Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft
File:                     d7tRRrULW8gaNXR6K75lKqC3Fnw.mft (raw, json)
Hash identifier:          dhHri1FoqaCYaQVLEOF7orwVtdTGeFhAAIanTtCbU4M=
Subject key identifier:   9C:60:D3:B8:FC:AF:A8:DE:67:1D:77:FE:CD:68:69:8B:56:1F:0C:15
Authority key identifier: 77:BB:51:46:B5:0B:5B:C8:1A:35:74:7A:2B:BE:65:2A:A0:B7:16:7C
Certificate issuer:       /CN=77bb5146b50b5bc81a35747a2bbe652aa0b7167c
Certificate serial:       0199FCC63BBDC999EE76A5C5691815FEAE01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft
Manifest number:          1387
Signing time:             Sun 19 Oct 2025 14:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:13 +0000
Files and hashes:         1: d7tRRrULW8gaNXR6K75lKqC3Fnw.crl (hash: DLSD8hRFYian1GRQPQVSGO8v5CN2YUgfoHm2uuQEzTA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:3b:bd:c9:99:ee:76:a5:c5:69:18:15:fe:ae:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77bb5146b50b5bc81a35747a2bbe652aa0b7167c
        Validity
            Not Before: Oct 19 14:01:13 2025 GMT
            Not After : Oct 20 14:01:13 2025 GMT
        Subject: CN=9c60d3b8fcafa8de671d77fecd68698b561f0c15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:57:88:cd:f1:98:20:29:b5:2f:06:b6:11:e9:
                    76:9c:56:bd:1f:90:6d:88:57:6f:05:a6:25:df:72:
                    66:11:7d:1d:6f:22:a3:89:d4:9d:c2:0d:43:19:06:
                    89:d3:9d:f4:7f:4f:38:7f:25:70:3c:60:da:44:8d:
                    49:1a:ae:e7:5a:93:10:cd:ba:a0:82:fa:3b:be:41:
                    2d:ae:0e:95:2c:94:15:07:9f:ac:cf:92:1e:a5:12:
                    fc:51:a9:06:6a:b8:0b:6d:f6:57:4b:b8:85:65:fb:
                    1f:14:8f:03:be:db:c9:0d:56:ec:f7:69:30:12:56:
                    c0:07:49:86:55:56:0d:b7:04:4b:19:25:67:aa:5d:
                    93:9d:55:b0:a4:36:fa:10:de:2c:43:e8:02:aa:40:
                    68:76:55:a7:ad:1b:25:17:98:d6:49:b5:73:ca:26:
                    5c:95:73:6f:ef:19:66:79:8f:72:32:44:29:c9:36:
                    e2:3e:15:44:b9:cb:d0:88:ff:a4:43:4e:55:48:86:
                    bf:bd:77:9e:7a:43:87:e9:7a:13:24:38:52:47:a0:
                    b7:45:59:4a:1f:b8:e2:76:11:b8:1f:5c:e8:48:43:
                    46:80:bd:5c:37:fc:7a:b9:70:9e:46:96:59:25:f8:
                    0c:fc:f4:7d:2d:6b:8a:32:98:4b:e8:c8:f3:7c:74:
                    8f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:60:D3:B8:FC:AF:A8:DE:67:1D:77:FE:CD:68:69:8B:56:1F:0C:15
            X509v3 Authority Key Identifier:
                keyid:77:BB:51:46:B5:0B:5B:C8:1A:35:74:7A:2B:BE:65:2A:A0:B7:16:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:5c:04:ad:d0:97:89:ac:82:7b:90:50:63:53:40:ee:87:f0:
         e7:47:81:97:00:a2:37:01:10:f9:64:ea:90:df:a6:58:7c:51:
         8e:48:ea:54:9d:28:e6:45:ce:73:e4:ff:d1:17:a6:ed:70:0d:
         41:42:9c:16:93:2e:1e:72:37:da:c1:4c:b6:88:54:f7:67:50:
         10:b6:00:d6:ac:50:0f:8a:00:ed:72:e5:82:2e:a2:3f:f8:05:
         f5:a1:4f:2b:24:c4:d1:0a:f0:38:6e:da:3c:e6:8f:fd:e7:4d:
         ac:cf:73:b4:55:45:b2:f2:5d:98:09:75:ef:ae:f3:76:55:f7:
         75:f4:48:c9:47:45:de:61:d6:f5:9d:09:34:8a:78:3b:a8:43:
         a0:3e:9a:31:13:ab:4b:e2:ee:3f:ee:61:d0:01:20:b8:2d:e3:
         a6:38:b7:a0:8c:79:36:7a:47:45:14:73:c9:90:7e:58:f2:2d:
         49:03:6c:8d:67:42:7b:00:ee:fa:47:28:fd:7d:8c:6f:93:e5:
         4c:8f:b0:36:a9:fd:3d:55:0b:5a:0a:f4:e1:a7:9b:03:8f:bc:
         97:8a:b1:1e:a9:1b:65:5b:5f:b0:c1:2e:92:65:c6:ef:5a:6b:
         73:14:08:1a:e0:7e:58:9c:f5:01:f8:ec:32:dc:1c:f5:53:0f:
         4b:2e:27:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xju9yZnudqXFaRgV/q4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmI1MTQ2YjUwYjViYzgxYTM1NzQ3YTJiYmU2NTJhYTBi
NzE2N2MwHhcNMjUxMDE5MTQwMTEzWhcNMjUxMDIwMTQwMTEzWjAzMTEwLwYDVQQD
Eyg5YzYwZDNiOGZjYWZhOGRlNjcxZDc3ZmVjZDY4Njk4YjU2MWYwYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VeIzfGYICm1Lwa2Eel2nFa9H5Bt
iFdvBaYl33JmEX0dbyKjidSdwg1DGQaJ0530f084fyVwPGDaRI1JGq7nWpMQzbqg
gvo7vkEtrg6VLJQVB5+sz5IepRL8UakGargLbfZXS7iFZfsfFI8DvtvJDVbs92kw
ElbAB0mGVVYNtwRLGSVnql2TnVWwpDb6EN4sQ+gCqkBodlWnrRslF5jWSbVzyiZc
lXNv7xlmeY9yMkQpyTbiPhVEucvQiP+kQ05VSIa/vXeeekOH6XoTJDhSR6C3RVlK
H7jidhG4H1zoSENGgL1cN/x6uXCeRpZZJfgM/PR9LWuKMphL6MjzfHSP0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxg07j8r6jeZx13/s1oaYtWHwwVMB8GA1UdIwQY
MBaAFHe7UUa1C1vIGjV0eiu+ZSqgtxZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82MTk5ZDQtMzI2MS00ZTBhLWFiNDYt
ZjA4N2U0Zjg1ZTUwLzEvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82MTk5ZDQtMzI2MS00ZTBhLWFiNDYtZjA4N2U0Zjg1ZTUw
LzEvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1wErdCX
iayCe5BQY1NA7ofw50eBlwCiNwEQ+WTqkN+mWHxRjkjqVJ0o5kXOc+T/0Rem7XAN
QUKcFpMuHnI32sFMtohU92dQELYA1qxQD4oA7XLlgi6iP/gF9aFPKyTE0QrwOG7a
POaP/edNrM9ztFVFsvJdmAl1767zdlX3dfRIyUdF3mHW9Z0JNIp4O6hDoD6aMROr
S+LuP+5h0AEguC3jpji3oIx5NnpHRRRzyZB+WPItSQNsjWdCewDu+kco/X2Mb5Pl
TI+wNqn9PVULWgr04aebA4+8l4qxHqkbZVtfsMEukmXG71prcxQIGuB+WJz1Afjs
Mtwc9VMPSy4n8g==
-----END CERTIFICATE-----