Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
File:                     9h0r7udUOkGpCKGgHs_AqHJqOuI.mft (raw, json)
Hash identifier:          WBnXuh3MihOaqJXi/cQlDkE8yuE7Z9dimexBDKd5J78=
Subject key identifier:   69:2F:AB:55:63:A2:FB:24:95:D5:1A:38:38:2C:18:2C:44:A2:B2:29
Authority key identifier: F6:1D:2B:EE:E7:54:3A:41:A9:08:A1:A0:1E:CF:C0:A8:72:6A:3A:E2
Certificate issuer:       /CN=f61d2beee7543a41a908a1a01ecfc0a8726a3ae2
Certificate serial:       0199FB0EF57BF6EE274C0B53A6A40E157BF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
Manifest number:          0B83
Signing time:             Sun 19 Oct 2025 06:01:25 +0000
Manifest this update:     Sun 19 Oct 2025 06:01:25 +0000
Manifest next update:     Mon 20 Oct 2025 06:01:25 +0000
Files and hashes:         1: 9h0r7udUOkGpCKGgHs_AqHJqOuI.crl (hash: lYjml0vEg5p5BTAaW6fwxKnHWyvPDPX365oOlGalUa4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:0e:f5:7b:f6:ee:27:4c:0b:53:a6:a4:0e:15:7b:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f61d2beee7543a41a908a1a01ecfc0a8726a3ae2
        Validity
            Not Before: Oct 19 06:01:25 2025 GMT
            Not After : Oct 20 06:01:25 2025 GMT
        Subject: CN=692fab5563a2fb2495d51a38382c182c44a2b229
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:a4:b0:da:48:f0:1c:b8:44:5e:3d:96:8e:d1:
                    5b:a9:35:f2:e3:23:f4:77:1f:64:77:34:f9:f1:7e:
                    04:8f:94:60:7d:8c:f5:31:56:b4:67:08:56:04:5f:
                    ba:05:9a:fe:49:85:3e:d3:1d:ce:c1:12:b0:77:7e:
                    b6:e5:d7:b7:51:50:cd:a3:a0:b1:ad:b6:31:a9:19:
                    ce:0c:75:92:7d:d4:c0:7c:f6:e4:34:30:9e:8d:67:
                    8c:4b:e2:e8:84:63:8e:d3:6c:c0:12:d1:47:14:4b:
                    29:02:16:ad:d8:e5:86:05:8c:0d:c8:d5:11:1f:0f:
                    ee:d9:da:ee:7d:74:7c:28:12:b7:34:32:8e:46:9b:
                    39:99:51:ca:e4:bf:35:cc:8a:e3:7f:9f:c1:94:29:
                    d3:16:a7:69:f7:7a:d9:af:94:8a:4d:a6:0e:a5:6d:
                    3d:57:01:5a:e0:f4:0b:57:30:37:28:49:de:53:45:
                    31:8a:bf:66:96:a7:d3:8b:d8:ea:37:b4:29:f4:70:
                    65:f6:c0:c6:9e:68:28:7c:9a:85:d5:3c:16:d9:d7:
                    9d:b1:f6:58:84:1d:3a:6d:05:e0:74:fa:24:90:24:
                    6d:d4:7a:a7:04:8b:e4:8d:13:1f:f2:03:0f:b8:0e:
                    ad:65:33:b3:a0:29:55:92:8a:0c:43:77:d2:91:01:
                    80:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:2F:AB:55:63:A2:FB:24:95:D5:1A:38:38:2C:18:2C:44:A2:B2:29
