Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File:                     OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier:          efNEF4/bRNzyS8xxw73W/0IFuqosWSYWpyH7uyoYHqA=
Subject key identifier:   F9:6C:48:72:5F:B8:4B:5F:F1:6F:26:7D:9C:AE:25:81:18:87:5D:21
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer:       /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial:       0199FC8FBEC42BBF9AF3A676395941922C2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 13:01:42 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:42 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:42 +0000
Files and hashes:         1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: wg549utUnF6ELd4G9iaIE4wIwwjOa74HvjoSlJcE+oo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:be:c4:2b:bf:9a:f3:a6:76:39:59:41:92:2c:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
        Validity
            Not Before: Oct 19 13:01:42 2025 GMT
            Not After : Oct 20 13:01:42 2025 GMT
        Subject: CN=f96c48725fb84b5ff16f267d9cae258118875d21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:cb:0e:3e:43:4b:98:6c:4c:b1:50:e5:e4:bf:
                    d2:5f:50:f4:18:ac:f5:0e:85:9b:a5:aa:54:b4:2c:
                    1c:cf:55:e7:df:ec:fe:1f:c8:6c:d4:7a:7f:e1:68:
                    96:8e:81:3c:d3:fd:ca:8e:39:8b:e1:7e:6f:71:9c:
                    a1:18:20:d0:f2:98:e2:0f:28:d6:ce:37:f9:6b:a8:
                    c6:d6:89:c3:18:f8:5b:c9:76:0e:2c:94:8e:41:92:
                    c6:f4:90:93:4c:20:d5:94:89:0d:5c:79:44:2c:05:
                    76:e7:75:f5:88:44:29:66:e8:28:90:5c:2c:76:76:
                    16:2e:4e:1b:ed:19:3c:30:23:0d:99:f0:9e:c6:6a:
                    34:14:6c:f6:72:3a:dd:96:58:94:ba:1d:7f:ef:13:
                    f8:0e:ba:bc:4e:b2:a1:31:83:42:03:6e:d6:a8:6f:
                    bf:5d:0e:a8:ba:b4:33:01:56:59:93:74:43:9b:20:
                    6a:d1:c7:bd:bc:4c:1e:e9:84:96:23:f0:2e:7d:60:
                    33:d4:c3:ae:c8:3d:3d:ae:6c:c9:95:81:d8:7f:c8:
                    39:dd:18:4d:da:86:15:90:0f:33:98:8f:dc:ab:9f:
                    3c:a5:cb:ff:07:80:20:9e:12:e5:b9:e7:7f:99:df:
                    ae:29:a6:9a:5e:8b:ba:50:8c:4f:67:3a:76:07:e9:
                    84:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:6C:48:72:5F:B8:4B:5F:F1:6F:26:7D:9C:AE:25:81:18:87:5D:21
            X509v3 Authority Key Identifier:
                keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:00:0b:28:d1:aa:3f:d7:a6:23:bc:3c:fa:04:35:3e:aa:bf:
         d6:09:c6:c1:fe:6b:92:2f:89:d5:ee:a2:d7:3d:dd:b2:b8:00:
         03:37:2b:71:d1:9e:21:92:34:d2:b5:6e:87:a8:3d:bb:bc:df:
         ea:c1:12:00:fc:73:bf:cc:ec:60:2f:2e:2b:b6:62:0e:f8:50:
         4e:2f:d9:fe:9b:4c:d7:7f:de:07:6d:c3:f7:24:72:75:04:27:
         a2:c5:6c:30:a2:49:37:0a:81:4f:b4:4a:ce:4b:01:65:4e:3a:
         71:7a:3d:85:dd:77:5e:48:2e:90:df:8a:8d:fd:2a:c2:4c:2f:
         51:64:c2:10:81:fc:f6:37:e8:07:e9:58:1c:82:56:a4:9f:47:
         d9:6e:60:e7:cc:1e:2f:fd:1a:17:c6:4c:1c:cf:c2:13:b7:94:
         c1:5c:1e:4d:27:d7:65:5f:b2:3e:7a:fd:90:a3:59:69:d4:14:
         47:56:1b:1f:57:2d:85:93:91:6a:92:ae:94:1f:79:28:81:4e:
         ea:35:d3:62:50:46:d7:54:20:84:60:31:92:0f:b5:5b:fb:2e:
         52:70:90:50:4b:6b:fd:86:73:ea:20:35:a7:1d:99:7f:43:a8:
         3e:87:c1:0b:27:2d:6b:1a:82:3b:d1:9c:fc:51:fe:40:7b:62:
         26:e6:b1:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j77EK7+a86Z2OVlBkiwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjUxMDE5MTMwMTQyWhcNMjUxMDIwMTMwMTQyWjAzMTEwLwYDVQQD
EyhmOTZjNDg3MjVmYjg0YjVmZjE2ZjI2N2Q5Y2FlMjU4MTE4ODc1ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMsOPkNLmGxMsVDl5L/SX1D0GKz1
DoWbpapUtCwcz1Xn3+z+H8hs1Hp/4WiWjoE80/3KjjmL4X5vcZyhGCDQ8pjiDyjW
zjf5a6jG1onDGPhbyXYOLJSOQZLG9JCTTCDVlIkNXHlELAV253X1iEQpZugokFws
dnYWLk4b7Rk8MCMNmfCexmo0FGz2cjrdlliUuh1/7xP4Drq8TrKhMYNCA27WqG+/
XQ6ourQzAVZZk3RDmyBq0ce9vEwe6YSWI/AufWAz1MOuyD09rmzJlYHYf8g53RhN
2oYVkA8zmI/cq588pcv/B4AgnhLlued/md+uKaaaXou6UIxPZzp2B+mE2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlsSHJfuEtf8W8mfZyuJYEYh10hMB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAngALKNGq
P9emI7w8+gQ1Pqq/1gnGwf5rki+J1e6i1z3dsrgAAzcrcdGeIZI00rVuh6g9u7zf
6sESAPxzv8zsYC8uK7ZiDvhQTi/Z/ptM13/eB23D9yRydQQnosVsMKJJNwqBT7RK
zksBZU46cXo9hd13XkgukN+Kjf0qwkwvUWTCEIH89jfoB+lYHIJWpJ9H2W5g58we
L/0aF8ZMHM/CE7eUwVweTSfXZV+yPnr9kKNZadQUR1YbH1cthZORapKulB95KIFO
6jXTYlBG11QghGAxkg+1W/suUnCQUEtr/YZz6iA1px2Zf0OoPofBCyctaxqCO9Gc
/FH+QHtiJuax7g==
-----END CERTIFICATE-----