Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          Brfa6/WbE94+xQ+OpzsEh46Usdz2q/4j6n3SYmPlAUI=
Subject key identifier:   BA:3C:41:3F:5A:93:A5:7F:01:DD:E3:E7:29:9D:FA:45:C4:D2:E5:A7
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       019A0035D6EEA8FAB372434E5C5B00ED9419
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          067E
Signing time:             Mon 20 Oct 2025 06:01:59 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:59 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:59 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: xWzJMEksMGaUXLmEuM+SVqvd36XHCqihprpLKU4EU60=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:d6:ee:a8:fa:b3:72:43:4e:5c:5b:00:ed:94:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: Oct 20 06:01:59 2025 GMT
            Not After : Oct 21 06:01:59 2025 GMT
        Subject: CN=ba3c413f5a93a57f01dde3e7299dfa45c4d2e5a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:5e:7d:0e:f5:5a:f5:5e:80:8d:a0:0a:ff:64:
                    ef:72:8e:22:67:b6:b0:dc:b9:40:b5:e3:1b:51:54:
                    b5:df:be:c2:70:66:25:66:d4:91:0d:92:65:af:a7:
                    19:9b:55:de:eb:b0:b2:71:23:c2:74:78:44:88:6e:
                    d9:79:ac:ac:09:96:0d:01:dd:a3:65:e9:40:ac:bb:
                    37:a8:df:b3:3a:09:7f:7e:1e:ff:e8:02:06:91:2d:
                    fc:2c:82:63:2d:69:37:e7:3f:e1:75:44:73:72:ef:
                    f8:12:95:33:ab:1f:a0:e1:e0:6f:74:7d:6b:6a:ea:
                    b1:0c:f8:b8:47:33:de:bb:15:27:42:df:f2:3f:b0:
                    23:3d:03:f7:c7:42:f2:12:02:78:8d:48:df:d7:6b:
                    52:cd:56:87:10:1e:f3:bc:37:9f:1d:0a:eb:43:df:
                    7d:ac:bd:1e:3c:a3:e7:a2:8a:72:7e:b0:72:53:ad:
                    dc:bf:ac:54:7a:23:95:3f:35:83:bc:a7:be:99:8e:
                    e8:69:37:89:ae:f0:95:6e:aa:dd:cf:35:46:52:42:
                    c4:7d:98:49:20:6e:6e:bd:97:26:ae:d5:46:4a:35:
                    79:f1:4a:25:14:45:93:06:c2:b4:2d:d4:31:a6:7c:
                    64:06:c0:bc:19:14:67:90:24:53:8c:35:bb:2d:bf:
                    4e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:3C:41:3F:5A:93:A5:7F:01:DD:E3:E7:29:9D:FA:45:C4:D2:E5:A7
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:37:34:3a:b0:88:79:06:b1:65:43:2c:53:b5:ab:b1:8f:c6:
         f6:35:45:48:af:d1:cb:48:e7:04:67:ab:f7:7f:7f:58:52:81:
         3e:aa:1e:45:ff:cc:c3:7d:7a:c6:14:80:09:be:b1:4d:42:4f:
         a9:f7:9c:f8:cb:d2:e3:53:9d:6f:c4:b3:e6:9d:5d:d7:bc:77:
         50:7d:95:2b:fa:88:81:41:e7:21:7d:17:c5:1c:1b:00:15:3b:
         1d:3e:9b:ce:ba:8c:9a:b3:49:8a:c3:82:02:ae:5a:b7:80:bc:
         af:0b:3a:bd:4d:32:96:41:bf:e0:c4:4d:87:62:f5:2c:f0:20:
         7f:62:ea:db:56:0d:ad:c7:5c:76:d5:d3:dd:ca:d5:28:ec:61:
         0b:1c:13:3c:98:59:ec:d1:66:51:50:44:ed:82:bc:d0:3d:b2:
         75:f2:f1:af:f6:b0:9b:cc:29:03:a4:ef:13:3e:f9:ac:4c:4a:
         24:90:af:78:eb:83:59:1e:ad:1e:04:c5:0f:3e:f1:0b:1d:9e:
         ab:88:b0:05:80:ec:07:ec:b1:36:27:ba:7d:da:e6:6b:24:1b:
         fc:99:0c:ae:49:95:fb:7f:35:66:00:1b:8a:06:b1:37:eb:ac:
         a6:25:5f:3c:e2:03:36:26:a5:3f:fe:d5:f3:6d:a8:45:fc:5d:
         68:90:e8:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANdbuqPqzckNOXFsA7ZQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjUxMDIwMDYwMTU5WhcNMjUxMDIxMDYwMTU5WjAzMTEwLwYDVQQD
EyhiYTNjNDEzZjVhOTNhNTdmMDFkZGUzZTcyOTlkZmE0NWM0ZDJlNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2159DvVa9V6AjaAK/2Tvco4iZ7aw
3LlAteMbUVS1377CcGYlZtSRDZJlr6cZm1Xe67CycSPCdHhEiG7ZeaysCZYNAd2j
ZelArLs3qN+zOgl/fh7/6AIGkS38LIJjLWk35z/hdURzcu/4EpUzqx+g4eBvdH1r
auqxDPi4RzPeuxUnQt/yP7AjPQP3x0LyEgJ4jUjf12tSzVaHEB7zvDefHQrrQ999
rL0ePKPnoopyfrByU63cv6xUeiOVPzWDvKe+mY7oaTeJrvCVbqrdzzVGUkLEfZhJ
IG5uvZcmrtVGSjV58UolFEWTBsK0LdQxpnxkBsC8GRRnkCRTjDW7Lb9OSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLo8QT9ak6V/Ad3j5ymd+kXE0uWnMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqzc0OrCI
eQaxZUMsU7WrsY/G9jVFSK/Ry0jnBGer939/WFKBPqoeRf/Mw316xhSACb6xTUJP
qfec+MvS41Odb8Sz5p1d17x3UH2VK/qIgUHnIX0XxRwbABU7HT6bzrqMmrNJisOC
Aq5at4C8rws6vU0ylkG/4MRNh2L1LPAgf2Lq21YNrcdcdtXT3crVKOxhCxwTPJhZ
7NFmUVBE7YK80D2ydfLxr/awm8wpA6TvEz75rExKJJCveOuDWR6tHgTFDz7xCx2e
q4iwBYDsB+yxNie6fdrmayQb/JkMrkmV+381ZgAbigaxN+uspiVfPOIDNialP/7V
822oRfxdaJDoyg==
-----END CERTIFICATE-----