Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          16lhdJG4VIfD3XDVmPUKehIvNe41G/psGO5Ga4xL2pw=
Subject key identifier:   D5:F9:B9:0F:50:39:E4:52:90:3E:8D:1E:BA:71:58:FC:DD:19:4C:71
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       0199FC587EB0C597436E34A361B837B3E5C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          0834
Signing time:             Sun 19 Oct 2025 12:01:21 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:21 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:21 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: 3ecrppuALryb/pEpafZe3AH1NmsDRDYEzfAwCdtxgWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:7e:b0:c5:97:43:6e:34:a3:61:b8:37:b3:e5:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Oct 19 12:01:21 2025 GMT
            Not After : Oct 20 12:01:21 2025 GMT
        Subject: CN=d5f9b90f5039e452903e8d1eba7158fcdd194c71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:75:ed:62:3c:e1:16:4f:1b:b6:08:50:d3:6b:
                    e6:08:77:71:ee:b0:41:d9:4e:50:01:03:78:98:15:
                    db:f6:d4:0a:ec:4f:ae:90:73:bf:0a:f3:f4:65:16:
                    9d:42:f5:d0:f5:8a:64:29:b6:5e:50:fc:22:42:c5:
                    21:11:6f:a2:c9:be:45:c3:f0:22:cb:26:d4:fc:46:
                    46:3c:5d:7a:74:14:57:3b:10:fe:be:1b:d6:02:44:
                    ae:8d:97:46:2b:2d:d4:03:5b:36:6d:7d:20:90:67:
                    79:f6:88:59:14:76:21:2f:fb:5a:b6:28:dd:6c:81:
                    b3:de:bb:14:67:78:3e:cc:48:ca:63:e1:5a:87:34:
                    5f:e9:6d:88:82:42:f9:08:3c:44:c4:a1:28:f0:8d:
                    05:d5:ff:dc:d0:c9:ed:d3:d7:d1:63:08:6c:bf:aa:
                    70:ea:73:c8:f6:26:59:6a:aa:79:33:58:4e:2c:64:
                    0f:7c:d6:df:ff:71:06:67:23:f6:24:0c:9e:6e:ab:
                    c5:fe:95:bf:d1:76:ed:84:8f:81:cf:bd:80:d9:cc:
                    5c:2e:69:77:53:b7:18:30:e9:de:4c:77:15:3b:83:
                    db:9a:11:45:07:5b:e9:85:75:16:59:3b:6f:5e:1e:
                    bc:c1:3c:d6:cc:ed:ee:80:41:5d:93:54:06:2c:40:
                    99:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:F9:B9:0F:50:39:E4:52:90:3E:8D:1E:BA:71:58:FC:DD:19:4C:71
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:31:52:2a:f4:ab:cc:2e:11:55:cb:6a:a3:c4:83:17:2c:7f:
         fd:44:c2:ce:85:92:91:a0:07:25:47:4b:7b:23:a4:2d:69:4b:
         78:6a:f5:46:60:de:fe:74:ee:ce:40:c1:8d:61:15:98:a7:32:
         2b:54:5f:f4:6f:f1:d7:71:7d:1b:6a:76:43:26:a8:a7:48:99:
         1c:67:c6:e2:99:a1:3e:50:ce:24:94:86:67:37:ef:b0:00:03:
         17:a1:db:92:c4:85:78:5c:a6:12:a5:ca:2e:4f:83:d2:f2:ea:
         50:31:f3:23:a0:5a:be:45:1d:d7:5d:28:8f:cb:c6:6c:ba:3e:
         28:91:8a:e6:86:d6:06:f9:69:c8:47:2c:80:d1:0d:fd:9b:d0:
         fe:1b:49:ae:2e:0b:0f:d4:61:79:c0:da:6c:3e:cc:4c:df:78:
         b1:1d:54:e9:ac:46:4d:9c:61:3c:41:a4:2b:82:aa:c0:ec:00:
         ee:1f:1b:05:7c:6c:37:0c:bc:04:f7:c8:99:9e:9e:3a:22:5c:
         24:c4:51:5f:fb:27:0a:6a:b3:9d:ec:fd:b0:71:04:ef:d3:db:
         22:03:33:b2:cf:5b:ac:c6:78:31:9b:44:5e:ad:b9:7e:46:8c:
         77:ed:77:1d:c4:fb:c3:e8:82:0e:cc:4e:25:99:c3:87:88:d1:
         6d:f5:f3:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WH6wxZdDbjSjYbg3s+XHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjUxMDE5MTIwMTIxWhcNMjUxMDIwMTIwMTIxWjAzMTEwLwYDVQQD
EyhkNWY5YjkwZjUwMzllNDUyOTAzZThkMWViYTcxNThmY2RkMTk0YzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHXtYjzhFk8btghQ02vmCHdx7rBB
2U5QAQN4mBXb9tQK7E+ukHO/CvP0ZRadQvXQ9YpkKbZeUPwiQsUhEW+iyb5Fw/Ai
yybU/EZGPF16dBRXOxD+vhvWAkSujZdGKy3UA1s2bX0gkGd59ohZFHYhL/tatijd
bIGz3rsUZ3g+zEjKY+FahzRf6W2IgkL5CDxExKEo8I0F1f/c0Mnt09fRYwhsv6pw
6nPI9iZZaqp5M1hOLGQPfNbf/3EGZyP2JAyebqvF/pW/0XbthI+Bz72A2cxcLml3
U7cYMOneTHcVO4PbmhFFB1vphXUWWTtvXh68wTzWzO3ugEFdk1QGLECZbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNX5uQ9QOeRSkD6NHrpxWPzdGUxxMB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPTFSKvSr
zC4RVctqo8SDFyx//UTCzoWSkaAHJUdLeyOkLWlLeGr1RmDe/nTuzkDBjWEVmKcy
K1Rf9G/x13F9G2p2Qyaop0iZHGfG4pmhPlDOJJSGZzfvsAADF6HbksSFeFymEqXK
Lk+D0vLqUDHzI6BavkUd110oj8vGbLo+KJGK5obWBvlpyEcsgNEN/ZvQ/htJri4L
D9RhecDabD7MTN94sR1U6axGTZxhPEGkK4KqwOwA7h8bBXxsNwy8BPfImZ6eOiJc
JMRRX/snCmqznez9sHEE79PbIgMzss9brMZ4MZtEXq25fkaMd+13HcT7w+iCDsxO
JZnDh4jRbfXz8A==
-----END CERTIFICATE-----