Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
File:                     fAMRalBjzm8X_OpTUcneSgxosN0.mft (raw, json)
Hash identifier:          GNkr8W/XLcZdYnPKodcxxMUmLXPiBQQLtssG+/xGVVY=
Subject key identifier:   09:62:D7:0C:78:9C:D5:0C:F4:5F:91:36:92:69:25:94:E9:81:4B:D3
Authority key identifier: 7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD
Certificate issuer:       /CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
Certificate serial:       0199FDD9890C8F344250A475D14B5CB2D77D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
Manifest number:          0B9A
Signing time:             Sun 19 Oct 2025 19:01:56 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:56 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:56 +0000
Files and hashes:         1: fAMRalBjzm8X_OpTUcneSgxosN0.crl (hash: BC0SD5Ipwv7UEHy7y9Nt9x5g/T3RxCKZlnzWKCMqnDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:89:0c:8f:34:42:50:a4:75:d1:4b:5c:b2:d7:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
        Validity
            Not Before: Oct 19 19:01:56 2025 GMT
            Not After : Oct 20 19:01:56 2025 GMT
        Subject: CN=0962d70c789cd50cf45f913692692594e9814bd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:62:d6:4c:fe:64:08:9a:46:45:62:11:ce:d5:
                    50:0d:29:bb:36:04:94:15:59:b8:a6:e8:57:c6:f9:
                    94:8a:4d:92:cc:9d:15:a9:58:1b:ee:df:5a:ce:4a:
                    5e:26:02:7c:e4:31:6d:4d:97:86:3a:73:d9:67:b2:
                    62:73:c0:85:6c:f5:07:27:2d:27:5a:d6:ee:21:ea:
                    59:b9:0e:66:4b:e5:ba:ce:ed:e6:c9:13:50:d4:6e:
                    44:6d:b6:65:00:80:55:3e:04:4e:94:03:f7:e4:3b:
                    1a:ef:c4:ee:b7:f8:68:0a:0b:63:da:17:2d:d0:59:
                    71:50:e4:71:8b:12:f4:d2:98:d5:c5:c8:75:87:38:
                    63:97:52:71:86:ed:c0:6b:eb:c5:41:36:78:ef:c8:
                    82:94:92:3e:08:7e:f8:b7:be:89:29:03:c2:e8:4d:
                    63:57:51:67:4f:13:5b:db:b6:0d:87:c5:ec:11:f4:
                    ca:05:b0:48:ac:c2:74:ea:89:2c:c5:05:7d:c9:f2:
                    0d:62:4c:fc:8a:b4:9c:48:fe:b5:21:98:77:cb:93:
                    39:19:92:e7:e7:bd:22:74:c3:c5:da:13:a4:54:bf:
                    02:72:30:77:12:9c:b4:9e:09:09:c1:a7:a8:66:b5:
                    fc:ba:24:75:fc:ab:ae:f4:d2:c9:9b:07:f4:a1:aa:
                    3b:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:62:D7:0C:78:9C:D5:0C:F4:5F:91:36:92:69:25:94:E9:81:4B:D3
            X509v3 Authority Key Identifier:
                keyid:7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:09:e0:89:65:33:60:5f:84:b5:62:03:0d:52:02:d1:18:d8:
         f0:a3:73:5b:c6:cf:8e:8b:b0:00:c1:be:d7:31:7f:33:71:28:
         18:74:56:62:6b:18:d7:d4:e6:54:ed:49:07:8c:f9:9e:c0:39:
         67:8c:9f:5d:59:cb:9d:c4:72:69:6d:0a:0a:b5:20:50:24:54:
         bb:a3:c8:40:64:98:8e:e9:a6:5b:27:5b:c2:97:a2:6b:1e:26:
         a9:86:7c:0a:83:2e:fe:d6:cb:ce:df:75:93:7e:bc:ff:a5:5e:
         15:0c:8b:ff:d8:35:1f:35:2a:88:71:50:a7:34:57:ef:9b:4f:
         a8:fa:c1:c6:c2:e8:f1:74:d5:65:ad:af:c9:57:4f:6d:ba:a6:
         5b:ce:73:c1:96:a2:37:5d:29:c2:39:0d:1e:e6:da:8e:c8:9d:
         2b:07:5c:91:52:84:cb:bb:f8:32:c2:24:4e:8d:88:6d:84:ec:
         81:5a:67:da:d9:33:4b:fd:30:ba:89:c8:29:81:94:92:60:55:
         67:0d:f3:fd:09:03:9b:01:73:81:32:38:6d:b1:8e:52:cc:9f:
         9b:f5:b2:1d:a9:c9:67:b3:a8:7f:88:67:42:21:15:26:37:50:
         4e:8d:27:5d:08:f2:ce:7b:3a:44:a5:90:45:14:8f:63:81:48:
         0a:ed:b7:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92YkMjzRCUKR10Utcstd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMDMxMTZhNTA2M2NlNmYxN2ZjZWE1MzUxYzlkZTRhMGM2
OGIwZGQwHhcNMjUxMDE5MTkwMTU2WhcNMjUxMDIwMTkwMTU2WjAzMTEwLwYDVQQD
EygwOTYyZDcwYzc4OWNkNTBjZjQ1ZjkxMzY5MjY5MjU5NGU5ODE0YmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2LWTP5kCJpGRWIRztVQDSm7NgSU
FVm4puhXxvmUik2SzJ0VqVgb7t9azkpeJgJ85DFtTZeGOnPZZ7Jic8CFbPUHJy0n
WtbuIepZuQ5mS+W6zu3myRNQ1G5EbbZlAIBVPgROlAP35Dsa78Tut/hoCgtj2hct
0FlxUORxixL00pjVxch1hzhjl1Jxhu3Aa+vFQTZ478iClJI+CH74t76JKQPC6E1j
V1FnTxNb27YNh8XsEfTKBbBIrMJ06oksxQV9yfINYkz8irScSP61IZh3y5M5GZLn
570idMPF2hOkVL8CcjB3Epy0ngkJwaeoZrX8uiR1/Kuu9NLJmwf0oao7RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAli1wx4nNUM9F+RNpJpJZTpgUvTMB8GA1UdIwQY
MBaAFHwDEWpQY85vF/zqU1HJ3koMaLDdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQt
ODkxYjQ1NWMyYzUzLzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQtODkxYjQ1NWMyYzUz
LzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARQngiWUz
YF+EtWIDDVIC0RjY8KNzW8bPjouwAMG+1zF/M3EoGHRWYmsY19TmVO1JB4z5nsA5
Z4yfXVnLncRyaW0KCrUgUCRUu6PIQGSYjummWydbwpeiax4mqYZ8CoMu/tbLzt91
k368/6VeFQyL/9g1HzUqiHFQpzRX75tPqPrBxsLo8XTVZa2vyVdPbbqmW85zwZai
N10pwjkNHubajsidKwdckVKEy7v4MsIkTo2IbYTsgVpn2tkzS/0wuonIKYGUkmBV
Zw3z/QkDmwFzgTI4bbGOUsyfm/WyHanJZ7Oof4hnQiEVJjdQTo0nXQjyzns6RKWQ
RRSPY4FICu23nQ==
-----END CERTIFICATE-----