BZV2vL7cQ3/V5hkErYmymnL2NIvgX4DcaX8PQsrWJgURRg+apN7D5rgC2aX9NQWY
qKfZ0aOAydJ4HzkfNNbeo8bKEOBqF/aflqmMOaSefqT6zoWWDNCgvZxXT0+7H3f3
5oIywU7EEqX5sWHryHN3hGd0n8I2nqlnaiNA9ABOAv1+Y0o41T9W65QzpOa9uZQC
rODfQ2GT1jI6q652jCDvH3FvHIABVO1AE+Cu5Ej/iJZOpu2uoqDNwPcb3sl/xUe6
T27wQk73IYta2AsmaftsRWjWi8Mm6btxeSG7Kl3vRNxEqZatHSF2BWUjmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNs3x1wV8nmDSs1wcrw2p9LeqUE/MB8GA1UdIwQY
MBaAFNtSzecJDFfY6cMdUYdI35IrngTOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84ZjMwZWEtZWIyZS00NGNlLWE5M2Mt
ZDBjYWRmZTg0YjE5LzEvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84ZjMwZWEtZWIyZS00NGNlLWE5M2MtZDBjYWRmZTg0YjE5
LzEvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABdx/g8iR
V4SsEj6ZtqCZaHzrKmtTD+zGbFEQF7k1YJy4q4pat95Mzo1rJA6XUp6jvBiX8/S1
BK6pPSZ7M/97VrdFGKmKq2nQ+QShsWhu/IOdtWthLGw9Ob6yvomKnm45A00QOzvA
K5sLaOOeYpVg5d8Jg+PXw+975H7P+wMwwU5ZOByQGGX+2YuH0p0fSvXeRJp+y4oP
G86mzFCAzZehIPmBSx+DHl4iQJpec2K/487vY0iCOUEb7z5dsCerVlJ/OC+LEnSc
TEi7R7STnraTnrL2D/OSR4ncnCFuGY+oD4iZVNOs3IGLhgfVunyFGlvx4pns3rgK
zTpOEuedX4f+KA==
-----END CERTIFICATE-----