Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft
File:                     j07qcuRTHJKm4A708ZGmEn6VbS0.mft (raw, json)
Hash identifier:          2aDx+9ffVFHIaRRUqiQyfrwJvSRITLgc7V4HRUwwfDo=
Subject key identifier:   CB:F6:B6:C5:86:D0:D3:E2:88:7B:EB:85:F7:A0:4E:05:7F:95:0E:CC
Authority key identifier: 8F:4E:EA:72:E4:53:1C:92:A6:E0:0E:F4:F1:91:A6:12:7E:95:6D:2D
Certificate issuer:       /CN=8f4eea72e4531c92a6e00ef4f191a6127e956d2d
Certificate serial:       0199FDD9CDFBC42F1A9271FFCC711C8F60AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j07qcuRTHJKm4A708ZGmEn6VbS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft
Manifest number:          0B9A
Signing time:             Sun 19 Oct 2025 19:02:13 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:13 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:13 +0000
Files and hashes:         1: j07qcuRTHJKm4A708ZGmEn6VbS0.crl (hash: qt6cgD+bLOokySltKug1qUkfTLOSvD6NIA5ct3PIlWM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j07qcuRTHJKm4A708ZGmEn6VbS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:cd:fb:c4:2f:1a:92:71:ff:cc:71:1c:8f:60:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f4eea72e4531c92a6e00ef4f191a6127e956d2d
        Validity
            Not Before: Oct 19 19:02:13 2025 GMT
            Not After : Oct 20 19:02:13 2025 GMT
        Subject: CN=cbf6b6c586d0d3e2887beb85f7a04e057f950ecc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:16:a5:40:f5:e4:4e:2f:f2:78:ee:68:c7:38:
                    ad:e9:41:ca:8d:7f:ce:a7:e1:83:9c:ad:35:e1:47:
                    bf:44:a7:71:34:9f:84:a1:aa:26:15:5f:95:71:e5:
                    d3:0c:1f:c4:91:f5:32:00:e2:6e:f0:64:66:7f:38:
                    ed:56:94:aa:c3:85:c3:4b:0c:7c:98:f2:04:e1:65:
                    0d:ea:7a:c9:48:fd:e0:26:ab:ce:7a:41:b7:e9:e5:
                    df:54:ba:80:53:84:d7:9f:92:6e:45:eb:d5:a5:38:
                    79:2f:24:82:3a:31:51:7f:ee:eb:3f:78:11:47:89:
                    60:bd:c3:c1:2a:b7:d0:b7:f9:e1:86:72:6d:fe:70:
                    5a:a3:b5:bb:19:33:33:59:35:60:5a:df:3f:23:b2:
                    cf:93:73:ff:f6:cc:2a:b2:12:51:96:78:36:47:ec:
                    2b:d1:49:3c:f6:9c:4d:34:da:a6:79:e3:78:fb:16:
                    15:19:58:1b:76:e1:6e:5a:22:52:51:8c:1d:3c:79:
                    fb:b1:68:01:b2:d3:51:cf:e0:14:ee:5f:f2:76:51:
                    1d:ee:94:ed:c9:c3:3f:3f:d3:b0:a1:bf:1f:7c:5b:
                    10:00:0a:f6:2f:83:7c:45:82:21:b7:1f:63:06:d0:
                    19:a9:b5:46:a3:ef:96:fb:32:1c:12:01:e6:62:f5:
                    30:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:F6:B6:C5:86:D0:D3:E2:88:7B:EB:85:F7:A0:4E:05:7F:95:0E:CC
            X509v3 Authority Key Identifier:
