Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
File:                     R0NPTmaYKfhsbea6PrDo9m2piLY.mft (raw, json)
Hash identifier:          ClH149s8jejIAs1fJms8RsHTAIbt2hhUetDAw8FyxNw=
Subject key identifier:   7E:82:D1:A9:E7:74:43:0A:45:5D:F7:30:2E:35:9C:EE:ED:5B:D4:4E
Authority key identifier: 47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6
Certificate issuer:       /CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
Certificate serial:       0199FFC80A3C82D292A41F2020616D4EBD22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
Manifest number:          0116
Signing time:             Mon 20 Oct 2025 04:02:03 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:03 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:03 +0000
Files and hashes:         1: R0NPTmaYKfhsbea6PrDo9m2piLY.crl (hash: aTsG8JYBefqL70lBTUk0wD6zJsE7D1o6rYSuQ3Yefio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:0a:3c:82:d2:92:a4:1f:20:20:61:6d:4e:bd:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
        Validity
            Not Before: Oct 20 04:02:03 2025 GMT
            Not After : Oct 21 04:02:03 2025 GMT
        Subject: CN=7e82d1a9e774430a455df7302e359ceeed5bd44e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f1:18:64:a1:c4:8f:b7:22:70:0c:37:63:d2:
                    ac:7c:f7:31:f6:9b:4f:8c:39:4c:5b:ce:9a:a3:d5:
                    51:24:33:b4:16:e8:a5:99:30:49:96:23:1d:f9:37:
                    f3:a6:82:46:6b:72:a9:cc:5a:bd:d1:e1:4d:2d:80:
                    db:cc:04:34:53:9f:0a:32:a5:8d:55:98:96:bf:8d:
                    cc:9d:b1:9c:be:76:55:d3:85:69:91:78:14:ce:50:
                    99:5d:04:ec:27:0b:7f:8d:cb:0f:11:29:bf:a7:26:
                    71:b4:db:ec:b2:61:6d:80:1c:c7:98:46:32:5b:f5:
                    d5:64:03:6c:14:04:97:0b:62:6b:cf:e8:aa:5f:bd:
                    65:d2:e6:98:87:5a:ea:72:3c:d6:c2:d3:45:d4:3d:
                    bb:7b:11:a1:9b:b9:5f:01:2a:6b:2e:75:15:d0:25:
                    74:b7:30:3a:51:8e:92:18:61:eb:6b:f2:b9:4e:72:
                    5b:41:cf:a6:f0:6a:1d:c8:2c:62:cd:2c:18:31:02:
                    a1:58:cc:55:f5:41:9d:3d:a9:90:28:90:65:5c:21:
                    67:a1:04:4d:48:da:24:cd:91:fd:cd:60:a9:49:d4:
                    f8:67:36:6e:f5:72:01:e7:9b:60:b6:b5:30:f0:41:
                    51:0d:a0:ba:be:46:a0:53:46:95:6d:28:72:c9:d3:
                    36:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:82:D1:A9:E7:74:43:0A:45:5D:F7:30:2E:35:9C:EE:ED:5B:D4:4E
            X509v3 Authority Key Identifier:
                keyid:47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:60:00:c5:94:bc:78:ce:4f:53:04:2c:63:cb:ee:f5:dc:21:
         c3:ef:0f:79:35:d8:9d:61:f7:49:8c:ed:a0:b4:0d:c5:d2:1a:
         0f:70:5d:97:40:50:ea:b7:fb:49:97:b1:7a:5e:e8:a4:1b:5e:
         b9:6e:c5:5d:bd:a3:36:7c:81:00:d8:61:01:9a:45:39:5f:d3:
         1c:72:31:8e:2d:97:cf:8c:8c:0d:be:2d:69:29:de:60:ff:4c:
         d6:52:42:3f:d8:8d:e6:c2:28:8c:bd:b9:13:f6:88:ec:8a:12:
         cd:1d:c7:73:d4:5a:7e:79:63:9b:19:a1:ba:e1:81:0c:13:7b:
         ce:8c:1d:92:eb:17:ca:08:30:67:ba:55:09:93:81:31:65:77:
         bb:be:25:ef:e2:85:d0:7d:a8:83:15:c0:76:62:49:ac:d7:ed:
         6c:8f:ab:d9:f1:91:c8:d8:36:f1:d9:a6:b2:de:34:6e:a1:50:
         e0:c4:15:86:8c:33:3a:02:77:ef:65:3f:79:6a:f5:8c:2f:ec:
         97:83:c8:24:66:5e:8d:d4:8c:18:3d:36:bf:b9:d9:15:3d:16:
         75:56:9f:2c:87:8c:2c:22:58:45:20:bd:78:b9:78:bf:89:e9:
         bb:b0:03:f8:26:f2:ea:c8:fe:a8:ff:8a:63:ca:6d:54:4f:30:
         fc:b1:99:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yAo8gtKSpB8gIGFtTr0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NDM0ZjRlNjY5ODI5Zjg2YzZkZTZiYTNlYjBlOGY2NmRh
OTg4YjYwHhcNMjUxMDIwMDQwMjAzWhcNMjUxMDIxMDQwMjAzWjAzMTEwLwYDVQQD
Eyg3ZTgyZDFhOWU3NzQ0MzBhNDU1ZGY3MzAyZTM1OWNlZWVkNWJkNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvEYZKHEj7cicAw3Y9KsfPcx9ptP
jDlMW86ao9VRJDO0FuilmTBJliMd+TfzpoJGa3KpzFq90eFNLYDbzAQ0U58KMqWN
VZiWv43MnbGcvnZV04VpkXgUzlCZXQTsJwt/jcsPESm/pyZxtNvssmFtgBzHmEYy
W/XVZANsFASXC2Jrz+iqX71l0uaYh1rqcjzWwtNF1D27exGhm7lfASprLnUV0CV0
tzA6UY6SGGHra/K5TnJbQc+m8GodyCxizSwYMQKhWMxV9UGdPamQKJBlXCFnoQRN
SNokzZH9zWCpSdT4ZzZu9XIB55tgtrUw8EFRDaC6vkagU0aVbShyydM2XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH6C0anndEMKRV33MC41nO7tW9ROMB8GA1UdIwQY
MBaAFEdDT05mmCn4bG3muj6w6PZtqYi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODkt
NWI5ZmZmZjA4MmYxLzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODktNWI5ZmZmZjA4MmYx
LzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADmAAxZS8
eM5PUwQsY8vu9dwhw+8PeTXYnWH3SYztoLQNxdIaD3Bdl0BQ6rf7SZexel7opBte
uW7FXb2jNnyBANhhAZpFOV/THHIxji2Xz4yMDb4taSneYP9M1lJCP9iN5sIojL25
E/aI7IoSzR3Hc9RafnljmxmhuuGBDBN7zowdkusXyggwZ7pVCZOBMWV3u74l7+KF
0H2ogxXAdmJJrNftbI+r2fGRyNg28dmmst40bqFQ4MQVhowzOgJ372U/eWr1jC/s
l4PIJGZejdSMGD02v7nZFT0WdVafLIeMLCJYRSC9eLl4v4npu7AD+Cby6sj+qP+K
Y8ptVE8w/LGZPQ==
-----END CERTIFICATE-----