Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft
File:                     ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft (raw, json)
Hash identifier:          pBwsnBStsqXrTmu02Obg2h1mRZeW+kI9917vBaZJ7Ho=
Subject key identifier:   66:39:74:B3:73:A0:0B:D9:02:AA:97:27:72:81:0C:1E:3C:6E:F4:FD
Authority key identifier: 01:14:63:FF:99:C2:4C:09:37:A4:06:5D:1F:CC:FE:B9:08:FC:3A:D2
Certificate issuer:       /CN=011463ff99c24c0937a4065d1fccfeb908fc3ad2
Certificate serial:       0199FBEC248C448F00614ADB92E456E0D176
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ARRj_5nCTAk3pAZdH8z-uQj8OtI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft
Manifest number:          1319
Signing time:             Sun 19 Oct 2025 10:03:00 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:00 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:00 +0000
Files and hashes:         1: ARRj_5nCTAk3pAZdH8z-uQj8OtI.crl (hash: GnkTuvCELbaySQ9IO3SyTvEZ1lDfQ2X4BKp8tw7txJY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ARRj_5nCTAk3pAZdH8z-uQj8OtI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:03:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:24:8c:44:8f:00:61:4a:db:92:e4:56:e0:d1:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=011463ff99c24c0937a4065d1fccfeb908fc3ad2
        Validity
            Not Before: Oct 19 10:03:00 2025 GMT
            Not After : Oct 20 10:03:00 2025 GMT
        Subject: CN=663974b373a00bd902aa972772810c1e3c6ef4fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3b:07:d0:af:e6:86:f7:03:db:0c:9b:ff:39:
                    3d:52:28:4d:ef:16:df:24:39:62:2f:67:61:24:38:
                    9a:5a:03:b7:31:74:56:f1:48:fc:7c:10:23:bf:4b:
                    d1:1b:e1:a5:53:03:ba:88:f5:22:61:41:ff:f2:a4:
                    06:4e:f7:bf:f4:ea:2f:82:8a:c9:1f:0f:42:50:7e:
                    83:59:6b:83:88:36:3a:4b:80:6b:0f:d1:54:dc:bb:
                    46:44:a3:ad:54:be:77:ba:90:f5:b6:fc:55:72:f5:
                    9b:e7:5c:59:a8:5b:8f:8c:f7:c2:c2:ca:54:28:c9:
                    46:f0:97:42:c6:aa:75:a5:4a:58:ae:88:10:c5:30:
                    1e:59:71:a6:57:87:28:c8:ae:95:e1:58:5c:84:f8:
                    c6:00:f1:80:1c:00:9a:0d:a1:03:f2:b3:10:7b:49:
                    71:ff:8f:77:03:4f:43:3c:7b:23:8f:f6:29:44:d7:
                    9c:f0:b5:7d:d2:fc:4d:19:20:98:17:ee:3d:df:0d:
                    bf:c5:ff:2e:b2:f1:48:b3:23:c4:93:3b:86:67:59:
                    77:d2:1e:a5:18:ea:b3:d7:d6:1b:fc:38:8f:7b:5c:
                    40:1f:22:e8:f4:04:f4:e6:10:6b:d4:d9:b4:27:f5:
                    63:e6:46:26:5e:fe:0b:b1:ca:88:50:b6:b6:ba:19:
                    71:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:39:74:B3:73:A0:0B:D9:02:AA:97:27:72:81:0C:1E:3C:6E:F4:FD
