Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
File:                     BaQevhJyohyuDqGzXcCD-taKXX0.mft (raw, json)
Hash identifier:          ulGGwRJSoH3iId4ygWtQGzz2imOpcaR75hXExab0CNg=
Subject key identifier:   E7:BB:6C:F8:FB:AB:31:8F:CE:77:20:DD:07:CD:66:B9:20:D2:22:42
Authority key identifier: 05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D
Certificate issuer:       /CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
Certificate serial:       0199FBEC48E49445BDD9D2726C048FC2ECEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:03:10 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:10 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:10 +0000
Files and hashes:         1: BaQevhJyohyuDqGzXcCD-taKXX0.crl (hash: W8iCTW36C4Th8ikYpT7DQT7XjRmAFgBooSOISI/cS0A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:48:e4:94:45:bd:d9:d2:72:6c:04:8f:c2:ec:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
        Validity
            Not Before: Oct 19 10:03:10 2025 GMT
            Not After : Oct 20 10:03:10 2025 GMT
        Subject: CN=e7bb6cf8fbab318fce7720dd07cd66b920d22242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:65:ea:1d:65:bc:e5:d3:32:4d:48:4b:b8:0a:
                    91:74:a3:02:6d:3a:b8:95:27:75:0c:68:12:47:1c:
                    a8:bc:56:55:2b:cb:5f:c7:9c:31:33:e8:e3:cc:88:
                    5b:ee:69:5d:36:aa:69:34:82:97:11:71:5a:2f:aa:
                    9c:67:5f:8e:e4:b0:27:a8:30:12:95:0f:d6:b1:a9:
                    cf:49:47:80:a2:54:10:21:ef:7e:07:27:62:8d:b2:
                    2f:0e:93:1f:12:10:f3:a0:06:ed:74:81:72:76:f7:
                    d2:dd:50:13:03:5d:50:76:cc:53:0b:c4:96:6e:eb:
                    b3:b4:5d:8e:72:57:e6:38:cd:8d:a2:a1:9a:a2:46:
                    ea:fa:a5:56:3d:12:94:9c:49:8c:b0:b3:b8:f3:d7:
                    bf:0e:d9:65:53:c0:12:41:9b:0a:17:19:11:da:d9:
                    0b:4c:91:38:e7:8f:c2:0d:95:4a:bf:50:00:94:4f:
                    0e:f1:fc:c6:16:53:54:49:2e:02:ca:d4:97:aa:cb:
                    2e:95:3d:67:b3:7f:e0:d0:a6:aa:97:88:a3:20:2f:
                    9b:60:69:bf:a4:f0:29:b4:18:cc:ae:1b:c7:6c:9f:
                    55:d0:f7:60:32:e5:5f:9a:51:c4:74:d3:87:e3:60:
                    22:ae:d4:ed:10:db:15:31:7a:b0:b2:12:39:56:fb:
                    54:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:BB:6C:F8:FB:AB:31:8F:CE:77:20:DD:07:CD:66:B9:20:D2:22:42
            X509v3 Authority Key Identifier:
                keyid:05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:c5:41:10:97:cb:de:18:ab:88:b0:fd:ce:50:98:ea:c1:49:
         65:58:b4:bd:9d:ae:97:31:65:6a:02:27:df:e4:67:eb:67:99:
         5b:61:89:86:d1:0d:2a:1f:23:be:73:f4:e4:a3:be:50:85:21:
         7f:48:df:2a:9c:d1:a7:c0:49:8b:33:ae:8b:3d:a7:70:c2:58:
         83:4a:24:96:75:98:a7:05:e2:c3:62:55:57:c2:78:dc:01:4b:
         9f:e5:ac:90:84:7c:70:b1:08:31:f0:df:b3:9e:2a:ce:9e:d1:
         71:b2:82:d9:67:e5:85:fe:73:9e:a2:b4:8f:cf:4b:ba:ac:8e:
         5e:51:6d:92:76:6c:04:e4:41:87:5a:77:b8:c1:48:1d:89:a9:
         c1:48:cc:d6:c2:07:73:e2:a3:8d:f7:8d:b6:55:cd:6d:a1:7d:
         fc:79:7c:78:a3:8d:07:c4:82:c9:10:09:30:88:58:ba:70:34:
         16:71:75:8b:be:62:32:71:8b:4b:5e:84:29:9a:93:4f:f8:f1:
         e9:8e:ff:97:74:97:40:10:4f:10:73:88:9d:f6:20:2c:69:99:
         bb:5f:d6:7b:28:1a:6d:11:78:a3:b9:27:32:4e:ca:83:40:56:
         13:dd:b0:71:aa:67:13:a3:e8:4c:18:fa:a6:23:b2:2f:22:38:
         01:e9:30:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77EjklEW92dJybASPwuzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YTQxZWJlMTI3MmEyMWNhZTBlYTFiMzVkYzA4M2ZhZDY4
YTVkN2QwHhcNMjUxMDE5MTAwMzEwWhcNMjUxMDIwMTAwMzEwWjAzMTEwLwYDVQQD
EyhlN2JiNmNmOGZiYWIzMThmY2U3NzIwZGQwN2NkNjZiOTIwZDIyMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmXqHWW85dMyTUhLuAqRdKMCbTq4
lSd1DGgSRxyovFZVK8tfx5wxM+jjzIhb7mldNqppNIKXEXFaL6qcZ1+O5LAnqDAS
lQ/WsanPSUeAolQQIe9+BydijbIvDpMfEhDzoAbtdIFydvfS3VATA11QdsxTC8SW
buuztF2OclfmOM2NoqGaokbq+qVWPRKUnEmMsLO489e/DtllU8ASQZsKFxkR2tkL
TJE454/CDZVKv1AAlE8O8fzGFlNUSS4CytSXqssulT1ns3/g0Kaql4ijIC+bYGm/
pPAptBjMrhvHbJ9V0PdgMuVfmlHEdNOH42AirtTtENsVMXqwshI5VvtUIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOe7bPj7qzGPzncg3QfNZrkg0iJCMB8GA1UdIwQY
MBaAFAWkHr4ScqIcrg6hs13Ag/rWil19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAt
MTY3ODMxNjEzMTQ1LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAtMTY3ODMxNjEzMTQ1
LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdcVBEJfL
3hiriLD9zlCY6sFJZVi0vZ2ulzFlagIn3+Rn62eZW2GJhtENKh8jvnP05KO+UIUh
f0jfKpzRp8BJizOuiz2ncMJYg0oklnWYpwXiw2JVV8J43AFLn+WskIR8cLEIMfDf
s54qzp7RcbKC2Wflhf5znqK0j89LuqyOXlFtknZsBORBh1p3uMFIHYmpwUjM1sIH
c+KjjfeNtlXNbaF9/Hl8eKONB8SCyRAJMIhYunA0FnF1i75iMnGLS16EKZqTT/jx
6Y7/l3SXQBBPEHOInfYgLGmZu1/WeygabRF4o7knMk7Kg0BWE92wcapnE6PoTBj6
piOyLyI4AekwrQ==
-----END CERTIFICATE-----