                keyid:8F:4E:EA:72:E4:53:1C:92:A6:E0:0E:F4:F1:91:A6:12:7E:95:6D:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j07qcuRTHJKm4A708ZGmEn6VbS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:d9:b0:06:a6:d0:d5:2f:b7:b6:d5:f5:92:b3:bd:3c:81:e7:
         50:09:45:61:6a:c8:71:de:10:f8:8a:df:a4:31:f7:7e:8a:5c:
         76:8e:db:eb:20:ed:50:e3:4f:e5:4f:22:83:6e:20:a9:a7:64:
         d2:30:8a:2f:a6:ce:16:ea:72:81:00:5d:1d:04:1b:be:72:e8:
         c6:c3:8d:ae:2c:84:8c:bd:82:70:cc:28:7a:a1:c2:e9:1c:da:
         80:f9:28:3e:61:af:a3:d1:79:58:15:46:f0:b4:72:d5:9a:be:
         0c:cc:7f:4f:99:e1:20:91:76:92:18:43:98:be:44:de:09:8f:
         74:4a:63:18:75:4d:e9:7b:00:ba:44:70:43:ac:ba:28:cc:a4:
         f4:db:6d:6e:6c:b2:12:e2:e2:00:58:02:70:bd:4d:da:6d:7a:
         1c:ab:41:81:5b:65:1f:35:4c:01:e1:33:b8:77:56:68:ad:d2:
         dd:e5:6c:05:6d:e8:a7:4f:7c:e6:12:52:32:ae:f4:f8:b0:dd:
         47:cb:cf:39:c0:d3:92:f4:8a:9d:79:77:b1:66:58:69:a3:f4:
         4e:b6:41:87:1d:31:6d:d1:30:c0:77:20:69:7d:53:a9:84:21:
         ce:ce:17:ec:78:4e:5f:93:5d:b9:c4:f6:95:77:95:90:79:a8:
         95:d2:c0:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92c37xC8aknH/zHEcj2CsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNGVlYTcyZTQ1MzFjOTJhNmUwMGVmNGYxOTFhNjEyN2U5
NTZkMmQwHhcNMjUxMDE5MTkwMjEzWhcNMjUxMDIwMTkwMjEzWjAzMTEwLwYDVQQD
EyhjYmY2YjZjNTg2ZDBkM2UyODg3YmViODVmN2EwNGUwNTdmOTUwZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhalQPXkTi/yeO5oxzit6UHKjX/O
p+GDnK014Ue/RKdxNJ+EoaomFV+VceXTDB/EkfUyAOJu8GRmfzjtVpSqw4XDSwx8
mPIE4WUN6nrJSP3gJqvOekG36eXfVLqAU4TXn5JuRevVpTh5LySCOjFRf+7rP3gR
R4lgvcPBKrfQt/nhhnJt/nBao7W7GTMzWTVgWt8/I7LPk3P/9swqshJRlng2R+wr
0Uk89pxNNNqmeeN4+xYVGVgbduFuWiJSUYwdPHn7sWgBstNRz+AU7l/ydlEd7pTt
ycM/P9Owob8ffFsQAAr2L4N8RYIhtx9jBtAZqbVGo++W+zIcEgHmYvUwnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMv2tsWG0NPiiHvrhfegTgV/lQ7MMB8GA1UdIwQY
MBaAFI9O6nLkUxySpuAO9PGRphJ+lW0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajA3cWN1UlRISkttNEE3MDhaR21FbjZWYlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82N2U2MjMtNzk0NS00MDllLWFkMzIt
NDYxOGZiZmE0Yzg5LzEvajA3cWN1UlRISkttNEE3MDhaR21FbjZWYlMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82N2U2MjMtNzk0NS00MDllLWFkMzItNDYxOGZiZmE0Yzg5
LzEvajA3cWN1UlRISkttNEE3MDhaR21FbjZWYlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn9mwBqbQ
1S+3ttX1krO9PIHnUAlFYWrIcd4Q+IrfpDH3fopcdo7b6yDtUONP5U8ig24gqadk
0jCKL6bOFupygQBdHQQbvnLoxsONriyEjL2CcMwoeqHC6RzagPkoPmGvo9F5WBVG
8LRy1Zq+DMx/T5nhIJF2khhDmL5E3gmPdEpjGHVN6XsAukRwQ6y6KMyk9Nttbmyy
EuLiAFgCcL1N2m16HKtBgVtlHzVMAeEzuHdWaK3S3eVsBW3op0985hJSMq70+LDd
R8vPOcDTkvSKnXl3sWZYaaP0TrZBhx0xbdEwwHcgaX1TqYQhzs4X7HhOX5NducT2
lXeVkHmoldLAjA==
-----END CERTIFICATE-----