Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.mft
File:                     IMnySVGbH_R5NQ8xclT0Bei_yr0.mft (raw, json)
Hash identifier:          9Av73aY8nnYo52pm2WH8tJwhTUtiVVRQU1iHGNQ9iE4=
Subject key identifier:   C6:40:62:A9:A8:28:8B:E7:14:C6:64:7B:36:21:A7:54:0F:BB:1D:02
Authority key identifier: 20:C9:F2:49:51:9B:1F:F4:79:35:0F:31:72:54:F4:05:E8:BF:CA:BD
Certificate issuer:       /CN=20c9f249519b1ff479350f317254f405e8bfcabd
Certificate serial:       0199FAD81E005768A10C024D6EB635F70E45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IMnySVGbH_R5NQ8xclT0Bei_yr0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.mft
Manifest number:          10D7
Signing time:             Sun 19 Oct 2025 05:01:31 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:31 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:31 +0000
Files and hashes:         1: IMnySVGbH_R5NQ8xclT0Bei_yr0.crl (hash: Rs+UzRtjdpmEize2vHQv3FMw7bdj+S6YeC7RQhkOqis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IMnySVGbH_R5NQ8xclT0Bei_yr0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:1e:00:57:68:a1:0c:02:4d:6e:b6:35:f7:0e:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20c9f249519b1ff479350f317254f405e8bfcabd
        Validity
            Not Before: Oct 19 05:01:31 2025 GMT
            Not After : Oct 20 05:01:31 2025 GMT
        Subject: CN=c64062a9a8288be714c6647b3621a7540fbb1d02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:05:40:e4:16:b2:e0:39:f6:05:a8:a1:be:e2:
                    6f:74:01:6f:38:ba:0c:65:b5:71:cc:3f:f4:1f:36:
                    b9:0b:df:51:3f:98:27:0e:09:61:7f:ad:5b:fd:d9:
                    8f:c1:e5:bd:c1:35:27:3d:50:bb:8f:2e:f7:86:a5:
                    e9:38:29:4e:79:bd:61:78:be:06:2f:4f:f6:f0:7e:
                    dc:3d:e1:1e:ae:88:3c:61:15:a3:88:9f:7c:51:25:
                    3c:22:51:48:d3:3c:d1:f7:19:27:fd:4d:9e:ce:18:
                    cb:30:11:62:75:b9:a0:80:38:5c:79:d8:b9:8e:8e:
                    fa:81:c0:f6:f7:2c:c4:be:74:7c:d6:c1:4e:53:11:
                    9a:1e:63:dd:b7:6c:35:d7:71:29:a5:46:6e:9b:21:
                    73:2c:fb:5d:f1:c2:b8:c0:26:16:fb:c3:81:01:cf:
                    1e:93:3c:03:30:09:ca:06:4c:da:c9:03:98:70:f6:
                    5a:cd:ed:2e:a6:1f:37:35:89:2d:af:2c:cc:34:d8:
                    c9:7a:f3:90:d7:bc:b4:09:60:ed:80:7b:7a:77:ef:
                    6f:ba:e6:59:d0:f7:dc:cd:65:29:29:79:2c:f2:a7:
                    62:fb:1d:ce:83:47:77:e4:16:5b:9e:f6:ed:88:c7:
                    9e:dc:04:2f:ec:77:da:2c:93:be:ea:c8:b6:87:e1:
                    2e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:40:62:A9:A8:28:8B:E7:14:C6:64:7B:36:21:A7:54:0F:BB:1D:02
            X509v3 Authority Key Identifier:
