Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
File:                     2ma78NRZYjYmqZu-JCXgIHIJC08.mft (raw, json)
Hash identifier:          UDLkJ9F2JUtr29sc+T1xxmUEgW3RCGtbwgHmSiGL/7c=
Subject key identifier:   9E:4F:B0:D5:8D:C4:6B:0B:B3:5A:58:C2:83:E7:06:BA:FA:54:18:C2
Authority key identifier: DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F
Certificate issuer:       /CN=da66bbf0d459623626a99bbe2425e02072090b4f
Certificate serial:       0199FBEC46AEBB2D20803C1072E4DCAF97B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
Manifest number:          0196
Signing time:             Sun 19 Oct 2025 10:03:09 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:09 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:09 +0000
Files and hashes:         1: 2ma78NRZYjYmqZu-JCXgIHIJC08.crl (hash: LMpKvC1BAXUekOxPQY3Z8SSqfQtR5L2l0cdW9y/C2MU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:46:ae:bb:2d:20:80:3c:10:72:e4:dc:af:97:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da66bbf0d459623626a99bbe2425e02072090b4f
        Validity
            Not Before: Oct 19 10:03:09 2025 GMT
            Not After : Oct 20 10:03:09 2025 GMT
        Subject: CN=9e4fb0d58dc46b0bb35a58c283e706bafa5418c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:16:0d:04:9f:54:a7:4b:83:a9:36:ef:97:0b:
                    55:05:59:ee:c1:7f:31:0c:c4:aa:c3:20:cd:35:d1:
                    4f:36:5f:bb:0d:0e:5f:fd:e5:98:5f:1c:d3:b1:08:
                    98:2d:05:09:96:c1:8c:c0:17:42:cf:f5:c5:d2:95:
                    7c:d9:cf:03:a3:11:48:c3:7d:10:49:57:69:49:27:
                    64:ed:30:be:5b:8f:31:88:70:76:57:8d:32:46:08:
                    8e:6a:5c:fb:72:04:9f:1a:7d:31:c7:9c:65:ee:90:
                    04:7e:26:eb:eb:24:85:01:91:c9:ca:80:06:8e:78:
                    c8:af:00:e9:b8:92:93:77:16:cb:fe:40:1e:be:31:
                    39:ae:79:83:a9:8b:13:4a:e3:19:0f:ca:ca:ff:f6:
                    0d:94:37:10:b6:a4:25:77:ec:53:de:cc:f0:0d:ef:
                    6d:fb:29:19:f4:bc:ae:2b:92:c9:a2:f3:6f:57:2e:
                    37:e2:94:52:2b:f3:9c:d5:b3:0f:8f:d7:74:ab:5f:
                    62:fb:04:83:75:53:7f:94:72:4b:e2:e0:dd:6c:21:
                    00:58:a6:cc:47:31:2a:df:b8:a8:f1:45:55:6d:fb:
                    78:8c:29:90:4f:4f:a9:9f:00:16:b6:76:26:91:b7:
                    94:e3:bc:05:08:8a:5c:bc:be:d5:07:49:cf:aa:c8:
                    85:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:4F:B0:D5:8D:C4:6B:0B:B3:5A:58:C2:83:E7:06:BA:FA:54:18:C2
            X509v3 Authority Key Identifier:
                keyid:DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:8f:9f:48:9b:3b:3b:49:96:6c:dd:3d:a7:c4:b2:3e:26:9b:
         d6:8f:df:7f:69:8c:a3:65:78:da:4a:49:0b:52:a9:41:fe:3c:
         9f:a6:de:c3:cf:9a:e0:89:8a:2d:ee:ed:b3:3e:75:48:52:e2:
         77:fc:57:61:0d:8f:f1:b1:54:32:b4:d4:88:de:4f:1e:0f:94:
         78:54:46:64:df:22:f4:f1:3c:51:ee:64:e2:a7:77:56:47:b6:
         7a:6c:61:0d:29:7a:c3:31:fb:17:88:d8:f1:f8:a1:1c:38:3d:
         5a:bc:8c:a1:52:14:ca:60:5e:14:2c:3a:36:cb:14:04:65:7c:
         d2:77:8c:17:1d:bc:48:13:f8:3d:cb:ab:fa:ab:4a:1a:22:d7:
         ad:90:bb:a9:26:6e:75:fb:85:f9:40:09:f0:fe:25:29:cf:c8:
         ba:ca:e8:58:5c:9a:9e:c0:07:d7:92:b3:d6:b5:1e:0b:30:6f:
         be:bb:e2:ba:99:bd:f6:7a:55:ff:f2:bf:4d:bd:d2:63:ea:72:
         39:c6:3a:09:c5:3e:3b:1b:ca:10:ee:cf:5a:17:32:8c:b9:f8:
         31:34:54:f7:14:48:9c:af:3b:5d:b9:dd:f0:a4:14:50:46:26:
         45:f3:c1:b3:d8:ad:7c:75:e4:3f:9f:7f:6f:d5:7a:58:cc:ef:
         4b:be:58:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77Eauuy0ggDwQcuTcr5e2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjZiYmYwZDQ1OTYyMzYyNmE5OWJiZTI0MjVlMDIwNzIw
OTBiNGYwHhcNMjUxMDE5MTAwMzA5WhcNMjUxMDIwMTAwMzA5WjAzMTEwLwYDVQQD
Eyg5ZTRmYjBkNThkYzQ2YjBiYjM1YTU4YzI4M2U3MDZiYWZhNTQxOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphYNBJ9Up0uDqTbvlwtVBVnuwX8x
DMSqwyDNNdFPNl+7DQ5f/eWYXxzTsQiYLQUJlsGMwBdCz/XF0pV82c8DoxFIw30Q
SVdpSSdk7TC+W48xiHB2V40yRgiOalz7cgSfGn0xx5xl7pAEfibr6ySFAZHJyoAG
jnjIrwDpuJKTdxbL/kAevjE5rnmDqYsTSuMZD8rK//YNlDcQtqQld+xT3szwDe9t
+ykZ9LyuK5LJovNvVy434pRSK/Oc1bMPj9d0q19i+wSDdVN/lHJL4uDdbCEAWKbM
RzEq37io8UVVbft4jCmQT0+pnwAWtnYmkbeU47wFCIpcvL7VB0nPqsiFqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5PsNWNxGsLs1pYwoPnBrr6VBjCMB8GA1UdIwQY
MBaAFNpmu/DUWWI2JqmbviQl4CByCQtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAt
NWE0NzFlZGI4MDE4LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAtNWE0NzFlZGI4MDE4
LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIY+fSJs7
O0mWbN09p8SyPiab1o/ff2mMo2V42kpJC1KpQf48n6bew8+a4ImKLe7tsz51SFLi
d/xXYQ2P8bFUMrTUiN5PHg+UeFRGZN8i9PE8Ue5k4qd3Vke2emxhDSl6wzH7F4jY
8fihHDg9WryMoVIUymBeFCw6NssUBGV80neMFx28SBP4Pcur+qtKGiLXrZC7qSZu
dfuF+UAJ8P4lKc/IusroWFyansAH15Kz1rUeCzBvvrviupm99npV//K/Tb3SY+py
OcY6CcU+OxvKEO7PWhcyjLn4MTRU9xRInK87Xbnd8KQUUEYmRfPBs9itfHXkP59/
b9V6WMzvS75YyA==
-----END CERTIFICATE-----