Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          meV3dsmEJworrbP6IC00Q4Dtlj9iSQ/xwdvBB246VEA=
Subject key identifier:   9E:9A:85:B4:AE:13:84:F8:A5:1E:10:14:8C:06:58:B2:09:CF:DB:66
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       0199FBEB0974236085D863758F86EAFAA10C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          0466
Signing time:             Sun 19 Oct 2025 10:01:48 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:48 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:48 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: pDWW1bSWVLUb69JpdV97gGc7NswYjd0FpYxskkrupc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:09:74:23:60:85:d8:63:75:8f:86:ea:fa:a1:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: Oct 19 10:01:48 2025 GMT
            Not After : Oct 20 10:01:48 2025 GMT
        Subject: CN=9e9a85b4ae1384f8a51e10148c0658b209cfdb66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:73:c4:02:62:9c:3b:6c:fe:f6:1e:6e:91:b7:
                    11:a4:8d:43:15:14:7f:c6:30:93:d6:3d:e3:49:48:
                    33:48:29:f8:48:1f:60:c1:d5:f3:04:f7:2b:b6:31:
                    55:49:30:93:97:47:d8:da:9a:df:4f:c4:d3:72:fb:
                    a4:dd:57:d8:f3:a9:4b:ff:ef:55:a1:cb:89:af:91:
                    75:1e:51:a7:88:75:77:e7:45:45:69:22:ff:17:a1:
                    b3:56:62:4d:db:f6:bc:40:ee:63:d6:e0:2f:25:7f:
                    70:59:13:f4:84:24:5a:71:57:65:70:55:d1:a6:c5:
                    e3:68:38:af:41:7b:84:b5:fa:1d:8b:b4:ef:c2:02:
                    f9:bc:dc:63:21:1e:15:92:36:f8:eb:94:70:7f:f8:
                    08:37:43:21:23:a4:4c:3b:b3:2b:a7:24:d6:d3:7b:
                    f0:62:33:37:7a:b1:ce:4c:4f:5a:95:99:ad:0c:cf:
                    fe:13:ab:b2:55:9b:59:ba:84:a3:77:77:48:ef:25:
                    23:7d:10:b6:ee:9e:9b:05:d0:70:35:af:c3:7d:56:
                    3c:3a:49:d3:b4:85:36:96:69:8b:a9:cd:aa:8c:1d:
                    a8:87:02:98:f2:50:ab:c6:b0:dc:53:c8:56:98:cb:
                    36:79:bc:6d:e5:bc:dd:64:fa:af:bc:1d:58:68:69:
                    c3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:9A:85:B4:AE:13:84:F8:A5:1E:10:14:8C:06:58:B2:09:CF:DB:66
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e3:b5:d7:80:d3:3b:7c:35:1f:b3:e3:76:5a:50:2d:0a:d1:ab:
         0b:87:87:3f:0d:fe:03:72:01:95:d1:ca:a4:ff:66:4c:c9:68:
         f6:04:ff:f4:83:74:40:6a:6a:f3:a3:6e:42:81:fb:57:71:87:
         06:df:a8:72:f1:c1:bc:89:21:e7:a7:25:9e:90:e1:43:d7:58:
         ab:91:8b:d1:5b:10:8c:55:5d:e7:21:4f:44:9e:56:92:83:63:
         7d:b9:50:ed:a4:5c:dc:68:90:7d:44:54:d1:8c:38:16:70:b8:
         7c:cb:7e:32:2d:53:18:d8:73:42:97:52:d0:f8:40:13:f9:9e:
         56:7a:06:9b:45:62:44:9d:de:32:27:90:d7:39:3c:95:6c:40:
         5b:63:6c:5d:dc:e7:2b:1b:11:8b:90:f0:23:0a:7f:d3:11:e9:
         b4:4f:71:5c:68:27:ba:82:49:50:9a:28:91:9d:6b:f3:27:6a:
         03:af:19:56:4b:51:ce:75:4c:c0:02:a2:42:55:f4:ec:2c:14:
         06:b4:f6:34:41:2a:74:c7:3d:a3:b5:2c:34:9f:85:46:86:18:
         81:25:e7:af:19:dd:10:fd:9e:30:f3:38:de:ae:36:b8:c2:2d:
         5c:be:dd:54:85:10:82:05:47:ce:c1:52:95:cf:5a:88:a6:47:
         92:f2:44:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wl0I2CF2GN1j4bq+qEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjUxMDE5MTAwMTQ4WhcNMjUxMDIwMTAwMTQ4WjAzMTEwLwYDVQQD
Eyg5ZTlhODViNGFlMTM4NGY4YTUxZTEwMTQ4YzA2NThiMjA5Y2ZkYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nPEAmKcO2z+9h5ukbcRpI1DFRR/
xjCT1j3jSUgzSCn4SB9gwdXzBPcrtjFVSTCTl0fY2prfT8TTcvuk3VfY86lL/+9V
ocuJr5F1HlGniHV350VFaSL/F6GzVmJN2/a8QO5j1uAvJX9wWRP0hCRacVdlcFXR
psXjaDivQXuEtfodi7TvwgL5vNxjIR4Vkjb465Rwf/gIN0MhI6RMO7MrpyTW03vw
YjM3erHOTE9alZmtDM/+E6uyVZtZuoSjd3dI7yUjfRC27p6bBdBwNa/DfVY8OknT
tIU2lmmLqc2qjB2ohwKY8lCrxrDcU8hWmMs2ebxt5bzdZPqvvB1YaGnDDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ6ahbSuE4T4pR4QFIwGWLIJz9tmMB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA47XXgNM7
fDUfs+N2WlAtCtGrC4eHPw3+A3IBldHKpP9mTMlo9gT/9IN0QGpq86NuQoH7V3GH
Bt+ocvHBvIkh56clnpDhQ9dYq5GL0VsQjFVd5yFPRJ5WkoNjfblQ7aRc3GiQfURU
0Yw4FnC4fMt+Mi1TGNhzQpdS0PhAE/meVnoGm0ViRJ3eMieQ1zk8lWxAW2NsXdzn
KxsRi5DwIwp/0xHptE9xXGgnuoJJUJookZ1r8ydqA68ZVktRznVMwAKiQlX07CwU
BrT2NEEqdMc9o7UsNJ+FRoYYgSXnrxndEP2eMPM43q42uMItXL7dVIUQggVHzsFS
lc9aiKZHkvJEsw==
-----END CERTIFICATE-----