Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
File:                     qYI63d9sNfBbfByuB5BL_58vass.mft (raw, json)
Hash identifier:          S4/Sqp+wXStROFlvLmHKZlc8AYQT/8hE7akMPambgbI=
Subject key identifier:   0D:86:7C:DA:AE:9F:C2:2E:90:47:BB:B7:DF:9C:A8:CF:31:CA:F4:15
Authority key identifier: A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB
Certificate issuer:       /CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
Certificate serial:       0199FC585FB663726C7EFA2C0EDBBDC8766A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
Manifest number:          0B58
Signing time:             Sun 19 Oct 2025 12:01:14 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:14 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:14 +0000
Files and hashes:         1: qYI63d9sNfBbfByuB5BL_58vass.crl (hash: kIePI+Exk2nZx8tvdV7LK5iqdbd0J2XlbeYfugd1p8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:5f:b6:63:72:6c:7e:fa:2c:0e:db:bd:c8:76:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
        Validity
            Not Before: Oct 19 12:01:14 2025 GMT
            Not After : Oct 20 12:01:14 2025 GMT
        Subject: CN=0d867cdaae9fc22e9047bbb7df9ca8cf31caf415
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:ea:dc:9f:ab:d5:23:d6:cc:d6:14:ed:a8:ce:
                    47:57:2b:c3:cf:b4:63:42:af:86:b1:7c:08:af:28:
                    c6:9a:76:f0:b6:95:24:bf:61:66:45:84:db:a5:63:
                    bc:85:4c:c7:1a:4c:35:67:50:6a:27:a9:98:dd:56:
                    95:f0:2b:2b:44:1c:69:07:ba:73:96:ca:f6:1b:74:
                    19:f2:4c:7b:ee:7b:e3:d4:7a:e7:f6:ea:57:0e:5f:
                    30:03:59:2e:ac:0d:2c:cc:5e:90:7a:ce:f9:31:fd:
                    5b:c0:da:26:39:ee:04:04:ed:49:f7:7b:64:d3:b2:
                    d6:d4:76:f9:e3:24:ab:0e:c4:2f:48:97:e5:8b:ce:
                    49:47:0d:ed:3e:35:ed:49:5d:cc:a9:a9:7d:10:94:
                    e6:7a:73:9c:3c:3a:e7:a1:f3:93:bb:2a:1b:0d:a6:
                    c5:8a:4c:ae:0e:7f:27:90:e7:dd:b8:e5:61:8a:0b:
                    cd:5b:da:9a:81:1c:fb:3b:32:de:82:7a:0f:5f:de:
                    ef:9f:b7:c5:38:f7:fa:af:ad:a9:08:3a:77:bb:e1:
                    85:71:10:ef:18:c9:e9:35:40:37:30:20:6d:e8:55:
                    ab:70:c3:a3:73:22:02:95:0e:1b:33:ff:85:d8:55:
                    91:af:a2:3c:12:a5:fc:17:37:d5:cc:f4:8c:40:b3:
                    e5:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:86:7C:DA:AE:9F:C2:2E:90:47:BB:B7:DF:9C:A8:CF:31:CA:F4:15
            X509v3 Authority Key Identifier:
                keyid:A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:ff:27:5b:4b:3f:c3:af:87:02:47:8a:67:75:e4:6d:eb:24:
         c8:13:ba:96:7a:09:8f:ab:c1:e6:72:8d:36:8c:26:27:6a:a6:
         20:d5:0e:64:53:b5:62:c0:66:b1:83:eb:28:85:28:1a:d7:c4:
         12:6d:d4:c1:de:48:9c:06:b7:b4:76:18:9e:69:0b:58:72:40:
         54:dc:9c:6b:96:94:b8:3d:a0:0d:48:f4:5e:dd:e0:6a:f6:25:
         2c:b9:11:26:f7:a8:e9:29:86:46:0c:8b:8b:8b:0f:5d:49:4f:
         92:e6:68:2d:28:25:fb:a8:9e:8e:b0:e7:6b:b1:44:05:9a:57:
         c3:42:bc:2f:21:17:f3:26:c4:b3:8b:8b:d0:b2:2c:a6:d6:b6:
         d7:36:d1:c2:29:aa:9e:04:e8:0b:56:15:3a:50:42:dd:36:11:
         7e:0e:3a:cc:64:1e:b0:e9:f1:06:4c:31:5b:1c:ce:ea:65:fb:
         8c:54:43:30:b7:a7:15:c0:0b:38:6a:17:10:c9:a8:58:30:e0:
         ac:78:32:4a:74:f9:da:58:21:7c:27:a2:51:3e:f1:da:7b:77:
         30:3a:fc:ac:8e:af:42:91:4b:8e:cd:bd:d8:fe:69:c2:44:86:
         db:d1:ab:a4:a7:7e:6d:04:9f:61:ef:23:17:8c:4d:72:cd:e8:
         ec:e9:d2:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WF+2Y3JsfvosDtu9yHZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODIzYWRkZGY2YzM1ZjA1YjdjMWNhZTA3OTA0YmZmOWYy
ZjZhY2IwHhcNMjUxMDE5MTIwMTE0WhcNMjUxMDIwMTIwMTE0WjAzMTEwLwYDVQQD
EygwZDg2N2NkYWFlOWZjMjJlOTA0N2JiYjdkZjljYThjZjMxY2FmNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5urcn6vVI9bM1hTtqM5HVyvDz7Rj
Qq+GsXwIryjGmnbwtpUkv2FmRYTbpWO8hUzHGkw1Z1BqJ6mY3VaV8CsrRBxpB7pz
lsr2G3QZ8kx77nvj1Hrn9upXDl8wA1kurA0szF6Qes75Mf1bwNomOe4EBO1J93tk
07LW1Hb54ySrDsQvSJfli85JRw3tPjXtSV3Mqal9EJTmenOcPDrnofOTuyobDabF
ikyuDn8nkOfduOVhigvNW9qagRz7OzLegnoPX97vn7fFOPf6r62pCDp3u+GFcRDv
GMnpNUA3MCBt6FWrcMOjcyIClQ4bM/+F2FWRr6I8EqX8FzfVzPSMQLPlZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2GfNqun8IukEe7t9+cqM8xyvQVMB8GA1UdIwQY
MBaAFKmCOt3fbDXwW3wcrgeQS/+fL2rLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAt
MzZkNGQ3ZjA3YzhhLzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAtMzZkNGQ3ZjA3Yzhh
LzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkP8nW0s/
w6+HAkeKZ3XkbeskyBO6lnoJj6vB5nKNNowmJ2qmINUOZFO1YsBmsYPrKIUoGtfE
Em3Uwd5InAa3tHYYnmkLWHJAVNyca5aUuD2gDUj0Xt3gavYlLLkRJveo6SmGRgyL
i4sPXUlPkuZoLSgl+6iejrDna7FEBZpXw0K8LyEX8ybEs4uL0LIspta21zbRwimq
ngToC1YVOlBC3TYRfg46zGQesOnxBkwxWxzO6mX7jFRDMLenFcALOGoXEMmoWDDg
rHgySnT52lghfCeiUT7x2nt3MDr8rI6vQpFLjs292P5pwkSG29GrpKd+bQSfYe8j
F4xNcs3o7OnSqQ==
-----END CERTIFICATE-----