Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
File:                     JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json)
Hash identifier:          k7A2yzAe6ZQiFtCh6AsEqHy3e2kTPmgOpbzd76TNDHs=
Subject key identifier:   CE:21:24:80:A8:10:AA:35:2F:86:88:77:FE:DA:36:75:26:D7:DD:82
Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9
Certificate issuer:       /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
Certificate serial:       0199FFC7E6252546997903E2F325E7EEBDEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
Manifest number:          16E2
Signing time:             Mon 20 Oct 2025 04:01:54 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:54 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:54 +0000
Files and hashes:         1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: fX5BmR9ZOcFA+JpifoxT2vyKX2FYElEfVlR4B7zo3Ms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:e6:25:25:46:99:79:03:e2:f3:25:e7:ee:bd:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
        Validity
            Not Before: Oct 20 04:01:54 2025 GMT
            Not After : Oct 21 04:01:54 2025 GMT
        Subject: CN=ce212480a810aa352f868877feda367526d7dd82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d3:41:f4:98:35:0f:39:af:29:2e:f6:ca:94:
                    0b:29:dc:f1:17:83:50:03:d7:d9:6d:a5:c5:29:7c:
                    9b:c4:fa:52:4f:19:f7:eb:9b:bf:9b:3b:ed:94:be:
                    40:a7:87:e7:28:99:4b:bc:fb:7a:e0:1a:15:2b:c8:
                    70:e1:f7:a3:e1:08:23:cc:e7:04:3f:7a:33:2f:ae:
                    66:34:f5:dc:85:98:f7:f1:0f:73:db:27:b3:e0:bd:
                    d8:a3:36:db:a3:75:69:b4:7a:84:6e:41:1e:35:27:
                    58:b1:43:ad:93:bc:82:14:0c:cb:e1:d1:df:e2:1c:
                    fc:7e:e5:3f:85:ac:f4:7f:66:bf:cd:58:b6:4b:fe:
                    d9:ef:dc:d5:d4:cc:49:b4:83:c0:d0:8c:80:80:03:
                    0c:71:6c:85:c6:8b:b2:20:f3:b0:19:6e:c8:ab:1c:
                    18:25:ca:93:7d:1e:4c:aa:02:97:5a:c7:43:d9:ca:
                    2c:8d:44:c0:66:ea:79:d5:de:df:18:50:d1:b1:e9:
                    36:2c:ca:a1:b4:30:a8:4e:1a:f4:64:c0:eb:be:31:
                    7b:94:19:01:4f:f6:6f:99:8d:44:fa:1a:5e:6a:aa:
                    f4:b5:5e:4d:f1:c3:dd:b0:b8:3c:a6:f7:7b:52:15:
                    3a:e9:fd:c7:94:69:ca:f4:3b:0a:72:96:4c:4b:27:
                    41:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:21:24:80:A8:10:AA:35:2F:86:88:77:FE:DA:36:75:26:D7:DD:82
            X509v3 Authority Key Identifier:
                keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:03:bb:c6:e4:bd:18:9f:05:5b:7b:3f:d8:b5:6e:54:28:1a:
         5c:5e:a7:dd:4d:3f:07:fa:ec:f5:3b:a4:1d:f5:4f:42:5b:cf:
         44:6b:de:4a:3d:b4:61:ad:95:54:a6:da:20:8e:d7:99:be:a4:
         38:58:16:8b:55:a2:60:25:3f:76:b3:51:5b:af:3c:e3:f2:58:
         9c:49:cf:d4:f1:c6:cf:a9:85:16:3c:04:4f:65:8d:e7:e7:13:
         90:5d:7a:48:29:8b:bc:e7:2c:47:6d:94:1f:48:4e:21:77:8a:
         d5:33:ac:52:16:b5:56:80:1f:b1:f4:53:ba:b1:7a:75:3f:35:
         df:11:13:6f:b5:d9:2c:15:85:20:af:e1:c9:16:43:c5:bb:db:
         3a:b5:58:32:cd:86:7e:78:43:3a:97:61:81:e0:17:4e:05:9a:
         cf:fc:a6:91:22:04:96:57:3f:21:b4:91:46:0a:78:a4:d8:80:
         e3:88:c2:ef:94:dc:a6:09:91:56:83:ed:10:c6:d7:b0:3c:f5:
         c6:7d:18:02:f6:4b:45:38:1c:fe:64:20:d4:6d:64:a2:77:c7:
         77:4b:7c:ab:24:e9:02:79:02:9f:18:bf:3b:57:aa:8c:a7:ed:
         d5:64:ac:1a:76:50:f9:e0:d6:ba:ec:7a:b9:5e:0f:7f:1b:82:
         7b:9f:7c:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x+YlJUaZeQPi8yXn7r3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4
MmFmYjkwHhcNMjUxMDIwMDQwMTU0WhcNMjUxMDIxMDQwMTU0WjAzMTEwLwYDVQQD
EyhjZTIxMjQ4MGE4MTBhYTM1MmY4Njg4NzdmZWRhMzY3NTI2ZDdkZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNNB9Jg1DzmvKS72ypQLKdzxF4NQ
A9fZbaXFKXybxPpSTxn365u/mzvtlL5Ap4fnKJlLvPt64BoVK8hw4fej4QgjzOcE
P3ozL65mNPXchZj38Q9z2yez4L3Yozbbo3VptHqEbkEeNSdYsUOtk7yCFAzL4dHf
4hz8fuU/haz0f2a/zVi2S/7Z79zV1MxJtIPA0IyAgAMMcWyFxouyIPOwGW7IqxwY
JcqTfR5MqgKXWsdD2cosjUTAZup51d7fGFDRsek2LMqhtDCoThr0ZMDrvjF7lBkB
T/ZvmY1E+hpeaqr0tV5N8cPdsLg8pvd7UhU66f3HlGnK9DsKcpZMSydByQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4hJICoEKo1L4aId/7aNnUm192CMB8GA1UdIwQY
MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt
YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm
LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzAO7xuS9
GJ8FW3s/2LVuVCgaXF6n3U0/B/rs9TukHfVPQlvPRGveSj20Ya2VVKbaII7Xmb6k
OFgWi1WiYCU/drNRW6884/JYnEnP1PHGz6mFFjwET2WN5+cTkF16SCmLvOcsR22U
H0hOIXeK1TOsUha1VoAfsfRTurF6dT813xETb7XZLBWFIK/hyRZDxbvbOrVYMs2G
fnhDOpdhgeAXTgWaz/ymkSIEllc/IbSRRgp4pNiA44jC75TcpgmRVoPtEMbXsDz1
xn0YAvZLRTgc/mQg1G1konfHd0t8qyTpAnkCnxi/O1eqjKft1WSsGnZQ+eDWuux6
uV4PfxuCe598fQ==
-----END CERTIFICATE-----