Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
File:                     v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json)
Hash identifier:          ozONUaNYra517eBkRP6d1MyNi2U/joBEw+vTQR0tUlk=
Subject key identifier:   4C:31:39:13:91:24:9F:51:7E:82:51:03:18:C9:59:CE:11:7C:F0:4F
Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36
Certificate issuer:       /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
Certificate serial:       0199FDD9919A480690E9D1C56DE7795A55D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
Manifest number:          0D82
Signing time:             Sun 19 Oct 2025 19:01:57 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:57 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:57 +0000
Files and hashes:         1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: x7m8HiPqrsVhFmq0eNAWCJAmRaniIDxQGbJjsh1RkDk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:91:9a:48:06:90:e9:d1:c5:6d:e7:79:5a:55:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
        Validity
            Not Before: Oct 19 19:01:57 2025 GMT
            Not After : Oct 20 19:01:57 2025 GMT
        Subject: CN=4c31391391249f517e82510318c959ce117cf04f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d9:dc:91:39:98:72:63:53:88:3f:63:69:e6:
                    37:de:72:3d:d1:93:40:4d:9d:4d:67:4b:43:c1:4a:
                    4d:f9:b8:4b:e6:77:44:58:7a:f8:03:d5:c9:d7:8b:
                    58:61:94:62:f4:c2:e0:e3:bb:95:18:89:66:b6:c6:
                    4b:78:31:f1:7f:24:2f:ca:5d:16:cb:c8:93:0f:60:
                    1b:d5:56:58:66:91:68:f9:40:35:18:dd:ec:c8:e6:
                    65:72:87:25:7f:6d:12:84:c8:20:a9:5d:2d:ca:05:
                    a9:53:e9:8a:83:9f:b4:d7:dc:1b:30:0c:fc:ae:94:
                    21:9e:84:b6:2c:64:3f:f9:a7:0b:e0:f3:b3:41:45:
                    6d:50:3e:bc:97:93:46:36:c4:31:60:8e:57:28:82:
                    56:99:60:f7:49:38:f7:0a:af:25:a5:ed:37:0d:68:
                    9d:b3:19:0a:d3:6c:12:5a:bd:a6:d4:9f:d7:7d:17:
                    8e:5d:5b:97:c4:86:bf:c6:b4:d6:bb:2a:57:cf:47:
                    ae:89:8b:00:f4:0e:99:dc:86:23:b8:04:b6:e9:1d:
                    b1:3e:3e:0e:94:6f:15:2c:c7:dd:c1:28:10:ae:7c:
                    a5:76:7f:9f:7d:6d:0c:38:0a:5e:4e:09:4c:0f:e7:
                    3e:1e:2a:eb:7a:3e:70:dc:50:df:b2:d7:56:b4:88:
                    f2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:31:39:13:91:24:9F:51:7E:82:51:03:18:C9:59:CE:11:7C:F0:4F
            X509v3 Authority Key Identifier:
                keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:67:ae:92:2e:35:a8:de:fc:e1:3e:33:ec:fd:18:9b:73:1e:
         36:47:ed:9c:a3:8d:36:f5:e2:55:0d:39:95:7a:81:59:dc:19:
         26:7b:a1:20:6d:4b:f0:90:37:7e:cd:62:05:60:c4:e3:63:8e:
         0a:85:64:a1:07:b4:5a:f2:d2:4f:6f:c8:63:7d:da:9b:a5:6c:
         26:08:11:82:f6:84:b3:d7:a5:2d:ad:ca:b9:16:f1:af:4d:86:
         10:10:7e:b8:bf:a1:46:04:a1:c6:36:bd:d7:d6:e7:e3:f4:be:
         b1:48:32:e1:35:97:12:ca:b2:83:4d:f8:7c:4e:aa:43:41:1f:
         30:8b:3a:1b:31:5c:88:cb:08:1d:75:11:c3:bd:ee:41:51:c3:
         87:5d:71:c0:ce:3e:b5:0e:67:1f:e9:8a:69:a1:34:88:68:39:
         3d:c6:4a:19:b0:83:b1:9f:1d:1d:71:9f:12:2d:39:b1:2c:a5:
         ee:63:3c:d8:c9:2f:ea:42:5f:c0:f7:84:49:12:64:95:b3:22:
         c1:ef:d4:3d:a7:c6:ba:20:50:25:0c:70:b2:c6:a0:df:9e:87:
         81:f6:d7:9d:fb:c8:e0:17:b8:be:2c:bf:f2:e0:ea:5b:d5:70:
         d6:72:f7:c6:d8:00:fb:e6:37:da:f6:69:0a:01:ee:a5:d6:7b:
         92:e6:1d:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92ZGaSAaQ6dHFbed5WlXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl
ODM0MzYwHhcNMjUxMDE5MTkwMTU3WhcNMjUxMDIwMTkwMTU3WjAzMTEwLwYDVQQD
Eyg0YzMxMzkxMzkxMjQ5ZjUxN2U4MjUxMDMxOGM5NTljZTExN2NmMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndnckTmYcmNTiD9jaeY33nI90ZNA
TZ1NZ0tDwUpN+bhL5ndEWHr4A9XJ14tYYZRi9MLg47uVGIlmtsZLeDHxfyQvyl0W
y8iTD2Ab1VZYZpFo+UA1GN3syOZlcoclf20ShMggqV0tygWpU+mKg5+019wbMAz8
rpQhnoS2LGQ/+acL4POzQUVtUD68l5NGNsQxYI5XKIJWmWD3STj3Cq8lpe03DWid
sxkK02wSWr2m1J/XfReOXVuXxIa/xrTWuypXz0euiYsA9A6Z3IYjuAS26R2xPj4O
lG8VLMfdwSgQrnyldn+ffW0MOApeTglMD+c+Hirrej5w3FDfstdWtIjy+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwxORORJJ9RfoJRAxjJWc4RfPBPMB8GA1UdIwQY
MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt
YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0
LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFGeuki41
qN784T4z7P0Ym3MeNkftnKONNvXiVQ05lXqBWdwZJnuhIG1L8JA3fs1iBWDE42OO
CoVkoQe0WvLST2/IY33am6VsJggRgvaEs9elLa3KuRbxr02GEBB+uL+hRgShxja9
19bn4/S+sUgy4TWXEsqyg034fE6qQ0EfMIs6GzFciMsIHXURw73uQVHDh11xwM4+
tQ5nH+mKaaE0iGg5PcZKGbCDsZ8dHXGfEi05sSyl7mM82Mkv6kJfwPeESRJklbMi
we/UPafGuiBQJQxwssag356HgfbXnfvI4Be4viy/8uDqW9Vw1nL3xtgA++Y32vZp
CgHupdZ7kuYdxQ==
-----END CERTIFICATE-----