Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
File:                     d4LgCn_HYX2UJguB_SKjo_PcaG0.mft (raw, json)
Hash identifier:          hAgxWqrytEekCCYaOeJqEOCJJzHIGXHRI0x1+f+GwhA=
Subject key identifier:   8D:95:BB:E6:C7:BE:27:FD:05:6E:E0:44:74:CD:9E:CF:AF:B7:1C:6D
Authority key identifier: 77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D
Certificate issuer:       /CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d
Certificate serial:       0199FDD9B3C9580B1B1A228E9A2EBF27093E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
Manifest number:          0B71
Signing time:             Sun 19 Oct 2025 19:02:06 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:06 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:06 +0000
Files and hashes:         1: d4LgCn_HYX2UJguB_SKjo_PcaG0.crl (hash: JUhew/lYXPnMcUSWLK5kzv2ouNUZAx2DzGElEeJbMNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:b3:c9:58:0b:1b:1a:22:8e:9a:2e:bf:27:09:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d
        Validity
            Not Before: Oct 19 19:02:06 2025 GMT
            Not After : Oct 20 19:02:06 2025 GMT
        Subject: CN=8d95bbe6c7be27fd056ee04474cd9ecfafb71c6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:1c:f5:3e:75:7a:de:5c:e8:09:ac:3c:00:08:
                    2e:8a:08:8e:70:49:0c:7b:7a:c9:b9:d9:33:a9:ba:
                    69:5f:5f:32:4b:79:8d:78:67:05:42:eb:f1:f2:63:
                    e8:e5:93:f5:f4:df:c3:f4:75:cb:26:34:77:6d:69:
                    2f:7f:7a:72:6e:b3:b2:74:ae:ed:ce:a0:1f:94:20:
                    4f:77:5f:28:c5:55:e7:fe:55:8e:4d:29:49:cf:bb:
                    8c:2b:42:fc:55:dc:b5:b3:9b:f5:8e:27:aa:dd:96:
                    e1:3a:c7:d8:d4:46:f3:51:5c:64:ba:b5:6f:09:3e:
                    d1:5f:cb:b9:2a:95:e7:1a:2b:27:c7:99:e9:b5:e6:
                    7a:a9:81:f8:b4:48:35:fe:51:3f:f6:3b:9f:28:38:
                    68:36:0b:c8:75:bd:b1:ea:a8:55:47:44:18:03:b2:
                    bd:76:cf:b1:c0:df:78:f5:d9:0a:85:ab:f4:69:27:
                    09:31:72:c7:b6:50:7d:e8:d2:41:59:eb:25:88:2c:
                    1f:4b:66:3b:75:14:4b:15:05:d0:0c:00:12:55:0c:
                    c6:c3:e4:14:52:43:49:c7:05:c9:2a:17:56:9b:44:
                    05:bf:dc:63:53:59:df:c8:50:48:9a:85:00:e1:a7:
                    40:5f:4c:f7:ee:65:b2:a1:40:58:ea:d2:0a:79:97:
                    b8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:95:BB:E6:C7:BE:27:FD:05:6E:E0:44:74:CD:9E:CF:AF:B7:1C:6D
            X509v3 Authority Key Identifier:
                keyid:77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:7d:d8:20:b9:36:2d:ea:0b:8c:c5:98:c7:88:27:27:37:f3:
         73:67:9c:fa:61:cc:90:a1:21:da:dc:93:66:8b:a7:db:64:d3:
         b3:c6:69:0d:11:3b:4b:6f:87:80:93:1a:a0:52:ef:4d:f4:ff:
         c4:f0:81:70:78:82:97:e7:df:ce:55:25:d3:f0:ba:6b:80:58:
         60:42:a4:6a:95:36:95:f4:66:6d:1b:7e:a7:47:47:55:9d:49:
         f3:47:f0:94:d1:fe:de:7d:a3:8e:ca:e2:b0:cf:a5:5c:e6:0e:
         8f:ff:e4:8a:f5:9d:09:2a:64:94:ea:4f:13:4f:73:99:fa:6e:
         31:cc:19:35:2b:0d:8a:95:29:79:e7:0a:95:d4:4d:fd:e3:1c:
         7c:4f:f0:b3:47:e5:37:7b:11:22:fb:6e:de:23:d0:60:58:ca:
         5d:bb:b5:cc:5d:cb:14:98:ce:7e:a0:67:aa:4e:4a:b9:47:d0:
         35:44:51:b8:56:b1:9d:bd:90:6c:c0:6c:e4:af:eb:aa:0e:5d:
         d4:b9:f3:f6:58:c5:82:fa:34:65:e3:1f:70:80:5c:81:d8:9f:
         c2:45:e4:d3:af:1b:f2:d7:6f:b4:9a:e4:e8:d4:84:d3:62:bc:
         b4:85:9a:96:13:f8:61:30:b9:2b:5e:8a:6a:f7:10:3c:d3:87:
         3d:40:dc:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92bPJWAsbGiKOmi6/Jwk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ODJlMDBhN2ZjNzYxN2Q5NDI2MGI4MWZkMjJhM2EzZjNk
YzY4NmQwHhcNMjUxMDE5MTkwMjA2WhcNMjUxMDIwMTkwMjA2WjAzMTEwLwYDVQQD
Eyg4ZDk1YmJlNmM3YmUyN2ZkMDU2ZWUwNDQ3NGNkOWVjZmFmYjcxYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hz1PnV63lzoCaw8AAguigiOcEkM
e3rJudkzqbppX18yS3mNeGcFQuvx8mPo5ZP19N/D9HXLJjR3bWkvf3pybrOydK7t
zqAflCBPd18oxVXn/lWOTSlJz7uMK0L8Vdy1s5v1jieq3ZbhOsfY1EbzUVxkurVv
CT7RX8u5KpXnGisnx5npteZ6qYH4tEg1/lE/9jufKDhoNgvIdb2x6qhVR0QYA7K9
ds+xwN949dkKhav0aScJMXLHtlB96NJBWesliCwfS2Y7dRRLFQXQDAASVQzGw+QU
UkNJxwXJKhdWm0QFv9xjU1nfyFBImoUA4adAX0z37mWyoUBY6tIKeZe4RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2Vu+bHvif9BW7gRHTNns+vtxxtMB8GA1UdIwQY
MBaAFHeC4Ap/x2F9lCYLgf0io6Pz3GhtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hZGU2MGEtZmQ4Yy00MjJlLWJjYTgt
OWEwMjg0YjNhZGMxLzEvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hZGU2MGEtZmQ4Yy00MjJlLWJjYTgtOWEwMjg0YjNhZGMx
LzEvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgX3YILk2
LeoLjMWYx4gnJzfzc2ec+mHMkKEh2tyTZoun22TTs8ZpDRE7S2+HgJMaoFLvTfT/
xPCBcHiCl+ffzlUl0/C6a4BYYEKkapU2lfRmbRt+p0dHVZ1J80fwlNH+3n2jjsri
sM+lXOYOj//kivWdCSpklOpPE09zmfpuMcwZNSsNipUpeecKldRN/eMcfE/ws0fl
N3sRIvtu3iPQYFjKXbu1zF3LFJjOfqBnqk5KuUfQNURRuFaxnb2QbMBs5K/rqg5d
1Lnz9ljFgvo0ZeMfcIBcgdifwkXk068b8tdvtJrk6NSE02K8tIWalhP4YTC5K16K
avcQPNOHPUDcTA==
-----END CERTIFICATE-----