Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          4FdUfDQBkG8JxF4DxykktSKVx/+8qIQtbHsFaB6SR7o=
Subject key identifier:   C6:E2:69:13:0F:B4:2F:EA:E9:8B:7D:C0:33:A7:B9:2F:F7:4B:3E:26
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       0199FCFD27CCDED7775C59A833BC5B9AC909
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          03A1
Signing time:             Sun 19 Oct 2025 15:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:13 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: XcC13PSys4AjAA49TX/jkiwoUqG+JRO0EGvlCtTkZ9Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:27:cc:de:d7:77:5c:59:a8:33:bc:5b:9a:c9:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Oct 19 15:01:13 2025 GMT
            Not After : Oct 20 15:01:13 2025 GMT
        Subject: CN=c6e269130fb42feae98b7dc033a7b92ff74b3e26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:04:b7:7c:e5:0b:b1:e7:85:48:36:c2:65:f7:
                    b2:7e:68:40:c3:f0:70:3a:db:f5:96:18:ba:c9:e7:
                    1f:54:61:01:75:04:e4:b1:33:ad:b6:da:b7:4c:ee:
                    6e:79:a5:f8:28:7f:50:58:6f:cb:82:78:67:d8:12:
                    97:14:f9:ff:59:9d:4e:fa:1e:61:fb:b0:6b:b6:eb:
                    b2:29:b5:66:19:27:9b:68:cc:08:da:24:a9:45:13:
                    5b:ee:47:56:b9:e1:22:b0:5c:6c:2b:0a:f2:44:a7:
                    fb:3d:6a:a9:7d:bd:77:6c:a2:de:88:9f:bd:3d:77:
                    db:3b:8e:be:d5:3f:b1:bf:91:fe:ae:5e:d1:58:0c:
                    a8:bc:d2:e8:99:e7:ec:98:23:ea:d7:6b:59:37:7e:
                    e8:42:59:e7:e8:f3:a1:cf:db:53:97:a0:23:dd:21:
                    8e:9f:7b:13:5a:81:53:82:52:02:13:25:f3:e4:89:
                    86:e9:61:4e:e5:b4:70:44:b9:da:41:08:7f:0e:e2:
                    4a:88:c2:2a:f4:ad:2a:ed:ae:e5:15:6e:89:20:b5:
                    e8:10:e2:a9:ac:63:d3:1d:d7:a7:47:2f:9a:46:93:
                    a5:91:93:6d:9d:ae:5f:f2:c0:c9:84:aa:a2:12:32:
                    3c:6a:ae:13:20:d5:e9:5f:58:34:0c:61:bb:fc:6d:
                    90:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:E2:69:13:0F:B4:2F:EA:E9:8B:7D:C0:33:A7:B9:2F:F7:4B:3E:26
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:5f:6a:e5:b8:db:b0:ea:bb:60:55:7f:54:3b:fe:02:6a:f8:
         fe:45:f5:b6:3a:ba:60:2a:38:80:bd:4d:a2:05:19:9f:d8:eb:
         05:20:e2:af:e6:bb:58:d7:0b:30:90:1c:b5:b9:57:61:54:a5:
         a6:4e:7d:c7:13:ba:ed:3e:4d:e0:90:19:c9:42:07:0d:ec:ed:
         bf:76:9a:53:d7:53:5c:d5:0b:73:6c:ed:9b:b7:d3:4d:6e:8e:
         d8:13:5d:9f:df:04:01:a0:8c:b4:32:ae:2a:22:ec:e4:d0:cb:
         57:c6:25:8f:63:f7:b8:41:6d:44:d0:d7:57:7e:dd:f8:71:e1:
         7a:86:35:35:9f:3d:e6:57:6b:b3:06:25:49:75:7b:93:51:3c:
         96:56:0d:e8:6d:76:f1:ea:41:9d:7e:c9:66:4c:99:59:af:c7:
         05:44:bc:e6:13:77:83:a0:2c:82:0b:bc:8e:77:23:f8:cd:a1:
         96:ac:ac:66:55:5b:3d:5e:b3:ec:18:17:b5:de:5d:94:c9:26:
         fc:01:d1:a1:50:1f:e3:62:9e:ec:9c:15:39:19:b8:4a:e7:97:
         a5:4d:8f:53:6e:49:d5:b7:02:b9:2b:7c:7c:14:c1:49:9b:d3:
         c0:05:74:61:6c:c5:cc:b6:56:83:9f:e5:6a:32:79:9d:fd:f4:
         75:b9:1e:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/SfM3td3XFmoM7xbmskJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUxMDE5MTUwMTEzWhcNMjUxMDIwMTUwMTEzWjAzMTEwLwYDVQQD
EyhjNmUyNjkxMzBmYjQyZmVhZTk4YjdkYzAzM2E3YjkyZmY3NGIzZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgS3fOULseeFSDbCZfeyfmhAw/Bw
Otv1lhi6yecfVGEBdQTksTOtttq3TO5ueaX4KH9QWG/Lgnhn2BKXFPn/WZ1O+h5h
+7BrtuuyKbVmGSebaMwI2iSpRRNb7kdWueEisFxsKwryRKf7PWqpfb13bKLeiJ+9
PXfbO46+1T+xv5H+rl7RWAyovNLomefsmCPq12tZN37oQlnn6POhz9tTl6Aj3SGO
n3sTWoFTglICEyXz5ImG6WFO5bRwRLnaQQh/DuJKiMIq9K0q7a7lFW6JILXoEOKp
rGPTHdenRy+aRpOlkZNtna5f8sDJhKqiEjI8aq4TINXpX1g0DGG7/G2QvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbiaRMPtC/q6Yt9wDOnuS/3Sz4mMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlV9q5bjb
sOq7YFV/VDv+Amr4/kX1tjq6YCo4gL1NogUZn9jrBSDir+a7WNcLMJActblXYVSl
pk59xxO67T5N4JAZyUIHDeztv3aaU9dTXNULc2ztm7fTTW6O2BNdn98EAaCMtDKu
KiLs5NDLV8Ylj2P3uEFtRNDXV37d+HHheoY1NZ895ldrswYlSXV7k1E8llYN6G12
8epBnX7JZkyZWa/HBUS85hN3g6Asggu8jncj+M2hlqysZlVbPV6z7BgXtd5dlMkm
/AHRoVAf42Ke7JwVORm4SueXpU2PU25J1bcCuSt8fBTBSZvTwAV0YWzFzLZWg5/l
ajJ5nf30dbkebw==
-----END CERTIFICATE-----