Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          8XSzIgRiq3s88ndvDUWOPhorCPlYKG7B3nTdtl+itp4=
Subject key identifier:   20:DF:20:CC:57:C8:D0:3E:A1:EA:DA:B9:21:1A:B1:18:19:61:22:6D
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       0199FE0FE0C28E4EF7332F3AB2B4F1C07E44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0F63
Signing time:             Sun 19 Oct 2025 20:01:17 +0000
Manifest this update:     Sun 19 Oct 2025 20:01:17 +0000
Manifest next update:     Mon 20 Oct 2025 20:01:17 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: Wzo5oHInKGk80NbfOFPYRJgBKzNkc+BjuzyM9DgMFvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:0f:e0:c2:8e:4e:f7:33:2f:3a:b2:b4:f1:c0:7e:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Oct 19 20:01:17 2025 GMT
            Not After : Oct 20 20:01:17 2025 GMT
        Subject: CN=20df20cc57c8d03ea1eadab9211ab1181961226d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:68:71:0f:25:c5:3c:83:cd:e0:da:8b:3a:9a:
                    ff:2b:b0:50:9f:5d:b9:c1:f5:f6:0a:b3:6d:e0:79:
                    31:51:93:37:94:b6:49:d2:19:be:71:91:ea:ca:ba:
                    0b:51:b6:af:de:df:84:9d:a5:d8:e4:77:25:15:92:
                    1a:47:63:b2:e9:b8:a2:08:c7:52:d8:87:1a:bc:ac:
                    ba:48:57:05:f6:c0:92:12:f5:f6:b0:97:2f:84:cb:
                    2c:70:6d:e2:cd:65:c8:6a:2c:11:ab:7a:7c:47:dc:
                    79:d0:f4:29:f1:c8:02:b0:ba:bb:3d:2b:92:12:4b:
                    91:e4:dd:22:b5:46:e6:ee:1c:0a:87:a1:e7:c1:a3:
                    62:20:9a:33:b8:a5:74:e1:36:54:33:31:00:c6:35:
                    64:f2:2f:63:20:8c:1b:cc:7c:7f:af:f4:3a:a9:7d:
                    11:88:11:47:86:de:61:9e:af:98:bf:6f:aa:5a:f1:
                    30:f3:7e:88:7f:fc:6a:18:4d:db:01:b3:07:7e:28:
                    24:fe:a0:a4:03:d5:f0:d8:1c:cd:4e:51:f5:42:4b:
                    3e:fa:fd:16:26:a4:9c:67:81:84:a8:35:eb:bb:69:
                    79:27:4c:b6:d7:f9:44:4c:45:31:6a:c3:e4:1c:fb:
                    2e:47:eb:8f:a2:ff:b6:97:17:d6:1b:74:00:42:2c:
                    c2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:DF:20:CC:57:C8:D0:3E:A1:EA:DA:B9:21:1A:B1:18:19:61:22:6D
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:6b:c1:04:54:17:28:57:13:4a:15:b1:b9:2d:8c:9f:c6:c6:
         0b:4d:62:7e:66:2a:91:30:20:93:58:a7:4c:b2:37:ea:f9:72:
         d2:83:6e:d1:ad:03:89:16:c1:97:99:16:17:59:b6:38:6b:01:
         d7:63:58:e2:5e:a1:06:1d:4c:81:b4:ac:e9:93:9d:ce:bb:28:
         bf:cb:d2:27:0b:e7:6f:ed:16:a6:6a:3d:db:72:57:42:a1:02:
         85:97:6c:86:9d:c3:05:1d:78:33:d7:db:12:0b:77:1b:16:d0:
         24:a5:9c:e4:21:34:d2:9d:39:44:64:f9:77:06:d3:58:b5:c7:
         9e:9e:2a:b5:78:75:bc:65:c0:66:ad:b7:10:51:51:ae:65:88:
         71:36:d3:3f:41:92:2e:b0:4d:cb:6f:33:c3:76:2f:14:0b:eb:
         dd:c6:af:2a:fb:17:a8:60:a5:aa:56:95:eb:aa:aa:3a:33:d3:
         1a:cd:a3:ca:b2:90:b6:2e:05:19:fa:3c:87:ca:48:c7:79:43:
         b5:78:ab:25:28:8a:c3:ed:fd:4a:b7:39:5e:7a:35:d7:9f:08:
         49:21:09:36:9d:6f:ef:df:b4:4b:2b:20:fa:ad:fa:20:72:33:
         4f:95:55:4a:18:20:03:54:be:26:20:e7:9f:d5:4f:a8:eb:e2:
         54:f6:5d:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+D+DCjk73My86srTxwH5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUxMDE5MjAwMTE3WhcNMjUxMDIwMjAwMTE3WjAzMTEwLwYDVQQD
EygyMGRmMjBjYzU3YzhkMDNlYTFlYWRhYjkyMTFhYjExODE5NjEyMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWhxDyXFPIPN4NqLOpr/K7BQn125
wfX2CrNt4HkxUZM3lLZJ0hm+cZHqyroLUbav3t+EnaXY5HclFZIaR2Oy6biiCMdS
2IcavKy6SFcF9sCSEvX2sJcvhMsscG3izWXIaiwRq3p8R9x50PQp8cgCsLq7PSuS
EkuR5N0itUbm7hwKh6HnwaNiIJozuKV04TZUMzEAxjVk8i9jIIwbzHx/r/Q6qX0R
iBFHht5hnq+Yv2+qWvEw836If/xqGE3bAbMHfigk/qCkA9Xw2BzNTlH1Qks++v0W
JqScZ4GEqDXru2l5J0y21/lETEUxasPkHPsuR+uPov+2lxfWG3QAQizCZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDfIMxXyNA+oerauSEasRgZYSJtMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXWvBBFQX
KFcTShWxuS2Mn8bGC01ifmYqkTAgk1inTLI36vly0oNu0a0DiRbBl5kWF1m2OGsB
12NY4l6hBh1MgbSs6ZOdzrsov8vSJwvnb+0Wpmo923JXQqEChZdshp3DBR14M9fb
Egt3GxbQJKWc5CE00p05RGT5dwbTWLXHnp4qtXh1vGXAZq23EFFRrmWIcTbTP0GS
LrBNy28zw3YvFAvr3cavKvsXqGClqlaV66qqOjPTGs2jyrKQti4FGfo8h8pIx3lD
tXirJSiKw+39Src5Xno1158ISSEJNp1v79+0Sysg+q36IHIzT5VVShggA1S+JiDn
n9VPqOviVPZdSQ==
-----END CERTIFICATE-----