Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.mft
File:                     f5kYyrbx817xteWDyyg56bdIsVg.mft (raw, json)
Hash identifier:          SshhISpnvRGwRKkv8Woq4PWoCa0KiiEOAQPptX51u6Q=
Subject key identifier:   8A:6F:0B:1D:25:01:F5:60:3F:F7:44:5F:D7:22:2C:79:A7:C7:C0:A4
Authority key identifier: 7F:99:18:CA:B6:F1:F3:5E:F1:B5:E5:83:CB:28:39:E9:B7:48:B1:58
Certificate issuer:       /CN=7f9918cab6f1f35ef1b5e583cb2839e9b748b158
Certificate serial:       0199FFC8D3B7B2638743D5D8422B9A304C46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f5kYyrbx817xteWDyyg56bdIsVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.mft
Manifest number:          13B8
Signing time:             Mon 20 Oct 2025 04:02:55 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:55 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:55 +0000
Files and hashes:         1: f5kYyrbx817xteWDyyg56bdIsVg.crl (hash: zSYLvgtlhDeVqddiuDtQn2t2psDXVLY3oMWrj4cmIdc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f5kYyrbx817xteWDyyg56bdIsVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:d3:b7:b2:63:87:43:d5:d8:42:2b:9a:30:4c:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f9918cab6f1f35ef1b5e583cb2839e9b748b158
        Validity
            Not Before: Oct 20 04:02:55 2025 GMT
            Not After : Oct 21 04:02:55 2025 GMT
        Subject: CN=8a6f0b1d2501f5603ff7445fd7222c79a7c7c0a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a2:48:65:43:f9:40:05:6c:c0:7e:42:48:1e:
                    d3:6d:61:2c:06:d5:df:3a:69:b7:47:d3:aa:d8:e3:
                    49:db:57:cd:bb:16:1a:2e:2a:a4:07:d3:13:c5:82:
                    85:b3:ac:fc:41:36:a2:ba:f4:5f:40:88:42:9b:fa:
                    bc:62:bd:1a:96:df:46:ea:01:3c:b1:57:34:28:8a:
                    51:cb:b8:8d:99:a9:47:54:03:d4:e1:29:c8:5e:91:
                    cc:c1:8e:c8:85:8f:40:b3:bf:de:87:4d:8b:67:85:
                    fc:da:ec:b3:b8:5f:19:4b:dc:df:38:fc:71:ca:44:
                    f2:f9:b8:44:c1:6b:44:60:0f:6b:d2:9c:be:e1:07:
                    43:06:36:53:6f:f9:d2:9d:1f:5a:d1:f5:7a:8f:eb:
                    67:a3:35:21:59:6f:7a:78:e2:7b:f8:c7:0c:68:0f:
                    f0:d1:cd:ff:2d:eb:0d:39:80:89:df:20:51:18:0f:
                    f9:bf:45:8f:8c:78:f7:b3:43:20:d0:00:19:4a:2a:
                    a7:a3:3d:35:12:db:06:e9:c5:df:40:38:6a:c3:af:
                    d5:c7:c0:2e:a4:a9:88:5b:6e:50:11:32:2f:08:a2:
                    3e:84:ce:3f:57:da:dc:cd:d7:cc:df:83:9c:a8:16:
                    e9:82:f5:c4:47:21:4f:36:cb:83:f3:92:8b:8f:22:
                    32:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:6F:0B:1D:25:01:F5:60:3F:F7:44:5F:D7:22:2C:79:A7:C7:C0:A4
            X509v3 Authority Key Identifier:
                keyid:7F:99:18:CA:B6:F1:F3:5E:F1:B5:E5:83:CB:28:39:E9:B7:48:B1:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5kYyrbx817xteWDyyg56bdIsVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:9c:91:91:b0:b0:9e:6e:4f:21:0e:94:ba:7c:ae:0c:91:9b:
         ce:29:8f:fa:48:d1:23:d2:47:a4:26:86:27:5f:63:ef:2a:7d:
         6f:e1:c2:d6:f0:a2:ba:7a:42:49:fb:e8:43:d7:35:f1:a3:d0:
         63:b8:ac:36:91:ab:e1:0a:af:3e:4e:30:e8:84:d5:e5:39:74:
         54:2d:0f:f0:96:ce:e5:76:b7:76:75:1d:69:06:de:78:3b:69:
         a8:e6:b5:31:87:5a:2a:e8:53:08:3d:b7:18:78:9f:26:50:74:
         81:14:ea:11:8f:63:15:be:ce:c2:8f:dc:af:11:72:7f:ff:b6:
         34:ca:59:e9:f3:bc:88:a4:69:7d:41:3b:07:19:0c:15:4f:ae:
         b8:ff:6c:31:59:e4:c0:6f:a1:85:e8:f7:87:72:30:99:c7:5b:
         b2:3d:d0:c1:bd:32:a1:55:3b:af:20:93:ae:c4:6d:d2:ef:2a:
         c6:ac:03:69:08:60:c9:d5:63:4f:6e:09:97:59:22:4a:75:3b:
         6a:49:df:7c:b7:14:4b:31:0f:ee:e2:41:48:27:ec:d2:4c:ab:
         f8:82:de:50:03:40:4f:d3:76:c6:df:f4:06:3d:ee:26:50:72:
         43:08:b0:c1:93:99:a4:1f:d4:30:ef:43:e2:7b:82:56:2f:81:
         af:09:28:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yNO3smOHQ9XYQiuaMExGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmOTkxOGNhYjZmMWYzNWVmMWI1ZTU4M2NiMjgzOWU5Yjc0
OGIxNTgwHhcNMjUxMDIwMDQwMjU1WhcNMjUxMDIxMDQwMjU1WjAzMTEwLwYDVQQD
Eyg4YTZmMGIxZDI1MDFmNTYwM2ZmNzQ0NWZkNzIyMmM3OWE3YzdjMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKJIZUP5QAVswH5CSB7TbWEsBtXf
Omm3R9Oq2ONJ21fNuxYaLiqkB9MTxYKFs6z8QTaiuvRfQIhCm/q8Yr0alt9G6gE8
sVc0KIpRy7iNmalHVAPU4SnIXpHMwY7IhY9As7/eh02LZ4X82uyzuF8ZS9zfOPxx
ykTy+bhEwWtEYA9r0py+4QdDBjZTb/nSnR9a0fV6j+tnozUhWW96eOJ7+McMaA/w
0c3/LesNOYCJ3yBRGA/5v0WPjHj3s0Mg0AAZSiqnoz01EtsG6cXfQDhqw6/Vx8Au
pKmIW25QETIvCKI+hM4/V9rczdfM34OcqBbpgvXERyFPNsuD85KLjyIyhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIpvCx0lAfVgP/dEX9ciLHmnx8CkMB8GA1UdIwQY
MBaAFH+ZGMq28fNe8bXlg8soOem3SLFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjVrWXlyYng4MTd4dGVXRHl5ZzU2YmRJc1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kZjgyZmEtMTE4ZC00MjE5LWJhMTYt
MWE5NjgzYzlkNmNiLzEvZjVrWXlyYng4MTd4dGVXRHl5ZzU2YmRJc1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kZjgyZmEtMTE4ZC00MjE5LWJhMTYtMWE5NjgzYzlkNmNi
LzEvZjVrWXlyYng4MTd4dGVXRHl5ZzU2YmRJc1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaJyRkbCw
nm5PIQ6UunyuDJGbzimP+kjRI9JHpCaGJ19j7yp9b+HC1vCiunpCSfvoQ9c18aPQ
Y7isNpGr4QqvPk4w6ITV5Tl0VC0P8JbO5Xa3dnUdaQbeeDtpqOa1MYdaKuhTCD23
GHifJlB0gRTqEY9jFb7Owo/crxFyf/+2NMpZ6fO8iKRpfUE7BxkMFU+uuP9sMVnk
wG+hhej3h3Iwmcdbsj3Qwb0yoVU7ryCTrsRt0u8qxqwDaQhgydVjT24Jl1kiSnU7
aknffLcUSzEP7uJBSCfs0kyr+ILeUANAT9N2xt/0Bj3uJlByQwiwwZOZpB/UMO9D
4nuCVi+Brwkoww==
-----END CERTIFICATE-----