Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          8uurLlz2p3qcr/2LTRAjrA4r8BiJqkhtA0aGY/bO+xQ=
Subject key identifier:   72:32:1A:79:11:09:E8:EE:AF:A4:AF:F7:B6:20:9C:D0:6A:29:DB:E5
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       0199FFC88FCE2D5284E60F9BEA82B290D6BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          090D
Signing time:             Mon 20 Oct 2025 04:02:37 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:37 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:37 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: dUi2/+k7ijonh5/cVzyrz+bKd84wvSS5g5NSSqVSLtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:8f:ce:2d:52:84:e6:0f:9b:ea:82:b2:90:d6:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Oct 20 04:02:37 2025 GMT
            Not After : Oct 21 04:02:37 2025 GMT
        Subject: CN=72321a791109e8eeafa4aff7b6209cd06a29dbe5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:df:c8:b1:20:1e:72:95:a2:a0:c0:41:65:73:
                    2e:bb:8e:50:b7:44:69:ba:33:3f:c6:5b:57:d7:d8:
                    30:c4:d8:45:8a:26:a1:e6:95:5b:02:37:49:88:e3:
                    48:fa:30:c6:50:ba:c4:0a:05:b1:7f:d6:d2:73:76:
                    33:38:62:4a:17:bc:ab:9e:e8:bf:de:6a:3b:eb:ac:
                    a3:02:3a:29:82:40:40:04:29:9d:29:3e:1f:ae:59:
                    2a:66:bb:e5:de:55:53:84:4e:ff:29:7e:40:46:7c:
                    4a:89:42:43:03:c6:5e:70:8c:22:7f:db:f5:eb:20:
                    43:20:00:13:60:4f:f7:98:54:4c:ce:62:8e:b0:37:
                    3b:65:0c:54:5d:42:ab:a1:a9:42:46:f4:64:5b:53:
                    da:0d:ca:db:ce:b6:b7:eb:6b:bb:e5:ae:7f:b6:7b:
                    d0:17:3c:75:12:63:bf:f9:f8:c6:ff:1a:50:d0:1d:
                    29:14:3f:46:a6:11:a2:05:ba:71:31:12:71:5c:62:
                    58:37:b2:59:cb:fa:22:3d:70:a7:5f:2a:cf:25:8a:
                    30:be:70:65:2a:c9:70:0b:62:7b:1c:dd:b5:13:58:
                    f8:71:9a:0c:ee:3b:af:34:bf:ee:cc:e6:71:e1:e9:
                    c1:7e:23:65:aa:f6:72:1c:c3:bd:d0:88:d9:b4:6f:
                    3b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:32:1A:79:11:09:E8:EE:AF:A4:AF:F7:B6:20:9C:D0:6A:29:DB:E5
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:17:2b:f4:a1:70:3f:41:76:3f:4e:67:99:87:9b:30:10:8a:
         11:7f:96:f1:33:fa:95:21:f7:d1:8a:84:c5:4e:2a:20:f2:ad:
         24:39:c3:26:42:8a:ba:fe:c5:dd:bf:e0:54:fd:73:90:38:7e:
         5d:d2:0b:a8:e9:8c:c1:f5:18:97:d2:2a:42:a3:7f:c6:07:0f:
         21:44:c3:20:3f:09:c4:fb:77:fe:10:2a:40:04:20:92:9e:03:
         80:9d:e6:ef:58:e9:a2:5f:76:80:1c:6e:01:8f:21:39:e2:47:
         44:6c:18:fb:5d:c1:c8:45:34:9c:5c:b5:38:83:48:34:79:00:
         12:ce:73:97:4b:15:99:7c:22:f3:66:ce:c5:d9:c3:15:17:10:
         e1:20:7e:5c:4e:67:2b:cc:af:ef:d5:70:af:fa:7c:a3:7d:e9:
         b8:b4:ed:f0:e3:91:05:e1:b6:36:96:1d:3a:f0:23:4c:5c:20:
         58:6f:88:a7:18:df:27:42:dd:2d:b6:0d:c1:8b:80:fe:48:86:
         3f:a4:c6:48:c7:45:b9:7e:84:a6:f7:18:6c:96:8f:60:a9:22:
         fd:59:a3:ba:2c:47:6e:c4:05:33:f5:fa:92:07:50:6e:f0:0d:
         8c:9f:6c:d4:de:73:ee:f1:99:5e:5e:72:ad:64:ca:39:ed:ff:
         6b:19:d3:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yI/OLVKE5g+b6oKykNa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjUxMDIwMDQwMjM3WhcNMjUxMDIxMDQwMjM3WjAzMTEwLwYDVQQD
Eyg3MjMyMWE3OTExMDllOGVlYWZhNGFmZjdiNjIwOWNkMDZhMjlkYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt/IsSAecpWioMBBZXMuu45Qt0Rp
ujM/xltX19gwxNhFiiah5pVbAjdJiONI+jDGULrECgWxf9bSc3YzOGJKF7yrnui/
3mo766yjAjopgkBABCmdKT4frlkqZrvl3lVThE7/KX5ARnxKiUJDA8ZecIwif9v1
6yBDIAATYE/3mFRMzmKOsDc7ZQxUXUKroalCRvRkW1PaDcrbzra362u75a5/tnvQ
Fzx1EmO/+fjG/xpQ0B0pFD9GphGiBbpxMRJxXGJYN7JZy/oiPXCnXyrPJYowvnBl
KslwC2J7HN21E1j4cZoM7juvNL/uzOZx4enBfiNlqvZyHMO90IjZtG87CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIyGnkRCejur6Sv97YgnNBqKdvlMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchcr9KFw
P0F2P05nmYebMBCKEX+W8TP6lSH30YqExU4qIPKtJDnDJkKKuv7F3b/gVP1zkDh+
XdILqOmMwfUYl9IqQqN/xgcPIUTDID8JxPt3/hAqQAQgkp4DgJ3m71jpol92gBxu
AY8hOeJHRGwY+13ByEU0nFy1OININHkAEs5zl0sVmXwi82bOxdnDFRcQ4SB+XE5n
K8yv79Vwr/p8o33puLTt8OORBeG2NpYdOvAjTFwgWG+IpxjfJ0LdLbYNwYuA/kiG
P6TGSMdFuX6EpvcYbJaPYKki/VmjuixHbsQFM/X6kgdQbvANjJ9s1N5z7vGZXl5y
rWTKOe3/axnTeA==
-----END CERTIFICATE-----