Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
File:                     gXNntPK_jrMfbhYk7Vbtq6nwITs.mft (raw, json)
Hash identifier:          dcFJ00/cVxlUPviUFVUmtxmqT0+6PCFUmhOrZqKXpHY=
Subject key identifier:   8B:98:15:7D:68:E3:0E:AB:84:16:35:D1:8C:D1:CD:39:18:B4:AD:1D
Authority key identifier: 81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B
Certificate issuer:       /CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
Certificate serial:       0199FE477B20E234817E42372497C3ABC910
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
Manifest number:          0DFE
Signing time:             Sun 19 Oct 2025 21:02:01 +0000
Manifest this update:     Sun 19 Oct 2025 21:02:01 +0000
Manifest next update:     Mon 20 Oct 2025 21:02:01 +0000
Files and hashes:         1: gXNntPK_jrMfbhYk7Vbtq6nwITs.crl (hash: oEAxtWM32fumTQLUMapEjiIlxccGx0KhTv+P3zodX5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:7b:20:e2:34:81:7e:42:37:24:97:c3:ab:c9:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
        Validity
            Not Before: Oct 19 21:02:01 2025 GMT
            Not After : Oct 20 21:02:01 2025 GMT
        Subject: CN=8b98157d68e30eab841635d18cd1cd3918b4ad1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c1:61:a3:cd:68:58:e5:ee:a5:0b:80:c6:8b:
                    32:a5:d3:f3:d8:5c:64:0b:5a:f2:a9:b5:fa:78:03:
                    53:74:58:e6:e8:c5:58:fd:63:07:85:cf:c6:45:a8:
                    98:6a:da:d5:84:3d:7f:bc:3a:93:7f:b9:80:36:0a:
                    c4:fd:59:c8:cf:b6:a6:e1:db:eb:26:c0:b0:0d:9f:
                    39:c3:d1:cc:44:6a:53:c6:45:6b:73:94:b9:dd:1a:
                    db:84:e2:b4:b5:39:88:8a:67:63:29:36:15:76:c9:
                    da:28:66:f4:40:cb:f7:ce:81:b2:e4:c5:53:f5:6e:
                    bc:80:57:89:26:5c:0c:2a:85:63:56:c8:e9:7a:53:
                    79:b7:aa:a2:bf:b0:75:24:9e:bf:61:c4:18:0d:8f:
                    b1:51:c3:88:06:f0:57:c4:cb:af:88:64:48:f2:ad:
                    42:e1:19:80:04:fb:1c:85:c8:d6:ab:c2:64:db:dc:
                    8f:d9:86:4b:4e:2f:09:12:11:24:11:b2:04:0c:22:
                    6a:36:65:dd:19:d7:30:6c:7f:e2:a0:7b:8d:38:2f:
                    2a:ff:e9:09:87:47:52:7f:07:12:b0:d9:0a:a8:27:
                    5c:e2:55:8a:93:9c:34:89:9d:4f:af:ad:7b:1a:9d:
                    c9:1f:62:82:c8:07:9d:66:32:d7:fc:3a:03:e8:10:
                    c4:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:98:15:7D:68:E3:0E:AB:84:16:35:D1:8C:D1:CD:39:18:B4:AD:1D
            X509v3 Authority Key Identifier:
                keyid:81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:50:e0:e8:bc:ed:7f:d7:35:93:fc:a9:d6:bb:7f:9c:7d:ae:
         b0:d9:6c:55:a8:8f:07:ae:39:23:44:4b:b6:b2:d2:9d:67:0b:
         be:87:7c:68:6f:13:95:e3:b2:79:df:8c:b2:95:73:6e:ad:02:
         d3:15:05:89:6d:0b:4a:ac:11:3d:30:1e:75:2d:f9:8c:0f:16:
         90:dc:ad:c3:e3:41:90:dd:49:60:49:20:78:8c:de:5d:33:c0:
         ac:b6:f9:32:a2:55:1f:c2:d6:d9:fd:45:fe:29:b2:96:52:42:
         d8:0a:41:04:6e:fb:40:96:41:4e:d2:d6:8c:94:c4:d3:58:a6:
         9c:0b:4c:0e:49:f5:14:ff:1f:65:e2:d2:d3:24:e8:f1:a1:cd:
         9c:d4:6c:35:18:0f:9a:b6:55:88:a4:f0:3a:1d:bc:56:22:da:
         13:61:7e:9d:f0:51:8d:87:de:ee:85:81:28:ce:5d:b4:d1:fa:
         70:0d:ca:99:af:5e:09:27:35:af:f1:c6:a1:1f:a1:3e:19:f5:
         4c:ed:28:04:cf:17:28:0d:d9:c3:8e:f9:75:76:03:b5:b8:aa:
         e2:0a:3a:de:93:43:90:08:11:ea:98:3a:8d:a5:a0:26:42:b3:
         ce:89:4b:08:b0:62:a0:3f:24:e9:fb:a5:31:aa:11:d2:52:aa:
         ed:e3:7d:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+R3sg4jSBfkI3JJfDq8kQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzM2N2I0ZjJiZjhlYjMxZjZlMTYyNGVkNTZlZGFiYTlm
MDIxM2IwHhcNMjUxMDE5MjEwMjAxWhcNMjUxMDIwMjEwMjAxWjAzMTEwLwYDVQQD
Eyg4Yjk4MTU3ZDY4ZTMwZWFiODQxNjM1ZDE4Y2QxY2QzOTE4YjRhZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MFho81oWOXupQuAxosypdPz2Fxk
C1ryqbX6eANTdFjm6MVY/WMHhc/GRaiYatrVhD1/vDqTf7mANgrE/VnIz7am4dvr
JsCwDZ85w9HMRGpTxkVrc5S53RrbhOK0tTmIimdjKTYVdsnaKGb0QMv3zoGy5MVT
9W68gFeJJlwMKoVjVsjpelN5t6qiv7B1JJ6/YcQYDY+xUcOIBvBXxMuviGRI8q1C
4RmABPschcjWq8Jk29yP2YZLTi8JEhEkEbIEDCJqNmXdGdcwbH/ioHuNOC8q/+kJ
h0dSfwcSsNkKqCdc4lWKk5w0iZ1Pr617Gp3JH2KCyAedZjLX/DoD6BDEfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIuYFX1o4w6rhBY10YzRzTkYtK0dMB8GA1UdIwQY
MBaAFIFzZ7Tyv46zH24WJO1W7aup8CE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2Et
NTU1MTMwYTU3MDQxLzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2EtNTU1MTMwYTU3MDQx
LzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI1Dg6Lzt
f9c1k/yp1rt/nH2usNlsVaiPB645I0RLtrLSnWcLvod8aG8TleOyed+MspVzbq0C
0xUFiW0LSqwRPTAedS35jA8WkNytw+NBkN1JYEkgeIzeXTPArLb5MqJVH8LW2f1F
/imyllJC2ApBBG77QJZBTtLWjJTE01imnAtMDkn1FP8fZeLS0yTo8aHNnNRsNRgP
mrZViKTwOh28ViLaE2F+nfBRjYfe7oWBKM5dtNH6cA3Kma9eCSc1r/HGoR+hPhn1
TO0oBM8XKA3Zw475dXYDtbiq4go63pNDkAgR6pg6jaWgJkKzzolLCLBioD8k6ful
MaoR0lKq7eN9IQ==
-----END CERTIFICATE-----