Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          YmPVwvvYX13GpqRO1Nt1udFrf7P4bNFMq4gSkMHkPaY=
Subject key identifier:   AC:06:8A:B7:6F:96:BB:8C:46:15:C3:BB:AC:E9:C1:66:72:56:AC:61
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       0199FD345712FC326D801646D04B1E817A1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          053A
Signing time:             Sun 19 Oct 2025 16:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:29 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: A6gkLGyU8TbcZdMrLUnS7+mizWojRqQkZcciMuQf5wg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:57:12:fc:32:6d:80:16:46:d0:4b:1e:81:7a:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: Oct 19 16:01:29 2025 GMT
            Not After : Oct 20 16:01:29 2025 GMT
        Subject: CN=ac068ab76f96bb8c4615c3bbace9c1667256ac61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5b:98:0a:c2:5a:18:76:6b:64:08:cc:33:cc:
                    f4:12:3a:bd:a0:b5:88:1a:b9:7b:b3:ac:1d:8d:d0:
                    54:dc:fb:8e:e1:03:b7:1f:86:d2:4b:b1:28:05:fc:
                    c4:cf:ec:6e:7f:06:60:0d:8f:1a:49:c1:a4:91:32:
                    bf:29:85:13:b6:66:8e:b4:0c:2a:43:d8:ec:94:6a:
                    77:f9:8c:46:72:d1:e1:43:5d:55:88:16:a8:58:2c:
                    4e:43:19:98:7d:be:1e:55:a2:ba:fd:4f:0e:09:f8:
                    06:d8:88:5a:55:38:65:6e:d3:d0:81:b2:5f:8a:f6:
                    8c:00:65:44:f2:bb:67:53:e6:bc:7c:48:4d:36:dc:
                    a6:19:71:5c:f4:66:5d:6d:bc:45:21:01:1f:c7:77:
                    cf:4c:9e:7b:7b:ba:99:3c:85:57:c8:53:35:a9:53:
                    c4:d3:18:41:29:b8:8c:3a:a0:55:de:c3:b0:ae:2e:
                    5d:d6:e0:fe:33:77:33:c2:4b:32:ac:20:60:12:b7:
                    c4:c6:ea:fc:21:b6:bd:bb:7a:c4:99:a3:37:ec:ec:
                    64:48:45:cb:4d:c6:43:0c:95:89:c2:5e:94:f4:6e:
                    31:81:b6:45:8f:8c:b8:c2:5d:ad:ce:e8:d2:a6:b1:
                    34:55:73:72:7e:3a:4e:a3:ba:c4:df:72:ad:5c:7e:
                    4d:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:06:8A:B7:6F:96:BB:8C:46:15:C3:BB:AC:E9:C1:66:72:56:AC:61
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:1a:5c:b5:2a:44:97:65:a8:58:e1:4d:5b:6d:e8:53:4c:f0:
         48:69:de:a3:fa:20:e0:4c:00:73:ae:d6:37:eb:85:69:3b:ce:
         96:cf:02:4a:40:57:64:1f:0d:7e:16:62:3d:0e:61:b5:ad:32:
         84:11:8e:e7:cd:e8:83:30:5f:b7:33:98:d7:28:6d:a8:af:d3:
         03:1d:42:4a:a2:0e:9a:f9:b4:1f:df:e5:9d:12:ef:41:79:46:
         29:b6:1d:00:6c:00:e9:86:46:e0:1b:8f:9b:cb:dd:42:d2:a5:
         bc:95:ed:72:70:65:a9:00:63:dc:20:95:5f:32:d6:e6:20:98:
         a9:fc:ef:ab:a6:2b:e2:da:14:73:19:20:b8:6a:f6:b0:3a:ae:
         73:26:18:81:e9:b6:52:46:fd:f0:11:1e:83:6e:6d:e0:59:a3:
         98:4c:b0:bb:a2:69:8b:07:05:56:76:f0:00:90:eb:0d:24:58:
         3b:50:cb:a2:82:47:83:a1:dd:95:8e:f4:9d:38:bd:33:4e:52:
         04:84:22:95:84:bc:d6:5c:f3:b0:ec:e3:29:7e:a6:63:bd:c9:
         bf:a9:c0:ce:37:b2:d7:1e:f5:ce:67:1e:9e:e0:52:36:22:68:
         dd:66:33:24:3f:e6:1b:69:f1:e0:00:a6:e7:8f:e0:5a:51:5b:
         65:22:a1:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NFcS/DJtgBZG0EsegXofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjUxMDE5MTYwMTI5WhcNMjUxMDIwMTYwMTI5WjAzMTEwLwYDVQQD
EyhhYzA2OGFiNzZmOTZiYjhjNDYxNWMzYmJhY2U5YzE2NjcyNTZhYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFuYCsJaGHZrZAjMM8z0Ejq9oLWI
Grl7s6wdjdBU3PuO4QO3H4bSS7EoBfzEz+xufwZgDY8aScGkkTK/KYUTtmaOtAwq
Q9jslGp3+YxGctHhQ11ViBaoWCxOQxmYfb4eVaK6/U8OCfgG2IhaVThlbtPQgbJf
ivaMAGVE8rtnU+a8fEhNNtymGXFc9GZdbbxFIQEfx3fPTJ57e7qZPIVXyFM1qVPE
0xhBKbiMOqBV3sOwri5d1uD+M3czwksyrCBgErfExur8Iba9u3rEmaM37OxkSEXL
TcZDDJWJwl6U9G4xgbZFj4y4wl2tzujSprE0VXNyfjpOo7rE33KtXH5NHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwGirdvlruMRhXDu6zpwWZyVqxhMB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArhpctSpE
l2WoWOFNW23oU0zwSGneo/og4EwAc67WN+uFaTvOls8CSkBXZB8NfhZiPQ5hta0y
hBGO583ogzBftzOY1yhtqK/TAx1CSqIOmvm0H9/lnRLvQXlGKbYdAGwA6YZG4BuP
m8vdQtKlvJXtcnBlqQBj3CCVXzLW5iCYqfzvq6Yr4toUcxkguGr2sDqucyYYgem2
Ukb98BEeg25t4FmjmEywu6JpiwcFVnbwAJDrDSRYO1DLooJHg6HdlY70nTi9M05S
BIQilYS81lzzsOzjKX6mY73Jv6nAzjey1x71zmcenuBSNiJo3WYzJD/mG2nx4ACm
54/gWlFbZSKhrQ==
-----END CERTIFICATE-----