Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.mft
File:                     rSRGM37TPO3jTe_1VxBdxxwDqRY.mft (raw, json)
Hash identifier:          RaFkcj54GjPaJmlVzthUu7TBVeCYqloIbiKAM8kgMJc=
Subject key identifier:   5B:41:98:D4:D9:0A:9B:73:9A:DB:BC:46:92:F8:94:E1:01:55:9D:A5
Authority key identifier: AD:24:46:33:7E:D3:3C:ED:E3:4D:EF:F5:57:10:5D:C7:1C:03:A9:16
Certificate issuer:       /CN=ad2446337ed33cede34deff557105dc71c03a916
Certificate serial:       0199FDD8F7C05D323DBDF4B4E02019CA529F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rSRGM37TPO3jTe_1VxBdxxwDqRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.mft
Manifest number:          0674
Signing time:             Sun 19 Oct 2025 19:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:18 +0000
Files and hashes:         1: rSRGM37TPO3jTe_1VxBdxxwDqRY.crl (hash: +89LaIbAWcpRmMNdtFM6tUUO0M4b4xk+x1CcrPx50gQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rSRGM37TPO3jTe_1VxBdxxwDqRY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:f7:c0:5d:32:3d:bd:f4:b4:e0:20:19:ca:52:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2446337ed33cede34deff557105dc71c03a916
        Validity
            Not Before: Oct 19 19:01:18 2025 GMT
            Not After : Oct 20 19:01:18 2025 GMT
        Subject: CN=5b4198d4d90a9b739adbbc4692f894e101559da5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:5a:c0:2d:b1:8a:07:ed:99:9e:bf:09:9e:f3:
                    f5:62:4c:4d:e0:6f:86:af:55:31:fb:6c:b4:bb:51:
                    20:c0:6a:bc:6d:0d:61:01:cb:9a:ff:0c:69:ca:2f:
                    46:a2:1b:7d:e4:c5:d4:95:f4:61:bb:4c:5d:40:00:
                    ed:27:b6:f8:a0:dc:f9:f3:77:f0:de:88:14:b1:8e:
                    50:d1:eb:a0:f5:7d:0b:97:d7:63:1c:34:db:2a:1b:
                    38:6c:37:26:7f:72:4c:77:54:f3:7d:cb:e9:fb:3a:
                    8e:90:82:80:b8:78:3b:ac:3d:cc:0b:46:78:9c:f0:
                    2b:1b:57:2c:6c:9b:8e:5b:46:60:24:ac:7d:e8:e6:
                    a9:1c:9e:71:22:de:cd:55:72:df:b9:7b:60:b9:bd:
                    7d:03:dc:66:3f:df:1b:9d:29:04:31:44:39:f3:a4:
                    73:25:9f:a5:50:46:b0:3a:fa:7f:93:68:df:20:85:
                    4a:3d:34:a0:fa:4a:ee:7c:b4:bd:1d:d6:40:48:67:
                    e7:93:e8:6d:7d:aa:b0:4f:e1:e8:4a:18:f8:be:45:
                    59:6a:b4:09:27:e6:64:84:ac:e8:8a:52:6f:05:29:
                    3e:f5:f3:69:38:da:67:d0:4d:77:81:07:83:b3:7a:
                    e4:16:0f:4e:f6:b6:52:0e:75:90:cb:3c:be:79:71:
                    e7:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:41:98:D4:D9:0A:9B:73:9A:DB:BC:46:92:F8:94:E1:01:55:9D:A5
            X509v3 Authority Key Identifier:
                keyid:AD:24:46:33:7E:D3:3C:ED:E3:4D:EF:F5:57:10:5D:C7:1C:03:A9:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSRGM37TPO3jTe_1VxBdxxwDqRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cfa76c-05cc-43dc-98f1-e707dec7bd6c/1/rSRGM37TPO3jTe_1VxBdxxwDqRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:23:63:75:a6:b5:74:e0:4c:31:d1:5c:48:f5:7b:38:b8:f8:
         1b:7e:e1:fb:22:42:e9:c2:c2:2e:8e:2e:5d:f7:ca:54:03:f1:
         ab:a4:74:24:eb:0e:66:23:6c:99:2b:e9:c9:8f:cd:6a:b0:32:
         b3:39:b9:c1:4a:f9:1f:14:ee:16:8d:76:80:95:5a:4f:e0:a0:
         79:41:f1:67:a0:69:a8:0b:14:6f:8e:2f:93:04:b3:f7:dc:1c:
         11:8e:ba:d2:8c:76:1f:9d:07:a9:62:68:02:66:c8:ca:d6:f0:
         6b:63:36:be:a6:b2:2b:88:f1:f1:ad:9d:41:f0:ce:7d:93:de:
         97:4f:da:41:18:7b:8b:0d:e6:3f:d2:0f:e0:f4:e2:b3:8f:56:
         df:71:9d:1e:1c:6e:b6:30:92:a7:1b:0b:2f:e4:3b:85:5d:59:
         f0:98:a7:22:96:4e:de:18:04:f8:d0:ed:5a:c5:8e:46:49:b4:
         ed:f1:49:a7:bd:3a:c4:34:e3:d2:7c:da:9c:85:28:f3:f5:24:
         dc:3d:3b:9d:93:eb:82:41:aa:1e:4c:d8:05:71:e4:32:e4:e5:
         ed:ed:c4:11:a4:c9:a2:23:6d:34:de:5c:ac:5b:a4:72:cf:31:
         9b:80:3a:6d:02:80:2b:e7:f5:57:2a:69:5a:eb:d5:39:13:e1:
         93:4e:df:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92PfAXTI9vfS04CAZylKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQ0NjMzN2VkMzNjZWRlMzRkZWZmNTU3MTA1ZGM3MWMw
M2E5MTYwHhcNMjUxMDE5MTkwMTE4WhcNMjUxMDIwMTkwMTE4WjAzMTEwLwYDVQQD
Eyg1YjQxOThkNGQ5MGE5YjczOWFkYmJjNDY5MmY4OTRlMTAxNTU5ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFrALbGKB+2Znr8JnvP1YkxN4G+G
r1Ux+2y0u1EgwGq8bQ1hAcua/wxpyi9Goht95MXUlfRhu0xdQADtJ7b4oNz583fw
3ogUsY5Q0eug9X0Ll9djHDTbKhs4bDcmf3JMd1Tzfcvp+zqOkIKAuHg7rD3MC0Z4
nPArG1csbJuOW0ZgJKx96OapHJ5xIt7NVXLfuXtgub19A9xmP98bnSkEMUQ586Rz
JZ+lUEawOvp/k2jfIIVKPTSg+krufLS9HdZASGfnk+htfaqwT+HoShj4vkVZarQJ
J+ZkhKzoilJvBSk+9fNpONpn0E13gQeDs3rkFg9O9rZSDnWQyzy+eXHnkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFtBmNTZCptzmtu8RpL4lOEBVZ2lMB8GA1UdIwQY
MBaAFK0kRjN+0zzt403v9VcQXcccA6kWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNSR00zN1RQTzNqVGVfMVZ4QmR4eHdEcVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9jZmE3NmMtMDVjYy00M2RjLTk4ZjEt
ZTcwN2RlYzdiZDZjLzEvclNSR00zN1RQTzNqVGVfMVZ4QmR4eHdEcVJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9jZmE3NmMtMDVjYy00M2RjLTk4ZjEtZTcwN2RlYzdiZDZj
LzEvclNSR00zN1RQTzNqVGVfMVZ4QmR4eHdEcVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSNjdaa1
dOBMMdFcSPV7OLj4G37h+yJC6cLCLo4uXffKVAPxq6R0JOsOZiNsmSvpyY/NarAy
szm5wUr5HxTuFo12gJVaT+CgeUHxZ6BpqAsUb44vkwSz99wcEY660ox2H50HqWJo
AmbIytbwa2M2vqayK4jx8a2dQfDOfZPel0/aQRh7iw3mP9IP4PTis49W33GdHhxu
tjCSpxsLL+Q7hV1Z8JinIpZO3hgE+NDtWsWORkm07fFJp706xDTj0nzanIUo8/Uk
3D07nZPrgkGqHkzYBXHkMuTl7e3EEaTJoiNtNN5crFukcs8xm4A6bQKAK+f1Vypp
WuvVORPhk07f9Q==
-----END CERTIFICATE-----