            X509v3 Authority Key Identifier:
                keyid:01:14:63:FF:99:C2:4C:09:37:A4:06:5D:1F:CC:FE:B9:08:FC:3A:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ARRj_5nCTAk3pAZdH8z-uQj8OtI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:0c:9e:81:86:c1:58:7b:9d:d9:4d:68:65:3c:1b:64:df:7e:
         62:cf:76:f2:16:74:5d:52:e4:c0:3d:56:fa:a2:e6:de:02:aa:
         1e:bd:1e:aa:e6:36:60:c1:f5:ee:1c:b0:58:2b:ec:d5:d6:a9:
         d6:24:6f:13:44:7d:db:1d:fa:64:09:4d:95:29:88:88:31:6f:
         13:40:f0:87:25:03:04:c9:6f:31:fc:31:00:ba:11:4d:89:01:
         b6:b9:65:f8:ba:70:3d:5b:bc:35:64:10:fc:bb:ab:36:69:85:
         d2:08:e5:51:df:4a:e5:ed:8e:e9:56:31:7f:50:c0:3d:0f:fd:
         e6:b1:11:50:7a:3f:f1:a5:80:98:57:a1:2d:60:f0:80:bb:22:
         28:9c:76:d9:5b:43:94:0a:58:f8:b6:fd:90:32:0f:94:3b:99:
         03:44:32:7b:a0:aa:da:73:45:eb:10:f3:cd:d0:56:d1:58:ac:
         41:4c:83:a3:13:ea:89:52:59:24:e5:2a:cf:c3:fa:10:61:a0:
         0b:50:b6:fa:14:79:ea:62:80:a6:82:81:c1:f7:c9:19:1d:92:
         76:5f:5b:74:c2:4d:27:85:c6:0c:07:a2:62:5c:5e:16:ca:00:
         bd:be:4d:c1:d6:93:e9:ac:61:92:b4:74:19:63:ca:58:a0:35:
         27:14:14:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77CSMRI8AYUrbkuRW4NF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMTQ2M2ZmOTljMjRjMDkzN2E0MDY1ZDFmY2NmZWI5MDhm
YzNhZDIwHhcNMjUxMDE5MTAwMzAwWhcNMjUxMDIwMTAwMzAwWjAzMTEwLwYDVQQD
Eyg2NjM5NzRiMzczYTAwYmQ5MDJhYTk3Mjc3MjgxMGMxZTNjNmVmNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTsH0K/mhvcD2wyb/zk9UihN7xbf
JDliL2dhJDiaWgO3MXRW8Uj8fBAjv0vRG+GlUwO6iPUiYUH/8qQGTve/9OovgorJ
Hw9CUH6DWWuDiDY6S4BrD9FU3LtGRKOtVL53upD1tvxVcvWb51xZqFuPjPfCwspU
KMlG8JdCxqp1pUpYrogQxTAeWXGmV4coyK6V4VhchPjGAPGAHACaDaED8rMQe0lx
/493A09DPHsjj/YpRNec8LV90vxNGSCYF+493w2/xf8usvFIsyPEkzuGZ1l30h6l
GOqz19Yb/DiPe1xAHyLo9AT05hBr1Nm0J/Vj5kYmXv4LscqIULa2uhlxdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGY5dLNzoAvZAqqXJ3KBDB48bvT9MB8GA1UdIwQY
MBaAFAEUY/+ZwkwJN6QGXR/M/rkI/DrSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVJSal81bkNUQWszcEFaZEg4ei11UWo4T3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yNDAwMjQtZjQzMy00MjQxLWI0MGQt
ZDFlODRjZmE0NzhmLzEvQVJSal81bkNUQWszcEFaZEg4ei11UWo4T3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yNDAwMjQtZjQzMy00MjQxLWI0MGQtZDFlODRjZmE0Nzhm
LzEvQVJSal81bkNUQWszcEFaZEg4ei11UWo4T3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWwyegYbB
WHud2U1oZTwbZN9+Ys928hZ0XVLkwD1W+qLm3gKqHr0equY2YMH17hywWCvs1dap
1iRvE0R92x36ZAlNlSmIiDFvE0DwhyUDBMlvMfwxALoRTYkBtrll+LpwPVu8NWQQ
/LurNmmF0gjlUd9K5e2O6VYxf1DAPQ/95rERUHo/8aWAmFehLWDwgLsiKJx22VtD
lApY+Lb9kDIPlDuZA0Qye6Cq2nNF6xDzzdBW0VisQUyDoxPqiVJZJOUqz8P6EGGg
C1C2+hR56mKApoKBwffJGR2Sdl9bdMJNJ4XGDAeiYlxeFsoAvb5NwdaT6axhkrR0
GWPKWKA1JxQUgQ==
-----END CERTIFICATE-----