Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          hBf67DjA+YHHYV9SWO6HjZaRW1cH3fjDCzWuTwUdrfw=
Subject key identifier:   28:C7:07:0E:97:27:57:A3:01:21:82:E4:12:32:7D:57:E0:89:4E:07
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       0199FDDA55DF3A2D9158937A4BA1B6689B17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 19:02:48 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:48 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:48 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: QloopfXHonbl1MwZXWOMCP40lWaxf9xDCFFLnMxuEWo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:02:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:55:df:3a:2d:91:58:93:7a:4b:a1:b6:68:9b:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: Oct 19 19:02:48 2025 GMT
            Not After : Oct 20 19:02:48 2025 GMT
        Subject: CN=28c7070e972757a3012182e412327d57e0894e07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:72:03:20:f4:f4:00:b6:9b:0b:c3:f3:62:04:
                    62:78:89:a7:82:94:54:71:60:02:4b:52:d5:0a:bc:
                    d5:93:c9:3b:82:d1:81:0a:7b:0a:92:b0:fc:e3:57:
                    2a:06:6c:a7:6d:88:00:7e:98:cf:7c:af:95:03:f6:
                    41:d1:06:16:a2:ca:0a:d5:46:47:b9:90:6c:62:57:
                    b4:95:52:87:1d:ba:68:32:a0:4f:1c:32:1f:30:60:
                    ed:11:4c:e7:fe:75:1c:5d:b8:c0:34:c0:27:70:57:
                    65:bb:d4:ea:3c:6d:13:89:38:f3:83:95:66:ab:74:
                    93:ab:1d:f4:75:ac:08:bd:a7:97:24:46:c5:e6:33:
                    83:9b:f4:eb:ae:70:35:f9:c0:5a:54:ad:db:c1:d5:
                    28:af:9e:c2:cd:52:34:0c:5a:c1:fb:fb:5a:f2:5d:
                    d7:f9:f9:e0:7f:9a:25:f0:16:45:50:84:1f:a4:03:
                    9b:1e:03:93:a3:56:b7:87:49:76:ac:d7:d5:8c:92:
                    d8:13:1b:87:0d:83:12:4e:98:3e:fe:cb:a0:7b:ac:
                    94:b1:1f:49:ed:1f:f4:b7:81:bd:87:8d:2e:30:15:
                    13:03:d6:91:40:30:05:74:51:63:18:cc:61:fb:38:
                    4f:ac:fc:4e:f3:80:a9:4d:2d:8a:9f:88:e0:93:2e:
                    f2:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:C7:07:0E:97:27:57:A3:01:21:82:E4:12:32:7D:57:E0:89:4E:07
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:5a:18:ce:e7:bc:07:88:4a:95:f2:67:9a:2f:96:42:89:43:
         81:e0:58:6b:a6:a9:65:99:7b:55:65:cb:17:10:2b:df:b5:f4:
         07:ae:4a:57:0f:1b:84:51:18:ba:22:6b:f3:26:1e:c4:ce:d6:
         b5:8b:59:35:61:48:75:96:36:0f:1b:da:4d:94:d3:2c:2b:1e:
         f6:8d:a4:82:e2:1c:38:d7:2d:3d:bf:18:3c:9a:ff:7a:91:8e:
         91:79:b7:de:5a:4b:c4:ec:b0:9b:d1:51:e5:35:b5:22:d8:65:
         a0:2b:d8:0e:ac:94:1a:42:2f:e6:b6:9a:64:8c:a1:b3:d7:72:
         c2:4f:12:66:3c:01:29:47:ed:a5:7a:01:87:f6:09:60:af:da:
         57:2f:b4:67:85:fa:a6:5a:62:bd:92:04:d1:cf:67:8a:7f:44:
         74:be:62:6e:cc:2d:de:c3:f2:ef:e6:fa:b4:bf:91:42:9d:99:
         6c:5d:d1:2d:13:84:ba:84:79:8a:9b:60:b4:c2:4e:e4:aa:30:
         b6:f5:01:a4:0e:fb:61:a7:e0:bf:2c:f3:66:df:1f:7c:56:a0:
         2d:e2:54:cd:84:96:46:e2:43:f7:f4:5d:69:2c:e3:cf:13:02:
         98:fd:c3:6e:8f:33:a9:5f:1b:19:b7:93:36:9b:2c:60:b5:e8:
         bf:3e:8e:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92lXfOi2RWJN6S6G2aJsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjUxMDE5MTkwMjQ4WhcNMjUxMDIwMTkwMjQ4WjAzMTEwLwYDVQQD
EygyOGM3MDcwZTk3Mjc1N2EzMDEyMTgyZTQxMjMyN2Q1N2UwODk0ZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznIDIPT0ALabC8PzYgRieImngpRU
cWACS1LVCrzVk8k7gtGBCnsKkrD841cqBmynbYgAfpjPfK+VA/ZB0QYWosoK1UZH
uZBsYle0lVKHHbpoMqBPHDIfMGDtEUzn/nUcXbjANMAncFdlu9TqPG0TiTjzg5Vm
q3STqx30dawIvaeXJEbF5jODm/TrrnA1+cBaVK3bwdUor57CzVI0DFrB+/ta8l3X
+fngf5ol8BZFUIQfpAObHgOTo1a3h0l2rNfVjJLYExuHDYMSTpg+/suge6yUsR9J
7R/0t4G9h40uMBUTA9aRQDAFdFFjGMxh+zhPrPxO84CpTS2Kn4jgky7yKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjHBw6XJ1ejASGC5BIyfVfgiU4HMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABVoYzue8
B4hKlfJnmi+WQolDgeBYa6apZZl7VWXLFxAr37X0B65KVw8bhFEYuiJr8yYexM7W
tYtZNWFIdZY2DxvaTZTTLCse9o2kguIcONctPb8YPJr/epGOkXm33lpLxOywm9FR
5TW1IthloCvYDqyUGkIv5raaZIyhs9dywk8SZjwBKUftpXoBh/YJYK/aVy+0Z4X6
plpivZIE0c9nin9EdL5ibswt3sPy7+b6tL+RQp2ZbF3RLROEuoR5iptgtMJO5Kow
tvUBpA77YafgvyzzZt8ffFagLeJUzYSWRuJD9/RdaSzjzxMCmP3Dbo8zqV8bGbeT
NpssYLXovz6OMQ==
-----END CERTIFICATE-----