Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
File:                     I6IOrOflZNlFaAhkd3q-nCu41NY.mft (raw, json)
Hash identifier:          qMqKoZzPt/dFAvpy2JdJTvLjfcEpB4YOrpgCp5fRPd4=
Subject key identifier:   96:E2:05:D1:33:7F:15:86:5F:94:1D:C5:C8:59:CE:49:2F:56:BA:A9
Authority key identifier: 23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6
Certificate issuer:       /CN=23a20eace7e564d945680864777abe9c2bb8d4d6
Certificate serial:       0199FE46D41981B515E3593CF4A431E19E2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
Manifest number:          0131
Signing time:             Sun 19 Oct 2025 21:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:18 +0000
Files and hashes:         1: I6IOrOflZNlFaAhkd3q-nCu41NY.crl (hash: ozMICARZJ/FPKz3YvTkujBdTymKzVEvxr9V3R/MQ/kE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:d4:19:81:b5:15:e3:59:3c:f4:a4:31:e1:9e:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23a20eace7e564d945680864777abe9c2bb8d4d6
        Validity
            Not Before: Oct 19 21:01:18 2025 GMT
            Not After : Oct 20 21:01:18 2025 GMT
        Subject: CN=96e205d1337f15865f941dc5c859ce492f56baa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:33:a6:d3:c1:ea:08:fc:c4:5a:9c:4f:54:53:
                    35:d9:1a:38:53:81:80:20:38:14:a0:19:97:09:7d:
                    1e:ef:d2:23:fa:37:92:95:77:3b:72:a0:12:5f:52:
                    8a:3d:25:64:ad:67:fd:0d:14:f8:9e:0a:45:84:af:
                    d9:f4:4d:8e:f0:a6:9f:49:11:7a:3a:41:9b:71:11:
                    90:3e:82:fb:11:dd:2a:80:45:32:df:19:87:49:af:
                    7a:98:37:d0:5e:a3:3e:08:77:b2:26:e8:0c:a6:4b:
                    5b:63:4e:44:02:69:07:a0:e8:57:2d:f6:34:82:62:
                    a2:d9:30:86:11:a5:ec:ce:be:32:12:60:e2:c2:87:
                    c5:a5:71:26:23:4d:10:8a:11:47:18:a3:de:fb:27:
                    3f:91:3a:bc:fb:5f:66:48:09:e7:01:5e:e4:24:8d:
                    f7:a8:ce:99:ec:6e:de:e0:3f:d5:1d:c5:de:47:2f:
                    fe:40:4c:6c:0c:45:2e:d2:d5:1f:cd:b6:16:d0:7c:
                    b0:e5:ba:ec:07:6a:9f:e4:88:42:05:e2:b6:83:76:
                    ca:ef:9e:b1:41:77:4e:04:4f:5b:43:2f:2e:76:79:
                    80:40:8c:34:3e:77:84:0e:78:5f:4b:fd:e9:95:15:
                    cf:5b:97:70:dc:1b:2f:ba:b2:7a:22:c3:21:2e:e6:
                    dc:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:E2:05:D1:33:7F:15:86:5F:94:1D:C5:C8:59:CE:49:2F:56:BA:A9
            X509v3 Authority Key Identifier:
                keyid:23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:9b:0a:00:58:c2:b2:7c:39:37:a4:f7:40:9d:37:5a:aa:1a:
         60:d2:dd:5f:9a:47:07:42:89:c3:fd:46:bc:28:03:75:bf:0d:
         bf:2c:a1:11:b2:cd:e3:e4:50:31:66:4d:4d:9f:69:69:a4:cc:
         7a:27:5d:a9:6e:ea:30:dc:7b:7c:0e:0e:f1:9f:a0:a9:3a:b5:
         34:00:6e:0c:60:97:83:bf:29:24:c6:c0:e8:f4:77:31:1f:64:
         e4:aa:0c:aa:1c:37:7c:8f:dd:90:83:4f:25:e3:3d:a0:c9:77:
         39:b8:96:d1:56:33:7f:56:2e:e2:ff:1d:db:8a:08:e5:ca:96:
         87:33:d1:fa:4e:e0:78:50:69:d8:ce:ad:27:8e:d2:68:9f:91:
         40:dd:33:71:83:c5:61:f9:d0:24:29:1e:20:e8:82:a2:d4:f2:
         98:a3:37:a7:a7:6d:8d:33:f0:07:77:f6:c6:37:88:25:17:c0:
         e8:f2:17:6f:09:c4:41:79:24:63:13:3f:52:76:14:ca:e6:b0:
         71:65:a9:29:63:00:1f:10:cd:25:69:2f:4a:38:b4:8a:84:b0:
         85:58:ee:e0:a4:29:92:ec:c6:48:e7:24:c6:bd:39:3a:49:a0:
         89:bd:d1:b3:21:b8:40:5e:84:b7:d0:8a:81:9b:43:c8:9f:46:
         dd:53:2e:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RtQZgbUV41k89KQx4Z4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTIwZWFjZTdlNTY0ZDk0NTY4MDg2NDc3N2FiZTljMmJi
OGQ0ZDYwHhcNMjUxMDE5MjEwMTE4WhcNMjUxMDIwMjEwMTE4WjAzMTEwLwYDVQQD
Eyg5NmUyMDVkMTMzN2YxNTg2NWY5NDFkYzVjODU5Y2U0OTJmNTZiYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjOm08HqCPzEWpxPVFM12Ro4U4GA
IDgUoBmXCX0e79Ij+jeSlXc7cqASX1KKPSVkrWf9DRT4ngpFhK/Z9E2O8KafSRF6
OkGbcRGQPoL7Ed0qgEUy3xmHSa96mDfQXqM+CHeyJugMpktbY05EAmkHoOhXLfY0
gmKi2TCGEaXszr4yEmDiwofFpXEmI00QihFHGKPe+yc/kTq8+19mSAnnAV7kJI33
qM6Z7G7e4D/VHcXeRy/+QExsDEUu0tUfzbYW0Hyw5brsB2qf5IhCBeK2g3bK756x
QXdOBE9bQy8udnmAQIw0PneEDnhfS/3plRXPW5dw3BsvurJ6IsMhLubcxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJbiBdEzfxWGX5QdxchZzkkvVrqpMB8GA1UdIwQY
MBaAFCOiDqzn5WTZRWgIZHd6vpwruNTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYt
NzVlMGQ0Nzk3NTNmLzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYtNzVlMGQ0Nzk3NTNm
LzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZsKAFjC
snw5N6T3QJ03WqoaYNLdX5pHB0KJw/1GvCgDdb8NvyyhEbLN4+RQMWZNTZ9paaTM
eiddqW7qMNx7fA4O8Z+gqTq1NABuDGCXg78pJMbA6PR3MR9k5KoMqhw3fI/dkINP
JeM9oMl3ObiW0VYzf1Yu4v8d24oI5cqWhzPR+k7geFBp2M6tJ47SaJ+RQN0zcYPF
YfnQJCkeIOiCotTymKM3p6dtjTPwB3f2xjeIJRfA6PIXbwnEQXkkYxM/UnYUyuaw
cWWpKWMAHxDNJWkvSji0ioSwhVju4KQpkuzGSOckxr05Okmgib3RsyG4QF6Et9CK
gZtDyJ9G3VMuLQ==
-----END CERTIFICATE-----