Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
File:                     xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json)
Hash identifier:          8wTeN60IXtMmtq41+L9FwsVc8DvkQZvNEWp76j1dc9M=
Subject key identifier:   B4:83:CE:FD:40:3F:C0:1F:22:3A:B1:EF:2C:4C:C7:48:AE:7F:EF:2C
Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
Certificate issuer:       /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Certificate serial:       0199FEB50D93717569FB5C0C5A72BB6D82BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
Manifest number:          141D
Signing time:             Sun 19 Oct 2025 23:01:42 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:42 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:42 +0000
Files and hashes:         1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: KoIiMcdgELQaNUz+yEs1/ChoFYnGYF/cqPPXyEq3BmQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 23:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b5:0d:93:71:75:69:fb:5c:0c:5a:72:bb:6d:82:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
        Validity
            Not Before: Oct 19 23:01:42 2025 GMT
            Not After : Oct 20 23:01:42 2025 GMT
        Subject: CN=b483cefd403fc01f223ab1ef2c4cc748ae7fef2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:98:5b:cc:75:d0:92:0f:e6:be:4f:78:9f:81:
                    8a:b1:3e:c5:6f:90:58:75:04:dd:52:0c:01:19:a2:
                    e3:e9:72:16:73:2e:fe:cf:ab:aa:fb:68:38:28:7e:
                    f0:a8:b8:88:03:80:2b:ca:a5:65:be:0b:a3:08:9b:
                    4b:a9:45:5e:d5:66:32:9b:11:61:c0:57:6d:62:10:
                    4e:78:7b:80:1a:c7:80:3e:be:24:cc:b2:ed:14:86:
                    82:72:32:90:24:c8:b9:b7:5c:e5:20:5e:c6:0f:d5:
                    c9:2b:3c:e4:d8:24:f0:5e:fe:7d:8b:5c:14:cd:1b:
                    64:73:36:c5:88:8e:38:ea:3e:37:74:24:49:f0:b3:
                    d4:fd:a4:f0:8b:ad:7e:d8:19:ae:09:4a:29:b4:c6:
                    58:53:dd:c7:c2:1c:ee:a4:ba:c4:63:9e:27:5c:eb:
                    28:62:62:f4:19:1d:2c:88:13:0a:9e:3d:c2:1e:77:
                    b5:ce:fd:5f:30:f0:1d:2c:07:2e:8e:28:67:1f:a0:
                    37:c6:79:27:23:4f:8b:c5:76:cd:5f:92:1a:61:d8:
                    d5:00:05:4c:96:e1:30:9f:ad:c2:4e:50:cc:40:7c:
                    f0:82:17:a6:bd:25:ea:da:92:7d:b0:91:67:84:9c:
                    b3:f8:d0:04:60:b2:e2:41:a0:be:00:14:28:a9:66:
                    a2:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:83:CE:FD:40:3F:C0:1F:22:3A:B1:EF:2C:4C:C7:48:AE:7F:EF:2C
            X509v3 Authority Key Identifier:
                keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:a2:6f:52:72:2a:6c:cf:61:1c:d8:55:88:c9:b3:41:f9:73:
         01:b0:0d:78:d6:a0:30:6c:66:49:56:9f:9e:18:2c:05:67:d6:
         cd:aa:2f:ff:9c:ee:19:8b:52:7f:63:44:d9:c6:4d:7d:a8:3f:
         8a:25:44:85:d1:52:92:bb:2e:bb:7d:9f:2d:2c:d8:93:2c:24:
         2f:fb:ca:b6:ce:d1:e5:ca:54:21:36:9b:ed:02:3d:3f:14:39:
         52:d6:5f:74:6f:70:96:2c:c5:a5:b0:bb:8f:73:93:a5:e3:5f:
         0e:fd:f2:df:2f:86:0b:1d:58:f9:dd:2b:f2:22:88:68:fd:fc:
         d0:17:2d:22:ec:fc:56:f1:9f:0f:7b:57:59:0b:90:cc:08:34:
         19:87:22:ca:57:ec:7b:a6:60:2d:ef:8f:54:22:be:39:0b:93:
         e9:9d:a9:0d:f2:07:90:ed:14:4a:96:07:fd:11:0e:ee:49:01:
         a9:b0:cb:70:cd:c2:4e:cf:14:05:b6:95:df:d9:12:3d:51:c1:
         09:5e:d0:ea:d1:d8:af:dc:da:a9:b7:6b:5c:65:9e:f8:0e:72:
         c5:c9:d8:fc:4a:10:2d:00:27:67:b4:ee:25:f1:bc:ae:14:42:
         71:07:cc:fb:63:95:3e:f0:a0:c5:f1:5b:34:17:3b:b8:fa:80:
         e9:69:43:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tQ2TcXVp+1wMWnK7bYK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx
YTFiN2MwHhcNMjUxMDE5MjMwMTQyWhcNMjUxMDIwMjMwMTQyWjAzMTEwLwYDVQQD
EyhiNDgzY2VmZDQwM2ZjMDFmMjIzYWIxZWYyYzRjYzc0OGFlN2ZlZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJhbzHXQkg/mvk94n4GKsT7Fb5BY
dQTdUgwBGaLj6XIWcy7+z6uq+2g4KH7wqLiIA4AryqVlvgujCJtLqUVe1WYymxFh
wFdtYhBOeHuAGseAPr4kzLLtFIaCcjKQJMi5t1zlIF7GD9XJKzzk2CTwXv59i1wU
zRtkczbFiI446j43dCRJ8LPU/aTwi61+2BmuCUoptMZYU93HwhzupLrEY54nXOso
YmL0GR0siBMKnj3CHne1zv1fMPAdLAcujihnH6A3xnknI0+LxXbNX5IaYdjVAAVM
luEwn63CTlDMQHzwghemvSXq2pJ9sJFnhJyz+NAEYLLiQaC+ABQoqWaivwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSDzv1AP8AfIjqx7yxMx0iuf+8sMB8GA1UdIwQY
MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt
MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2
LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF6JvUnIq
bM9hHNhViMmzQflzAbANeNagMGxmSVafnhgsBWfWzaov/5zuGYtSf2NE2cZNfag/
iiVEhdFSkrsuu32fLSzYkywkL/vKts7R5cpUITab7QI9PxQ5UtZfdG9wlizFpbC7
j3OTpeNfDv3y3y+GCx1Y+d0r8iKIaP380BctIuz8VvGfD3tXWQuQzAg0GYciylfs
e6ZgLe+PVCK+OQuT6Z2pDfIHkO0USpYH/REO7kkBqbDLcM3CTs8UBbaV39kSPVHB
CV7Q6tHYr9zaqbdrXGWe+A5yxcnY/EoQLQAnZ7TuJfG8rhRCcQfM+2OVPvCgxfFb
NBc7uPqA6WlDEQ==
-----END CERTIFICATE-----