                keyid:20:C9:F2:49:51:9B:1F:F4:79:35:0F:31:72:54:F4:05:E8:BF:CA:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMnySVGbH_R5NQ8xclT0Bei_yr0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:cb:bc:ae:7a:6e:df:7c:72:e3:f2:fa:7a:c0:7c:38:61:84:
         67:fa:21:d0:4b:97:e1:76:60:af:9f:35:64:2d:83:f7:23:50:
         d5:9b:92:ea:f0:bd:72:2f:b6:ad:0e:27:60:de:26:97:76:6e:
         ab:3f:77:0f:35:33:0b:1c:c0:71:07:54:76:17:bd:45:69:61:
         61:d8:cc:58:de:0c:83:37:b9:5d:03:35:fd:06:23:08:72:ce:
         cf:d1:2a:c1:6a:1b:fb:5f:3e:d0:a6:5a:4b:81:02:b1:63:cd:
         4f:21:09:f7:23:dd:e3:dd:31:55:fd:e8:c4:51:f9:bd:92:59:
         5e:5d:78:8a:32:6c:23:f6:99:55:98:f2:75:78:28:ec:29:f6:
         f5:25:0f:e5:f7:b9:8b:f8:27:6f:5c:5e:52:0e:dc:a3:14:c9:
         ca:91:f6:ca:50:da:70:e9:10:5e:74:ff:23:88:a3:41:6b:ec:
         41:3a:fb:dd:e3:a9:57:d6:e8:25:68:a3:97:d0:69:ce:ce:d4:
         ce:ba:87:eb:51:86:08:4d:5a:0d:39:cc:10:be:7a:38:2e:5b:
         bb:83:1c:84:6a:78:98:13:8b:f1:25:57:18:6b:18:ee:32:b4:
         3d:fc:d6:5b:f4:cb:d3:cb:ca:33:78:33:e4:41:82:70:d4:ce:
         34:0a:d9:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62B4AV2ihDAJNbrY19w5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYzlmMjQ5NTE5YjFmZjQ3OTM1MGYzMTcyNTRmNDA1ZThi
ZmNhYmQwHhcNMjUxMDE5MDUwMTMxWhcNMjUxMDIwMDUwMTMxWjAzMTEwLwYDVQQD
EyhjNjQwNjJhOWE4Mjg4YmU3MTRjNjY0N2IzNjIxYTc1NDBmYmIxZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQVA5Bay4Dn2BaihvuJvdAFvOLoM
ZbVxzD/0Hza5C99RP5gnDglhf61b/dmPweW9wTUnPVC7jy73hqXpOClOeb1heL4G
L0/28H7cPeEerog8YRWjiJ98USU8IlFI0zzR9xkn/U2ezhjLMBFidbmggDhcedi5
jo76gcD29yzEvnR81sFOUxGaHmPdt2w113EppUZumyFzLPtd8cK4wCYW+8OBAc8e
kzwDMAnKBkzayQOYcPZaze0uph83NYktryzMNNjJevOQ17y0CWDtgHt6d+9vuuZZ
0PfczWUpKXks8qdi+x3Og0d35BZbnvbtiMee3AQv7HfaLJO+6si2h+EuEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZAYqmoKIvnFMZkezYhp1QPux0CMB8GA1UdIwQY
MBaAFCDJ8klRmx/0eTUPMXJU9AXov8q9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1ueVNWR2JIX1I1TlE4eGNsVDBCZWlfeXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zOGMyNmYtMjVhMi00YjIwLTllY2Qt
MGU2YmNlZDAwNDYzLzEvSU1ueVNWR2JIX1I1TlE4eGNsVDBCZWlfeXIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zOGMyNmYtMjVhMi00YjIwLTllY2QtMGU2YmNlZDAwNDYz
LzEvSU1ueVNWR2JIX1I1TlE4eGNsVDBCZWlfeXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL8u8rnpu
33xy4/L6esB8OGGEZ/oh0EuX4XZgr581ZC2D9yNQ1ZuS6vC9ci+2rQ4nYN4ml3Zu
qz93DzUzCxzAcQdUdhe9RWlhYdjMWN4Mgze5XQM1/QYjCHLOz9EqwWob+18+0KZa
S4ECsWPNTyEJ9yPd490xVf3oxFH5vZJZXl14ijJsI/aZVZjydXgo7Cn29SUP5fe5
i/gnb1xeUg7coxTJypH2ylDacOkQXnT/I4ijQWvsQTr73eOpV9boJWijl9Bpzs7U
zrqH61GGCE1aDTnMEL56OC5bu4MchGp4mBOL8SVXGGsY7jK0PfzWW/TL08vKM3gz
5EGCcNTONArZtA==
-----END CERTIFICATE-----