Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
File:                     9Lf2q209ljfV1-rM4943lLnPPg8.mft (raw, json)
Hash identifier:          DFbQr4Ma6LWOohczDq8w3JW312VhADbSopuV35Hgm+4=
Subject key identifier:   15:EA:54:E4:20:A2:C3:76:47:3B:95:85:99:3E:3F:AD:AF:F9:4B:82
Authority key identifier: F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F
Certificate issuer:       /CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
Certificate serial:       0199FC590CAC00B61D52A6AA3EB04CEF0CD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
Manifest number:          028C
Signing time:             Sun 19 Oct 2025 12:01:58 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:58 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:58 +0000
Files and hashes:         1: 9Lf2q209ljfV1-rM4943lLnPPg8.crl (hash: z2RhgYiKaNSuGgZEj4SmqPKQHkwI2aPSJNxAT7VNhZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:59:0c:ac:00:b6:1d:52:a6:aa:3e:b0:4c:ef:0c:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
        Validity
            Not Before: Oct 19 12:01:58 2025 GMT
            Not After : Oct 20 12:01:58 2025 GMT
        Subject: CN=15ea54e420a2c376473b9585993e3fadaff94b82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:92:2e:29:f1:b7:05:68:71:52:46:55:17:c7:
                    ef:db:c9:97:23:88:8a:e3:b7:bb:04:63:4d:23:2c:
                    63:7d:b5:0c:b8:57:35:74:ad:41:b4:b1:42:a8:1d:
                    ad:b8:a2:fe:b1:2d:c0:ad:df:97:7f:60:1f:ca:43:
                    ae:6e:ec:d9:f2:48:ea:37:71:db:bf:92:a8:22:1c:
                    96:ed:1c:8e:32:bf:76:6b:93:86:d8:ef:45:5a:cd:
                    66:a5:a8:bd:01:40:e6:7e:04:fc:34:7f:0d:ed:88:
                    a4:4f:f1:77:86:11:39:24:2e:89:f1:4a:67:79:2d:
                    f9:61:63:79:dd:c4:3a:8d:fa:b5:d8:74:2f:97:eb:
                    83:cc:d4:07:aa:bb:95:5c:63:cb:c1:11:45:ec:60:
                    c6:e1:b1:ec:cf:d2:73:b4:65:d1:ed:c8:52:89:df:
                    9c:8e:30:c5:8d:1f:e5:5a:83:c3:27:34:41:63:87:
                    15:aa:6f:af:89:30:1d:fb:62:65:9f:4c:b6:d3:2d:
                    32:04:de:11:0d:62:27:8e:59:a7:57:0e:ab:23:58:
                    d5:67:f5:5b:f6:9f:19:c6:83:05:0d:9b:9b:19:c0:
                    82:e7:b2:00:f2:17:f0:94:4e:6f:3b:9c:0c:df:b8:
                    2d:ed:7a:a4:b4:73:0d:9e:89:3c:d7:f4:1a:9b:75:
                    62:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:EA:54:E4:20:A2:C3:76:47:3B:95:85:99:3E:3F:AD:AF:F9:4B:82
            X509v3 Authority Key Identifier:
                keyid:F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:ea:ef:7b:13:b3:a4:30:f1:4a:3b:fa:f6:f8:c0:cb:ad:11:
         46:2f:c5:8c:0b:0b:56:38:1f:b7:54:f7:b2:1d:ee:e1:4a:47:
         3f:bc:88:d9:0c:4e:14:7b:bf:91:43:aa:76:af:d5:c1:72:81:
         c5:0a:f3:6b:b8:a1:08:4b:4a:21:69:5d:6e:96:b8:78:1c:5a:
         6b:6e:dc:d7:4d:2f:8f:03:f0:5b:65:52:cf:75:a7:1c:0a:97:
         3a:e7:ab:7e:08:20:b4:79:dc:33:af:ff:05:12:3a:c1:70:d3:
         5d:79:9b:85:5e:a7:7d:65:1a:51:97:ae:77:e6:42:a9:a4:e0:
         08:09:57:d0:22:e6:76:5d:a6:07:16:94:60:a6:da:d6:4c:b2:
         6e:b9:fa:a0:60:ce:bd:50:3a:fd:d8:cb:10:01:cc:30:86:e7:
         6f:30:3a:a3:1d:7e:4b:56:32:80:12:4a:5f:9e:b1:37:20:32:
         1d:8b:f3:97:a2:fd:12:76:7b:a1:07:3f:97:bc:be:84:95:b9:
         b8:28:b1:f1:c4:8f:97:02:50:f1:2c:16:ab:f0:4e:2e:0d:98:
         22:b2:2a:e2:6d:dd:88:a3:5e:38:b2:7e:a6:a9:79:26:22:4b:
         5a:96:93:0c:3e:0c:22:a4:2e:ac:e1:6a:cd:18:f9:84:bc:d1:
         56:f5:78:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WQysALYdUqaqPrBM7wzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjdmNmFiNmQzZDk2MzdkNWQ3ZWFjY2UzZGUzNzk0Yjlj
ZjNlMGYwHhcNMjUxMDE5MTIwMTU4WhcNMjUxMDIwMTIwMTU4WjAzMTEwLwYDVQQD
EygxNWVhNTRlNDIwYTJjMzc2NDczYjk1ODU5OTNlM2ZhZGFmZjk0YjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pIuKfG3BWhxUkZVF8fv28mXI4iK
47e7BGNNIyxjfbUMuFc1dK1BtLFCqB2tuKL+sS3Ard+Xf2AfykOubuzZ8kjqN3Hb
v5KoIhyW7RyOMr92a5OG2O9FWs1mpai9AUDmfgT8NH8N7YikT/F3hhE5JC6J8Upn
eS35YWN53cQ6jfq12HQvl+uDzNQHqruVXGPLwRFF7GDG4bHsz9JztGXR7chSid+c
jjDFjR/lWoPDJzRBY4cVqm+viTAd+2Jln0y20y0yBN4RDWInjlmnVw6rI1jVZ/Vb
9p8ZxoMFDZubGcCC57IA8hfwlE5vO5wM37gt7XqktHMNnok81/Qam3ViWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXqVOQgosN2RzuVhZk+P62v+UuCMB8GA1UdIwQY
MBaAFPS39qttPZY31dfqzOPeN5S5zz4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWIt
NmI4YWEwYTJjOTYwLzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWItNmI4YWEwYTJjOTYw
LzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUurvexOz
pDDxSjv69vjAy60RRi/FjAsLVjgft1T3sh3u4UpHP7yI2QxOFHu/kUOqdq/VwXKB
xQrza7ihCEtKIWldbpa4eBxaa27c100vjwPwW2VSz3WnHAqXOuerfgggtHncM6//
BRI6wXDTXXmbhV6nfWUaUZeud+ZCqaTgCAlX0CLmdl2mBxaUYKba1kyybrn6oGDO
vVA6/djLEAHMMIbnbzA6ox1+S1YygBJKX56xNyAyHYvzl6L9EnZ7oQc/l7y+hJW5
uCix8cSPlwJQ8SwWq/BOLg2YIrIq4m3diKNeOLJ+pql5JiJLWpaTDD4MIqQurOFq
zRj5hLzRVvV4lQ==
-----END CERTIFICATE-----