Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft
File:                     JkQpgYmVnJWm1KdLdU9JlqWltlw.mft (raw, json)
Hash identifier:          bgAgoEE5C7y/09rf1yYmh4DSkpuWRCH8srZXaJkafR8=
Subject key identifier:   61:68:6E:E7:E9:63:A1:75:1D:9A:D6:3D:69:B8:19:2F:9B:F5:3E:1C
Authority key identifier: 26:44:29:81:89:95:9C:95:A6:D4:A7:4B:75:4F:49:96:A5:A5:B6:5C
Certificate issuer:       /CN=2644298189959c95a6d4a74b754f4996a5a5b65c
Certificate serial:       0199FBEB8B010337A4590077AC6C55ECCAE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkQpgYmVnJWm1KdLdU9JlqWltlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:02:21 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:21 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:21 +0000
Files and hashes:         1: JkQpgYmVnJWm1KdLdU9JlqWltlw.crl (hash: Ad3TfZjQegfHwMTwCkqgVh5tFGkJRVeTa22Pw+rjLdU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkQpgYmVnJWm1KdLdU9JlqWltlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:8b:01:03:37:a4:59:00:77:ac:6c:55:ec:ca:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2644298189959c95a6d4a74b754f4996a5a5b65c
        Validity
            Not Before: Oct 19 10:02:21 2025 GMT
            Not After : Oct 20 10:02:21 2025 GMT
        Subject: CN=61686ee7e963a1751d9ad63d69b8192f9bf53e1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d7:07:1f:34:4b:a9:25:cc:d5:85:94:e3:c8:
                    b3:0f:22:b5:66:a7:0b:37:8a:46:a0:44:f7:e0:3f:
                    35:ed:b8:13:13:20:80:e1:ec:67:be:2d:d7:7f:44:
                    b5:7e:7d:8a:6b:a7:3d:c5:4b:f5:e6:f3:bd:67:98:
                    38:e4:82:76:fe:d4:10:2d:38:ca:b3:4e:7e:22:74:
                    8f:7f:8a:30:ca:ec:cd:e8:ef:9e:d8:8b:c6:ef:aa:
                    b9:42:ec:90:7a:1f:d1:5a:49:fb:a4:f8:dd:ef:a1:
                    cb:3b:90:0c:88:45:55:d1:30:f7:18:7e:d3:0d:56:
                    87:f8:de:6c:55:92:b3:78:3e:c5:27:8b:87:bd:14:
                    0a:81:db:3b:0b:64:8a:d9:1d:82:f2:99:6f:7f:65:
                    87:39:e1:49:51:45:78:74:ad:2e:3b:a9:7f:90:5c:
                    4b:fa:8d:f0:ee:64:ff:5b:7d:0c:38:35:0d:a8:89:
                    ae:8b:8e:92:e5:44:d5:c0:c2:45:41:3e:6a:dc:c9:
                    b3:54:e3:21:e8:f7:95:c3:3f:5c:e3:66:8d:6e:e6:
                    5d:b4:71:b8:00:a8:e3:45:dc:3d:eb:2e:2d:3c:a5:
                    c6:f8:05:70:c5:7d:21:0f:73:4e:47:fb:22:d9:53:
                    2f:6d:a7:2c:d7:55:fb:bb:a4:4e:fb:d1:8e:0c:2c:
                    06:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:68:6E:E7:E9:63:A1:75:1D:9A:D6:3D:69:B8:19:2F:9B:F5:3E:1C
            X509v3 Authority Key Identifier:
                keyid:26:44:29:81:89:95:9C:95:A6:D4:A7:4B:75:4F:49:96:A5:A5:B6:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkQpgYmVnJWm1KdLdU9JlqWltlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:f4:8d:4f:0a:29:05:eb:9b:06:9a:cb:54:ba:4f:79:58:0e:
         a9:b5:71:dc:02:a9:09:fe:bb:a4:48:62:82:fe:4d:35:2f:e0:
         a6:7c:58:cb:cb:9a:a7:b2:53:8a:fb:16:b8:03:f9:53:18:4e:
         69:45:80:3b:12:35:85:c0:c3:24:cd:49:b4:aa:e2:6e:d2:63:
         f6:d2:fe:d8:1f:e2:db:c5:80:53:0e:bf:ef:89:61:89:4e:db:
         19:0a:91:93:ce:de:56:31:06:da:43:9d:01:1d:84:17:f8:dd:
         8b:bc:c7:95:94:9c:2a:be:1d:11:3c:1b:cf:92:3f:30:60:bb:
         aa:09:77:b8:4e:37:18:6d:1e:cd:9f:5b:05:21:8b:c8:30:28:
         fe:2d:a7:a4:1c:01:23:82:a7:18:db:fb:35:62:9b:f4:59:ef:
         69:ba:3e:ae:2f:71:24:57:e9:67:05:3b:81:7a:5f:5b:42:54:
         83:a1:3c:23:bc:27:95:0c:ac:f5:3f:83:8a:a4:ef:b3:82:19:
         d9:c0:6f:26:45:00:23:b8:b6:06:d4:62:d1:09:38:ab:ec:78:
         d1:c1:a8:73:79:ec:10:7f:c2:82:7b:6f:32:22:bc:7d:a2:26:
         e6:0b:bb:2d:ee:57:b1:c8:0e:90:0b:1b:35:3c:18:68:a0:c5:
         ed:30:2f:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn764sBAzekWQB3rGxV7MrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDQyOTgxODk5NTljOTVhNmQ0YTc0Yjc1NGY0OTk2YTVh
NWI2NWMwHhcNMjUxMDE5MTAwMjIxWhcNMjUxMDIwMTAwMjIxWjAzMTEwLwYDVQQD
Eyg2MTY4NmVlN2U5NjNhMTc1MWQ5YWQ2M2Q2OWI4MTkyZjliZjUzZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdcHHzRLqSXM1YWU48izDyK1ZqcL
N4pGoET34D817bgTEyCA4exnvi3Xf0S1fn2Ka6c9xUv15vO9Z5g45IJ2/tQQLTjK
s05+InSPf4owyuzN6O+e2IvG76q5QuyQeh/RWkn7pPjd76HLO5AMiEVV0TD3GH7T
DVaH+N5sVZKzeD7FJ4uHvRQKgds7C2SK2R2C8plvf2WHOeFJUUV4dK0uO6l/kFxL
+o3w7mT/W30MODUNqImui46S5UTVwMJFQT5q3MmzVOMh6PeVwz9c42aNbuZdtHG4
AKjjRdw96y4tPKXG+AVwxX0hD3NOR/si2VMvbacs11X7u6RO+9GODCwGUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFobufpY6F1HZrWPWm4GS+b9T4cMB8GA1UdIwQY
MBaAFCZEKYGJlZyVptSnS3VPSZalpbZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtRcGdZbVZuSldtMUtkTGRVOUpscVdsdGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZDE0ZDAtYmU4Yi00MTcwLTlmZDgt
MDdjZDRhMDYxYzgwLzEvSmtRcGdZbVZuSldtMUtkTGRVOUpscVdsdGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZDE0ZDAtYmU4Yi00MTcwLTlmZDgtMDdjZDRhMDYxYzgw
LzEvSmtRcGdZbVZuSldtMUtkTGRVOUpscVdsdGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyvSNTwop
BeubBprLVLpPeVgOqbVx3AKpCf67pEhigv5NNS/gpnxYy8uap7JTivsWuAP5UxhO
aUWAOxI1hcDDJM1JtKribtJj9tL+2B/i28WAUw6/74lhiU7bGQqRk87eVjEG2kOd
AR2EF/jdi7zHlZScKr4dETwbz5I/MGC7qgl3uE43GG0ezZ9bBSGLyDAo/i2npBwB
I4KnGNv7NWKb9Fnvabo+ri9xJFfpZwU7gXpfW0JUg6E8I7wnlQys9T+DiqTvs4IZ
2cBvJkUAI7i2BtRi0Qk4q+x40cGoc3nsEH/CgntvMiK8faIm5gu7Le5XscgOkAsb
NTwYaKDF7TAvcA==
-----END CERTIFICATE-----