Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft
File:                     t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft (raw, json)
Hash identifier:          gPiN66gfT5aMvyCCprA9Gs+/LjXVXXunhSj36qmLER4=
Subject key identifier:   CB:42:9B:AF:EB:65:1A:52:D4:37:52:9F:4C:5C:68:1C:85:83:F9:8D
Authority key identifier: B7:85:EC:73:DC:18:1F:99:35:65:9F:58:AE:D2:08:53:2A:2C:2A:6A
Certificate issuer:       /CN=b785ec73dc181f9935659f58aed208532a2c2a6a
Certificate serial:       0199FDD8C671B6427DD6212AA8472A87056B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft
Manifest number:          026F
Signing time:             Sun 19 Oct 2025 19:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:06 +0000
Files and hashes:         1: t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl (hash: DrAhEIWrWhkxv8O9daXd5X8YzE4YbSCRnqMJeze97Ac=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:c6:71:b6:42:7d:d6:21:2a:a8:47:2a:87:05:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b785ec73dc181f9935659f58aed208532a2c2a6a
        Validity
            Not Before: Oct 19 19:01:06 2025 GMT
            Not After : Oct 20 19:01:06 2025 GMT
        Subject: CN=cb429bafeb651a52d437529f4c5c681c8583f98d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:72:d6:97:07:7f:6c:16:57:d3:c9:07:ad:6a:
                    f6:fb:71:91:81:b2:fc:bb:4b:44:6c:ed:03:3b:4d:
                    e7:e9:40:54:a1:99:13:e7:b9:8b:81:65:da:b7:46:
                    ac:72:91:47:70:6d:ee:dc:ee:fe:32:2d:d3:8e:9c:
                    1c:82:9a:26:a1:2b:f0:c5:65:48:9e:98:6b:7d:65:
                    4b:7c:52:ec:d6:da:a0:e5:7f:90:d0:e8:59:87:97:
                    c2:6d:23:1a:53:eb:b9:1e:1d:88:a4:a0:d7:f2:ce:
                    89:44:57:c2:05:4a:42:d4:6c:44:d1:b8:f5:ae:1d:
                    27:26:eb:ad:c3:5d:fa:9a:56:1f:32:4a:16:6b:ca:
                    85:c3:18:0c:c8:10:06:b3:e5:50:08:2e:e3:d3:bf:
                    69:9a:63:db:e8:c1:f6:f6:56:ed:bd:46:7c:59:03:
                    6b:9f:7a:fe:1d:72:a5:20:6e:a5:06:7a:b7:c6:e8:
                    0c:9b:88:7f:e2:f2:60:20:3f:b6:f9:73:53:e3:d4:
                    b5:26:69:2e:29:af:53:98:06:ae:78:9c:bd:e9:46:
                    d7:61:81:71:2f:8d:5e:85:50:38:75:39:6d:fa:8a:
                    e3:d3:bc:b4:89:e9:ed:1b:36:b7:0b:f4:8f:88:8f:
                    4a:b0:68:fe:75:fb:72:56:c7:2b:ff:56:97:aa:12:
                    c2:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:42:9B:AF:EB:65:1A:52:D4:37:52:9F:4C:5C:68:1C:85:83:F9:8D
            X509v3 Authority Key Identifier:
                keyid:B7:85:EC:73:DC:18:1F:99:35:65:9F:58:AE:D2:08:53:2A:2C:2A:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:4f:29:12:50:20:34:86:9b:86:65:a2:0a:cf:59:23:b2:95:
         8a:19:29:1c:1e:2b:c9:45:72:a2:1b:b8:87:fe:d2:04:c9:60:
         09:47:44:b2:0c:d7:9b:70:3f:46:1d:0f:73:f5:2e:b1:d1:79:
         bc:55:af:78:35:40:a3:48:1a:f1:46:da:38:2e:df:cd:f3:8e:
         52:d4:bc:d4:c9:b9:62:1f:9a:97:18:34:3a:c2:fa:1f:46:9b:
         86:d9:cb:1d:11:56:2e:91:c8:74:33:b5:6d:c7:00:02:76:47:
         fe:f5:4b:b7:9f:d8:d7:fc:1a:68:f5:3b:b1:36:74:af:b3:67:
         7e:63:b1:e2:34:a8:3a:d4:a2:99:00:6d:ed:2d:1b:78:fb:89:
         0f:26:50:49:ef:c1:e4:d6:92:72:60:cc:63:15:95:02:9f:bf:
         2d:92:47:aa:a1:10:94:a1:9d:07:67:9e:fe:ab:f9:cc:be:b6:
         fa:57:41:60:67:96:35:dd:41:d4:f3:24:34:73:da:52:1e:71:
         ca:21:de:6d:f5:73:23:f7:c1:2c:98:c8:84:38:32:d8:f2:08:
         d8:b6:a0:3e:2a:5a:eb:69:9b:62:0a:ad:6c:2c:19:53:4e:30:
         ec:79:7c:9d:82:8d:5a:97:62:07:a4:8f:c3:ad:53:96:3d:f0:
         22:4e:61:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92MZxtkJ91iEqqEcqhwVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODVlYzczZGMxODFmOTkzNTY1OWY1OGFlZDIwODUzMmEy
YzJhNmEwHhcNMjUxMDE5MTkwMTA2WhcNMjUxMDIwMTkwMTA2WjAzMTEwLwYDVQQD
EyhjYjQyOWJhZmViNjUxYTUyZDQzNzUyOWY0YzVjNjgxYzg1ODNmOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHLWlwd/bBZX08kHrWr2+3GRgbL8
u0tEbO0DO03n6UBUoZkT57mLgWXat0ascpFHcG3u3O7+Mi3TjpwcgpomoSvwxWVI
nphrfWVLfFLs1tqg5X+Q0OhZh5fCbSMaU+u5Hh2IpKDX8s6JRFfCBUpC1GxE0bj1
rh0nJuutw136mlYfMkoWa8qFwxgMyBAGs+VQCC7j079pmmPb6MH29lbtvUZ8WQNr
n3r+HXKlIG6lBnq3xugMm4h/4vJgID+2+XNT49S1JmkuKa9TmAaueJy96UbXYYFx
L41ehVA4dTlt+orj07y0ientGza3C/SPiI9KsGj+dftyVscr/1aXqhLCCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtCm6/rZRpS1DdSn0xcaByFg/mNMB8GA1UdIwQY
MBaAFLeF7HPcGB+ZNWWfWK7SCFMqLCpqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lODU0MTgtNjRiMy00NDRiLTkxM2Et
NjNjMmJhNGM5OTZjLzEvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lODU0MTgtNjRiMy00NDRiLTkxM2EtNjNjMmJhNGM5OTZj
LzEvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKk8pElAg
NIabhmWiCs9ZI7KVihkpHB4ryUVyohu4h/7SBMlgCUdEsgzXm3A/Rh0Pc/UusdF5
vFWveDVAo0ga8UbaOC7fzfOOUtS81Mm5Yh+alxg0OsL6H0abhtnLHRFWLpHIdDO1
bccAAnZH/vVLt5/Y1/waaPU7sTZ0r7NnfmOx4jSoOtSimQBt7S0bePuJDyZQSe/B
5NaScmDMYxWVAp+/LZJHqqEQlKGdB2ee/qv5zL62+ldBYGeWNd1B1PMkNHPaUh5x
yiHebfVzI/fBLJjIhDgy2PII2LagPipa62mbYgqtbCwZU04w7Hl8nYKNWpdiB6SP
w61Tlj3wIk5hDg==
-----END CERTIFICATE-----