Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File:                     XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier:          UnLJ4BUxNs/qmrM9sBqeF7joCMHOaU0rcUf6NJqkqM0=
Subject key identifier:   41:B7:2F:83:14:07:DD:10:21:7B:49:6E:71:AE:EF:2A:F3:1B:94:14
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer:       /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial:       0199FDD983E425113754D9EDBA1D21ED4B3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 19:01:54 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:54 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:54 +0000
Files and hashes:         1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: 5RqmkZduhedQHTlegQA8blMCThHQS7Pjw+TUeYI/wo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:83:e4:25:11:37:54:d9:ed:ba:1d:21:ed:4b:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
        Validity
            Not Before: Oct 19 19:01:54 2025 GMT
            Not After : Oct 20 19:01:54 2025 GMT
        Subject: CN=41b72f831407dd10217b496e71aeef2af31b9414
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:ca:78:be:9f:a3:38:a6:80:81:a7:b2:ec:5e:
                    da:2a:f0:14:5b:95:85:7f:2c:5e:d2:9f:0c:73:ec:
                    f4:91:bd:b9:18:31:cf:3f:12:55:16:3c:45:a4:39:
                    28:29:cf:8c:83:18:f5:ff:af:9b:df:f7:bd:a3:c5:
                    b5:c4:2a:45:9e:8f:6d:f4:bc:b9:e7:e8:5b:05:d4:
                    11:e5:d0:3d:30:ce:4b:17:6c:cf:9f:e6:5c:a4:a8:
                    17:1f:0d:58:64:0d:f2:e9:2b:ea:06:e2:84:ce:a5:
                    4d:51:44:13:f8:13:34:04:6e:43:cb:d2:01:51:ea:
                    b2:bf:eb:5f:6e:0e:53:6d:6c:7e:ac:2c:73:75:8f:
                    8b:ec:69:d8:ac:fa:b6:11:e2:9b:06:37:43:6e:22:
                    bd:ee:30:de:05:23:37:3c:27:53:d1:8a:c2:3f:90:
                    ba:29:ad:18:26:b2:28:b5:48:29:f7:74:18:f9:63:
                    32:8e:db:26:0e:9d:3f:f6:c7:8f:75:48:69:d2:61:
                    ec:62:f7:bc:4d:ed:4f:b9:73:e3:2a:f5:31:73:44:
                    df:f2:4a:14:4e:fc:77:cc:a0:da:62:30:c8:20:d9:
                    cd:e2:77:0c:bc:64:14:bc:ad:47:66:25:f8:cb:7e:
                    42:e7:17:88:7a:98:75:09:d2:55:32:53:56:1f:c2:
                    b7:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:B7:2F:83:14:07:DD:10:21:7B:49:6E:71:AE:EF:2A:F3:1B:94:14
            X509v3 Authority Key Identifier:
                keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:2c:af:a3:7b:03:0a:df:2f:16:fe:a1:03:26:70:ad:f1:a8:
         58:67:84:ee:55:bb:6e:be:2c:64:cd:c7:52:4c:43:42:74:98:
         71:80:02:7c:13:96:b7:ad:53:31:ed:f9:84:b2:08:41:79:f3:
         41:c7:ed:75:f2:36:0b:a2:7f:66:3c:ef:9b:92:87:e6:fe:cb:
         39:5e:3b:ce:b8:01:c2:6c:d6:85:d4:5f:c3:f6:9d:e9:9c:a2:
         d3:cc:e8:c2:8d:56:f2:a8:a2:68:1f:5e:5a:52:9f:77:52:55:
         60:91:ef:2c:c1:72:59:b8:66:e6:bb:65:e6:32:40:f1:cc:49:
         76:33:00:78:3b:c2:67:60:c0:72:86:ee:ea:c3:1e:60:db:b2:
         ba:0b:43:d6:0f:48:c2:0b:f6:d7:6b:ac:6b:d7:ad:9f:48:dd:
         30:52:76:99:5f:0f:f8:b5:13:6d:1e:ce:32:aa:10:18:ec:0b:
         03:9b:1d:89:83:c1:bb:d6:d9:bd:8d:24:0b:48:e4:7e:7c:f4:
         da:17:56:a5:4f:13:26:98:13:87:d4:84:ee:7b:f6:5f:55:b8:
         df:b6:89:a1:f0:7b:46:00:8e:76:c0:70:2a:e8:5a:6e:34:4d:
         11:b1:0a:bb:b9:0e:6e:29:01:ff:59:85:59:a3:8d:af:90:1b:
         99:c5:10:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92YPkJRE3VNntuh0h7Us7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjUxMDE5MTkwMTU0WhcNMjUxMDIwMTkwMTU0WjAzMTEwLwYDVQQD
Eyg0MWI3MmY4MzE0MDdkZDEwMjE3YjQ5NmU3MWFlZWYyYWYzMWI5NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMp4vp+jOKaAgaey7F7aKvAUW5WF
fyxe0p8Mc+z0kb25GDHPPxJVFjxFpDkoKc+Mgxj1/6+b3/e9o8W1xCpFno9t9Ly5
5+hbBdQR5dA9MM5LF2zPn+ZcpKgXHw1YZA3y6SvqBuKEzqVNUUQT+BM0BG5Dy9IB
Ueqyv+tfbg5TbWx+rCxzdY+L7GnYrPq2EeKbBjdDbiK97jDeBSM3PCdT0YrCP5C6
Ka0YJrIotUgp93QY+WMyjtsmDp0/9sePdUhp0mHsYve8Te1PuXPjKvUxc0Tf8koU
Tvx3zKDaYjDIINnN4ncMvGQUvK1HZiX4y35C5xeIeph1CdJVMlNWH8K3mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEG3L4MUB90QIXtJbnGu7yrzG5QUMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCyvo3sD
Ct8vFv6hAyZwrfGoWGeE7lW7br4sZM3HUkxDQnSYcYACfBOWt61TMe35hLIIQXnz
QcftdfI2C6J/Zjzvm5KH5v7LOV47zrgBwmzWhdRfw/ad6Zyi08zowo1W8qiiaB9e
WlKfd1JVYJHvLMFyWbhm5rtl5jJA8cxJdjMAeDvCZ2DAcobu6sMeYNuyugtD1g9I
wgv212usa9etn0jdMFJ2mV8P+LUTbR7OMqoQGOwLA5sdiYPBu9bZvY0kC0jkfnz0
2hdWpU8TJpgTh9SE7nv2X1W437aJofB7RgCOdsBwKuhabjRNEbEKu7kObikB/1mF
WaONr5AbmcUQTQ==
-----END CERTIFICATE-----