            X509v3 Authority Key Identifier:
                keyid:F6:1D:2B:EE:E7:54:3A:41:A9:08:A1:A0:1E:CF:C0:A8:72:6A:3A:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:89:25:e5:b5:26:07:ce:72:3d:42:0c:86:19:1c:9a:9d:ad:
         91:23:83:f7:4b:0b:9f:a9:7e:33:a3:70:f1:8f:be:21:d4:ff:
         e2:6c:4c:21:e4:70:d9:8e:35:b7:29:15:8b:5c:84:1c:31:7f:
         31:dc:ae:3a:86:69:a6:54:9a:42:54:62:7a:1f:f3:a0:60:76:
         7f:11:33:62:c0:fd:87:ee:07:74:dd:88:a0:2e:bd:9a:f4:5f:
         8d:75:3a:35:c6:7c:6c:69:86:07:57:be:de:94:de:7e:5f:8d:
         da:26:cf:12:91:03:61:41:3d:27:c5:57:cc:f8:3e:b5:13:e3:
         6e:22:98:6c:04:a2:d0:3b:a2:a5:ec:3c:1b:b0:4b:f3:31:bb:
         16:c3:8a:8b:1e:9a:60:16:e2:70:6f:33:4d:57:dd:25:d6:08:
         df:72:d4:a6:a5:0e:6d:8e:16:71:7f:5a:d1:9d:07:30:07:83:
         a5:a7:5f:2a:94:e4:c7:4a:0c:86:d2:fa:94:67:fc:72:5a:96:
         a8:89:5f:9e:fc:44:49:39:8a:9e:a1:3c:71:2d:63:54:8a:bb:
         c5:3f:02:5f:3d:c2:d9:f5:86:9e:2e:01:36:22:c0:e5:4f:be:
         81:53:83:a3:42:1f:21:38:62:2a:02:2a:41:10:07:59:1c:42:
         5d:9b:f5:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7DvV79u4nTAtTpqQOFXv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MWQyYmVlZTc1NDNhNDFhOTA4YTFhMDFlY2ZjMGE4NzI2
YTNhZTIwHhcNMjUxMDE5MDYwMTI1WhcNMjUxMDIwMDYwMTI1WjAzMTEwLwYDVQQD
Eyg2OTJmYWI1NTYzYTJmYjI0OTVkNTFhMzgzODJjMTgyYzQ0YTJiMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KSw2kjwHLhEXj2WjtFbqTXy4yP0
dx9kdzT58X4Ej5RgfYz1MVa0ZwhWBF+6BZr+SYU+0x3OwRKwd3625de3UVDNo6Cx
rbYxqRnODHWSfdTAfPbkNDCejWeMS+LohGOO02zAEtFHFEspAhat2OWGBYwNyNUR
Hw/u2drufXR8KBK3NDKORps5mVHK5L81zIrjf5/BlCnTFqdp93rZr5SKTaYOpW09
VwFa4PQLVzA3KEneU0Uxir9mlqfTi9jqN7Qp9HBl9sDGnmgofJqF1TwW2dedsfZY
hB06bQXgdPokkCRt1HqnBIvkjRMf8gMPuA6tZTOzoClVkooMQ3fSkQGAsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkvq1VjovskldUaODgsGCxEorIpMB8GA1UdIwQY
MBaAFPYdK+7nVDpBqQihoB7PwKhyajriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xZWRmMTAtZDNkZi00MGY1LWI0YTMt
YTczMWU5ZTFlNTMzLzEvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xZWRmMTAtZDNkZi00MGY1LWI0YTMtYTczMWU5ZTFlNTMz
LzEvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHokl5bUm
B85yPUIMhhkcmp2tkSOD90sLn6l+M6Nw8Y++IdT/4mxMIeRw2Y41tykVi1yEHDF/
MdyuOoZpplSaQlRieh/zoGB2fxEzYsD9h+4HdN2IoC69mvRfjXU6NcZ8bGmGB1e+
3pTefl+N2ibPEpEDYUE9J8VXzPg+tRPjbiKYbASi0Duipew8G7BL8zG7FsOKix6a
YBbicG8zTVfdJdYI33LUpqUObY4WcX9a0Z0HMAeDpadfKpTkx0oMhtL6lGf8clqW
qIlfnvxESTmKnqE8cS1jVIq7xT8CXz3C2fWGni4BNiLA5U++gVODo0IfIThiKgIq
QRAHWRxCXZv1Zg==
-----END CERTIFICATE-----