Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.mft
File:                     0WLUzQwan_4krVFT0Zzpwx3LTH0.mft (raw, json)
Hash identifier:          9ypQeAJt24ejxmcVhOikfePunmcU8V9lYkfRNH7LELM=
Subject key identifier:   D1:A7:25:A8:52:0A:9C:39:A1:B3:9A:E8:ED:7F:B3:46:E6:DE:D4:F6
Authority key identifier: D1:62:D4:CD:0C:1A:9F:FE:24:AD:51:53:D1:9C:E9:C3:1D:CB:4C:7D
Certificate issuer:       /CN=d162d4cd0c1a9ffe24ad5153d19ce9c31dcb4c7d
Certificate serial:       0199FEB4DEB2383BCB518426606C9B57677C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0WLUzQwan_4krVFT0Zzpwx3LTH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 23:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:30 +0000
Files and hashes:         1: 0WLUzQwan_4krVFT0Zzpwx3LTH0.crl (hash: plOI4jHTl35qYQOAg+aJm0KGvk6L3kLX8qSI3D4IRBw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0WLUzQwan_4krVFT0Zzpwx3LTH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b4:de:b2:38:3b:cb:51:84:26:60:6c:9b:57:67:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d162d4cd0c1a9ffe24ad5153d19ce9c31dcb4c7d
        Validity
            Not Before: Oct 19 23:01:30 2025 GMT
            Not After : Oct 20 23:01:30 2025 GMT
        Subject: CN=d1a725a8520a9c39a1b39ae8ed7fb346e6ded4f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:ef:39:95:95:95:44:04:53:1a:5f:fd:11:8a:
                    d3:e7:32:63:19:2b:e7:2e:56:75:a1:bc:11:0c:46:
                    73:cc:89:5c:cd:ed:87:af:3a:f9:08:16:8e:b5:8a:
                    3e:cc:fe:63:ea:a8:52:8f:60:35:3e:64:58:5e:1c:
                    d9:bd:6f:65:24:a1:d4:30:98:8e:1a:e1:de:88:c5:
                    59:2e:da:b4:20:54:2f:67:2f:01:aa:e0:3c:bb:75:
                    93:a4:ee:15:40:5c:24:b0:7a:c9:d5:1c:f1:51:49:
                    5e:00:0d:33:67:b8:ef:82:b0:c6:dd:1d:a2:46:b8:
                    e8:78:7e:77:01:46:99:7b:b7:b5:a7:26:a8:9f:44:
                    97:79:30:47:79:69:b5:01:f1:9f:eb:bd:b8:48:41:
                    14:7e:b0:e8:a5:c3:8c:1a:f4:f0:dc:11:d2:ea:63:
                    19:e8:84:10:74:86:d7:c5:df:2a:9b:fc:24:02:af:
                    22:d2:24:0d:10:c5:10:f6:48:64:62:f0:35:87:27:
                    58:fb:53:e9:e4:67:43:9f:67:0f:42:98:bf:34:96:
                    02:b3:5b:db:7f:09:c2:50:89:1a:28:d4:c9:c6:37:
                    55:e3:f0:d6:9c:87:f2:c3:3e:fb:0f:2b:f9:5b:f5:
                    d7:8d:d9:2a:cd:05:6e:04:e5:7f:4d:f4:6e:8a:29:
                    a4:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:A7:25:A8:52:0A:9C:39:A1:B3:9A:E8:ED:7F:B3:46:E6:DE:D4:F6
            X509v3 Authority Key Identifier:
                keyid:D1:62:D4:CD:0C:1A:9F:FE:24:AD:51:53:D1:9C:E9:C3:1D:CB:4C:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0WLUzQwan_4krVFT0Zzpwx3LTH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:66:c8:39:00:cb:ec:f5:bf:69:b2:1d:a2:11:4e:b5:40:c5:
         14:b2:f7:98:d1:8c:5d:e7:98:98:90:be:f3:76:2b:7b:2a:3d:
         b5:c5:77:a9:1f:0e:54:b7:32:b8:21:4b:1c:0a:50:34:28:e6:
         f9:c9:99:84:6e:7f:17:53:85:fe:6c:d7:cc:4c:aa:fe:1e:52:
         85:8a:a5:f7:ce:f9:c1:3a:fa:48:b6:84:1f:7f:1c:51:62:66:
         3f:08:d4:f5:18:c8:54:ff:e3:a7:a4:f0:fd:8d:e4:ee:5a:81:
         17:d9:fb:7b:74:3f:46:48:a2:38:96:22:64:2c:9e:64:a5:8b:
         c4:e0:d9:fa:17:ed:27:cf:23:06:84:bf:fc:08:5a:90:9f:ff:
         06:21:3b:4f:14:cb:0a:ec:4d:32:ca:bb:3b:de:79:2e:31:9e:
         e3:8e:53:ef:57:44:67:07:7c:61:7e:93:cb:c4:0d:c0:d8:19:
         94:f0:f8:eb:27:54:ea:8d:20:89:42:37:f2:bb:f4:95:b1:97:
         a1:3a:05:7d:81:94:e8:da:75:14:b8:65:8a:5d:fc:12:92:d4:
         23:60:a8:51:68:94:b2:80:6c:f0:76:cd:96:6e:2b:3b:95:b8:
         90:29:a3:5b:cd:0a:40:28:04:16:85:c4:d3:fa:5b:99:e0:23:
         bd:e6:da:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tN6yODvLUYQmYGybV2d8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNjJkNGNkMGMxYTlmZmUyNGFkNTE1M2QxOWNlOWMzMWRj
YjRjN2QwHhcNMjUxMDE5MjMwMTMwWhcNMjUxMDIwMjMwMTMwWjAzMTEwLwYDVQQD
EyhkMWE3MjVhODUyMGE5YzM5YTFiMzlhZThlZDdmYjM0NmU2ZGVkNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+85lZWVRARTGl/9EYrT5zJjGSvn
LlZ1obwRDEZzzIlcze2Hrzr5CBaOtYo+zP5j6qhSj2A1PmRYXhzZvW9lJKHUMJiO
GuHeiMVZLtq0IFQvZy8BquA8u3WTpO4VQFwksHrJ1RzxUUleAA0zZ7jvgrDG3R2i
RrjoeH53AUaZe7e1pyaon0SXeTBHeWm1AfGf6724SEEUfrDopcOMGvTw3BHS6mMZ
6IQQdIbXxd8qm/wkAq8i0iQNEMUQ9khkYvA1hydY+1Pp5GdDn2cPQpi/NJYCs1vb
fwnCUIkaKNTJxjdV4/DWnIfywz77Dyv5W/XXjdkqzQVuBOV/TfRuiimkPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGnJahSCpw5obOa6O1/s0bm3tT2MB8GA1UdIwQY
MBaAFNFi1M0MGp/+JK1RU9Gc6cMdy0x9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFdMVXpRd2FuXzRrclZGVDBaenB3eDNMVEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Zjg0YTEtZThkYy00MTE1LWE2NDUt
ZTgxNzIwYTM5NzhkLzEvMFdMVXpRd2FuXzRrclZGVDBaenB3eDNMVEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Zjg0YTEtZThkYy00MTE1LWE2NDUtZTgxNzIwYTM5Nzhk
LzEvMFdMVXpRd2FuXzRrclZGVDBaenB3eDNMVEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApmbIOQDL
7PW/abIdohFOtUDFFLL3mNGMXeeYmJC+83Yreyo9tcV3qR8OVLcyuCFLHApQNCjm
+cmZhG5/F1OF/mzXzEyq/h5ShYql9875wTr6SLaEH38cUWJmPwjU9RjIVP/jp6Tw
/Y3k7lqBF9n7e3Q/RkiiOJYiZCyeZKWLxODZ+hftJ88jBoS//AhakJ//BiE7TxTL
CuxNMsq7O955LjGe445T71dEZwd8YX6Ty8QNwNgZlPD46ydU6o0giUI38rv0lbGX
oToFfYGU6Np1FLhlil38EpLUI2CoUWiUsoBs8HbNlm4rO5W4kCmjW80KQCgEFoXE
0/pbmeAjvebaXQ==
-----END CERTIFICATE-----