Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
File:                     dLJ8XVaEhkhT31uBVyIS7eMizgo.mft (raw, json)
Hash identifier:          tUx+kZgZ5CozPG5vGmv2NKk4e+6qZrRuwCOY2N1F5hQ=
Subject key identifier:   81:F2:88:0C:59:16:C5:63:27:BB:F1:CE:59:EA:5B:A0:A1:AB:86:5A
Authority key identifier: 74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A
Certificate issuer:       /CN=74b27c5d5684864853df5b81572212ede322ce0a
Certificate serial:       0199FD33ECF90871BFD58E2B08CE42863425
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
Manifest number:          03B7
Signing time:             Sun 19 Oct 2025 16:01:02 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:02 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:02 +0000
Files and hashes:         1: dLJ8XVaEhkhT31uBVyIS7eMizgo.crl (hash: uYC8SkPubVLIaM/tCIJafWaOe9nFR3GCy66zr7HAm1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:33:ec:f9:08:71:bf:d5:8e:2b:08:ce:42:86:34:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b27c5d5684864853df5b81572212ede322ce0a
        Validity
            Not Before: Oct 19 16:01:02 2025 GMT
            Not After : Oct 20 16:01:02 2025 GMT
        Subject: CN=81f2880c5916c56327bbf1ce59ea5ba0a1ab865a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:84:03:02:43:56:bd:63:7d:8b:65:26:d5:ac:
                    1a:38:e6:e7:cc:45:b8:40:7b:eb:31:ca:95:6b:c8:
                    a8:5f:68:3f:3c:b0:75:78:a2:bf:a8:20:ac:48:e4:
                    e2:4f:6a:a8:14:46:11:86:e4:a8:c8:b6:e4:7a:92:
                    03:4a:54:c4:30:da:d9:47:3e:3d:80:7a:0f:20:e1:
                    0d:21:88:fd:24:17:67:8b:8c:e5:db:46:58:a1:0a:
                    4a:21:93:c4:ac:e6:04:be:de:08:c5:fb:6d:8f:02:
                    2a:59:78:d1:c8:88:26:28:f0:c9:54:21:a9:fc:81:
                    62:61:bd:8a:5e:66:4b:88:98:15:03:37:91:48:f1:
                    c9:ce:3c:0b:b0:06:23:54:5b:f2:92:95:d6:9f:7b:
                    fc:5d:aa:a1:79:51:e6:31:46:70:50:98:15:c8:2d:
                    02:a4:52:5d:f3:bd:04:7d:cc:a5:6a:08:3d:a6:59:
                    49:9b:70:4f:30:63:88:d6:48:f2:82:b8:c9:ae:3a:
                    17:e2:ff:92:50:a7:0b:63:25:3f:b5:ef:6b:ff:7e:
                    0f:d4:9c:2a:ec:65:81:be:15:a0:45:f6:7f:03:10:
                    b6:7d:e7:c6:8c:2e:3b:19:2b:97:98:5a:2b:38:e8:
                    55:47:df:dd:03:37:49:4e:df:9f:3a:86:00:2d:c4:
                    93:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:F2:88:0C:59:16:C5:63:27:BB:F1:CE:59:EA:5B:A0:A1:AB:86:5A
            X509v3 Authority Key Identifier:
                keyid:74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:64:27:17:b8:8f:87:bc:6e:55:72:a3:c1:ff:59:26:7e:59:
         6c:89:00:8b:98:15:02:d5:fd:60:f5:e4:51:73:9e:f1:04:f5:
         7f:94:3b:8b:17:7f:0a:07:61:34:aa:6a:e6:2d:18:93:ca:d0:
         1e:e6:b0:0d:0d:52:a3:57:a4:67:e3:10:e3:2e:57:54:10:be:
         4f:31:e4:8f:e8:fd:9e:de:7c:09:73:73:1c:d0:0e:fa:29:8f:
         26:dc:d7:85:52:1f:a3:4e:41:cd:01:8e:af:cd:2b:8a:2a:5f:
         a3:48:25:79:0b:70:3b:cd:24:1e:ea:32:5e:21:92:21:7b:42:
         36:21:c2:01:cd:34:53:a7:21:4d:b1:21:53:d3:16:bc:1e:45:
         73:d4:8e:89:ff:77:99:a4:2c:d4:e9:af:bd:a7:39:f4:f2:c8:
         b9:84:55:3d:32:85:4a:3d:3f:59:6a:31:b8:0f:1b:04:05:26:
         38:12:30:08:94:79:92:77:53:4f:90:4d:ca:96:43:97:3a:af:
         5d:95:e9:b1:87:e0:72:17:56:0f:bb:69:12:52:7e:82:71:f2:
         92:38:fa:7f:0f:43:53:39:c3:ca:7c:75:2e:1f:89:05:9f:72:
         10:1d:0b:e1:94:86:7d:d7:c5:cc:08:46:13:86:fc:a9:cd:ad:
         b5:3c:7b:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9M+z5CHG/1Y4rCM5ChjQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjI3YzVkNTY4NDg2NDg1M2RmNWI4MTU3MjIxMmVkZTMy
MmNlMGEwHhcNMjUxMDE5MTYwMTAyWhcNMjUxMDIwMTYwMTAyWjAzMTEwLwYDVQQD
Eyg4MWYyODgwYzU5MTZjNTYzMjdiYmYxY2U1OWVhNWJhMGExYWI4NjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIQDAkNWvWN9i2Um1awaOObnzEW4
QHvrMcqVa8ioX2g/PLB1eKK/qCCsSOTiT2qoFEYRhuSoyLbkepIDSlTEMNrZRz49
gHoPIOENIYj9JBdni4zl20ZYoQpKIZPErOYEvt4IxfttjwIqWXjRyIgmKPDJVCGp
/IFiYb2KXmZLiJgVAzeRSPHJzjwLsAYjVFvykpXWn3v8XaqheVHmMUZwUJgVyC0C
pFJd870Efcylagg9pllJm3BPMGOI1kjygrjJrjoX4v+SUKcLYyU/te9r/34P1Jwq
7GWBvhWgRfZ/AxC2fefGjC47GSuXmForOOhVR9/dAzdJTt+fOoYALcSTkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHyiAxZFsVjJ7vxzlnqW6Chq4ZaMB8GA1UdIwQY
MBaAFHSyfF1WhIZIU99bgVciEu3jIs4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQt
MDEwYTk4NTZmNzg1LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQtMDEwYTk4NTZmNzg1
LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMWQnF7iP
h7xuVXKjwf9ZJn5ZbIkAi5gVAtX9YPXkUXOe8QT1f5Q7ixd/CgdhNKpq5i0Yk8rQ
HuawDQ1So1ekZ+MQ4y5XVBC+TzHkj+j9nt58CXNzHNAO+imPJtzXhVIfo05BzQGO
r80riipfo0gleQtwO80kHuoyXiGSIXtCNiHCAc00U6chTbEhU9MWvB5Fc9SOif93
maQs1Omvvac59PLIuYRVPTKFSj0/WWoxuA8bBAUmOBIwCJR5kndTT5BNypZDlzqv
XZXpsYfgchdWD7tpElJ+gnHykjj6fw9DUznDynx1Lh+JBZ9yEB0L4ZSGfdfFzAhG
E4b8qc2ttTx7tw==
-----END CERTIFICATE-----