Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
File:                     JCsEwxmbHrlpPUMg9702HtYXBTA.mft (raw, json)
Hash identifier:          RS2yWe1/SKL1ODEcLYWFI1aCcKJ7uqibshOXB9C89t0=
Subject key identifier:   27:4E:C5:8E:19:BF:76:89:56:9D:88:B3:00:61:7D:EF:E0:CA:8B:7C
Authority key identifier: 24:2B:04:C3:19:9B:1E:B9:69:3D:43:20:F7:BD:36:1E:D6:17:05:30
Certificate issuer:       /CN=242b04c3199b1eb9693d4320f7bd361ed6170530
Certificate serial:       0199FBEB28CCFAE0BEF2021FCEF1762123E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:01:56 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:56 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:56 +0000
Files and hashes:         1: JCsEwxmbHrlpPUMg9702HtYXBTA.crl (hash: W3WDzAfRA6WVIMO1jwJfCSKsy+WIUgJYvkCUtpZLLqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:28:cc:fa:e0:be:f2:02:1f:ce:f1:76:21:23:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=242b04c3199b1eb9693d4320f7bd361ed6170530
        Validity
            Not Before: Oct 19 10:01:56 2025 GMT
            Not After : Oct 20 10:01:56 2025 GMT
        Subject: CN=274ec58e19bf7689569d88b300617defe0ca8b7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:90:4f:bc:b9:10:fb:f1:b9:40:aa:ec:65:91:
                    d2:ad:5e:47:c4:61:4d:c1:f2:c7:98:53:06:f6:7f:
                    9f:ab:a0:78:c9:b6:6e:5d:df:d8:9f:27:77:38:86:
                    f5:22:01:e8:48:60:9b:f4:a1:3a:0c:32:98:a7:08:
                    d5:64:da:c2:a2:79:fe:3e:ce:c8:6b:52:8e:1f:b1:
                    af:3a:e7:78:b2:b4:4e:4f:07:d7:a3:66:09:ed:b7:
                    44:6a:22:0a:d6:d9:c5:09:be:d3:8f:4d:72:ab:3c:
                    98:d0:ca:bc:04:da:ad:ae:d2:69:1b:94:5b:89:0d:
                    31:1f:74:26:72:96:6b:ab:a0:2c:21:08:78:03:ff:
                    72:d4:a3:31:42:f1:72:bb:fe:5b:d2:30:ca:55:f5:
                    0e:a2:69:dd:9e:1e:c9:31:28:6a:4e:b6:f9:c9:56:
                    8f:85:97:01:53:4a:f7:ce:d8:9e:6f:db:aa:db:17:
                    74:63:ed:e2:f0:2c:fb:4b:c1:d5:5d:59:5e:2b:29:
                    61:02:4c:1e:65:ed:88:a2:ad:8e:da:96:73:28:87:
                    17:81:85:f2:f9:d8:3e:aa:db:22:e1:4f:8e:69:b5:
                    f9:55:39:a0:01:10:60:91:59:15:e4:90:b7:b4:00:
                    44:b1:f9:96:8a:35:0a:43:84:f2:d9:6f:47:01:0f:
                    4c:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:4E:C5:8E:19:BF:76:89:56:9D:88:B3:00:61:7D:EF:E0:CA:8B:7C
            X509v3 Authority Key Identifier:
                keyid:24:2B:04:C3:19:9B:1E:B9:69:3D:43:20:F7:BD:36:1E:D6:17:05:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:b7:f8:6f:26:ef:d7:3e:55:b0:0d:89:e0:bb:32:7a:fb:7c:
         a7:a2:82:5d:86:a0:69:86:82:6a:86:7b:a7:bd:de:c4:d5:63:
         71:8c:bb:6e:40:17:86:f8:87:ec:5c:42:5d:7d:de:28:1e:35:
         0d:0a:a2:87:bd:a4:4f:fb:3b:34:f5:72:d6:f7:99:00:7f:7a:
         fe:13:b1:86:6b:7f:b1:c4:e7:5a:46:9a:cc:4e:e9:19:41:33:
         c5:1e:b4:78:78:4d:2b:84:2a:9a:92:55:58:48:a7:c0:83:2c:
         2e:e4:94:72:e4:ee:b0:d8:7f:ef:8f:ba:3c:70:03:32:a9:b4:
         68:52:97:71:a5:c3:0d:c1:cd:a3:d4:ed:4a:1a:66:b4:4c:ce:
         e0:2f:63:ff:11:18:7e:de:ce:c5:10:cd:b1:cf:6e:ae:dd:99:
         fb:8a:4c:7e:05:9e:75:d7:4a:d1:54:e9:4d:34:57:54:96:a5:
         82:1b:bb:23:69:95:34:cb:2d:54:85:74:e5:5e:2d:cd:90:36:
         f2:60:24:a1:75:99:26:69:2f:48:4d:d9:c0:98:14:31:f6:ca:
         b6:53:60:9f:18:b7:f9:c1:f4:6c:ef:e8:2d:46:5c:1c:57:77:
         9a:17:2b:76:e6:32:86:a2:2c:46:2e:ea:34:5e:93:d9:d1:01:
         2c:b3:91:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76yjM+uC+8gIfzvF2ISPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MmIwNGMzMTk5YjFlYjk2OTNkNDMyMGY3YmQzNjFlZDYx
NzA1MzAwHhcNMjUxMDE5MTAwMTU2WhcNMjUxMDIwMTAwMTU2WjAzMTEwLwYDVQQD
EygyNzRlYzU4ZTE5YmY3Njg5NTY5ZDg4YjMwMDYxN2RlZmUwY2E4YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJBPvLkQ+/G5QKrsZZHSrV5HxGFN
wfLHmFMG9n+fq6B4ybZuXd/Ynyd3OIb1IgHoSGCb9KE6DDKYpwjVZNrConn+Ps7I
a1KOH7GvOud4srROTwfXo2YJ7bdEaiIK1tnFCb7Tj01yqzyY0Mq8BNqtrtJpG5Rb
iQ0xH3QmcpZrq6AsIQh4A/9y1KMxQvFyu/5b0jDKVfUOomndnh7JMShqTrb5yVaP
hZcBU0r3ztieb9uq2xd0Y+3i8Cz7S8HVXVleKylhAkweZe2Ioq2O2pZzKIcXgYXy
+dg+qtsi4U+OabX5VTmgARBgkVkV5JC3tABEsfmWijUKQ4Ty2W9HAQ9MpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdOxY4Zv3aJVp2IswBhfe/gyot8MB8GA1UdIwQY
MBaAFCQrBMMZmx65aT1DIPe9Nh7WFwUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8wYzAyYzAtNTY5Yy00NWVhLWIwNWIt
NjZiNjdlMjFhODJiLzEvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8wYzAyYzAtNTY5Yy00NWVhLWIwNWItNjZiNjdlMjFhODJi
LzEvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHLf4bybv
1z5VsA2J4Lsyevt8p6KCXYagaYaCaoZ7p73exNVjcYy7bkAXhviH7FxCXX3eKB41
DQqih72kT/s7NPVy1veZAH96/hOxhmt/scTnWkaazE7pGUEzxR60eHhNK4QqmpJV
WEinwIMsLuSUcuTusNh/74+6PHADMqm0aFKXcaXDDcHNo9TtShpmtEzO4C9j/xEY
ft7OxRDNsc9urt2Z+4pMfgWedddK0VTpTTRXVJalghu7I2mVNMstVIV05V4tzZA2
8mAkoXWZJmkvSE3ZwJgUMfbKtlNgnxi3+cH0bO/oLUZcHFd3mhcrduYyhqIsRi7q
NF6T2dEBLLORBg==
-----END CERTIFICATE-----