Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
File:                     tU0YlEyigIUFOR3pf6nWsrxhiZo.mft (raw, json)
Hash identifier:          FsT3TKaQQ0p0PuKeC63S5tFm5PVb5UPV7+AFOa8KLXk=
Subject key identifier:   4A:FB:18:35:50:34:B1:DB:33:D1:B3:A9:D6:10:4B:BE:3F:8E:F7:5E
Authority key identifier: B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A
Certificate issuer:       /CN=b54d18944ca2808505391de97fa9d6b2bc61899a
Certificate serial:       0199FBEBC54C089B0C1E9BCC1932CF836D6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
Manifest number:          117F
Signing time:             Sun 19 Oct 2025 10:02:36 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:36 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:36 +0000
Files and hashes:         1: tU0YlEyigIUFOR3pf6nWsrxhiZo.crl (hash: TkGPu4kITX3xwl4zBPTTZPXNg1HBw/ycUy/i6inkwjk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:c5:4c:08:9b:0c:1e:9b:cc:19:32:cf:83:6d:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b54d18944ca2808505391de97fa9d6b2bc61899a
        Validity
            Not Before: Oct 19 10:02:36 2025 GMT
            Not After : Oct 20 10:02:36 2025 GMT
        Subject: CN=4afb18355034b1db33d1b3a9d6104bbe3f8ef75e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:7d:41:ab:46:a3:b7:5f:f6:66:1c:ea:8a:90:
                    e1:ee:91:5e:bd:b5:a6:cc:58:0c:29:cd:73:c8:a1:
                    e9:05:81:47:b0:a6:1d:37:c9:c9:a7:94:ac:cc:85:
                    a2:d3:18:fd:09:6f:b3:36:88:ac:b9:09:d0:e2:ff:
                    38:64:19:03:7b:b4:0a:d4:67:e6:95:0d:a2:d1:03:
                    26:a3:f5:7e:14:a0:2d:5c:01:40:81:74:11:16:71:
                    10:f3:39:ab:a2:c7:45:8f:33:3a:89:f5:38:9c:69:
                    e6:2e:90:9e:88:a6:e8:7c:30:83:00:67:62:09:73:
                    89:1a:f5:16:67:f5:ae:6f:93:39:f3:ba:ce:a9:9d:
                    5d:98:1f:4d:bb:3e:94:13:df:40:f7:5f:54:4c:1c:
                    93:69:83:59:c2:cd:cf:36:f7:db:3e:b0:d1:39:89:
                    0d:db:56:1b:9f:2c:78:54:e6:da:be:fb:3f:ad:33:
                    7f:c9:44:c1:a7:b7:b9:9e:60:93:14:8e:fa:d1:c5:
                    e1:ad:37:3e:1c:ee:86:66:59:b3:36:bc:37:0f:ac:
                    c4:ff:5d:1f:85:4a:74:bc:64:8e:d1:07:da:0a:ac:
                    cc:dd:7a:c9:d2:54:0c:b5:26:7b:40:93:3c:68:d3:
                    64:aa:93:ca:8c:17:57:f1:36:85:b5:3d:ba:c1:95:
                    14:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:FB:18:35:50:34:B1:DB:33:D1:B3:A9:D6:10:4B:BE:3F:8E:F7:5E
            X509v3 Authority Key Identifier:
                keyid:B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:70:d9:4e:a9:f0:d2:f9:06:19:8f:41:d9:7c:cb:02:e1:52:
         53:be:69:fb:d1:de:01:1c:91:1a:f0:0d:da:4f:57:5c:77:19:
         15:6a:29:da:31:d0:8b:ea:9e:c5:bc:92:2f:54:d6:79:0d:25:
         5b:18:57:ff:5d:ce:bf:db:b3:7a:78:cf:d4:2b:1b:c9:6d:70:
         f2:dd:4a:98:34:e0:d9:a4:de:95:b9:10:34:f0:7e:a3:c7:59:
         b3:94:11:ac:84:1b:ec:b4:04:a9:42:3d:90:68:64:9a:6d:d7:
         4c:b2:1d:8d:97:93:54:03:8b:03:ec:fb:e0:b4:c3:14:1b:4e:
         c6:1a:8b:da:0e:2d:cb:a8:33:ec:fb:7d:f1:3f:cc:f2:f7:ff:
         dc:8e:fd:0c:d5:6a:58:75:df:9c:29:07:3d:cf:a4:61:e4:41:
         f8:f1:30:0d:8b:24:4b:e6:c5:1c:03:ca:22:55:52:dd:10:59:
         38:97:d5:9a:f6:0b:b1:7d:ae:b2:3c:5a:f8:33:7f:94:bc:47:
         11:77:b7:22:d9:04:2e:7b:b1:98:c1:b9:07:9b:b6:06:ca:fb:
         f1:13:43:a3:b1:b6:42:4c:a6:5d:12:59:c8:9c:59:9b:8a:8d:
         c3:ac:bb:7b:c1:67:76:21:e0:5f:3f:88:04:ab:bc:9a:04:2b:
         61:48:dc:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn768VMCJsMHpvMGTLPg21sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGQxODk0NGNhMjgwODUwNTM5MWRlOTdmYTlkNmIyYmM2
MTg5OWEwHhcNMjUxMDE5MTAwMjM2WhcNMjUxMDIwMTAwMjM2WjAzMTEwLwYDVQQD
Eyg0YWZiMTgzNTUwMzRiMWRiMzNkMWIzYTlkNjEwNGJiZTNmOGVmNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA131Bq0ajt1/2ZhzqipDh7pFevbWm
zFgMKc1zyKHpBYFHsKYdN8nJp5SszIWi0xj9CW+zNoisuQnQ4v84ZBkDe7QK1Gfm
lQ2i0QMmo/V+FKAtXAFAgXQRFnEQ8zmrosdFjzM6ifU4nGnmLpCeiKbofDCDAGdi
CXOJGvUWZ/Wub5M587rOqZ1dmB9Nuz6UE99A919UTByTaYNZws3PNvfbPrDROYkN
21Ybnyx4VObavvs/rTN/yUTBp7e5nmCTFI760cXhrTc+HO6GZlmzNrw3D6zE/10f
hUp0vGSO0QfaCqzM3XrJ0lQMtSZ7QJM8aNNkqpPKjBdX8TaFtT26wZUURQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEr7GDVQNLHbM9GzqdYQS74/jvdeMB8GA1UdIwQY
MBaAFLVNGJRMooCFBTkd6X+p1rK8YYmaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMt
ZjY4M2I5NjgxZDYxLzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMtZjY4M2I5NjgxZDYx
LzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbXDZTqnw
0vkGGY9B2XzLAuFSU75p+9HeARyRGvAN2k9XXHcZFWop2jHQi+qexbySL1TWeQ0l
WxhX/13Ov9uzenjP1CsbyW1w8t1KmDTg2aTelbkQNPB+o8dZs5QRrIQb7LQEqUI9
kGhkmm3XTLIdjZeTVAOLA+z74LTDFBtOxhqL2g4ty6gz7Pt98T/M8vf/3I79DNVq
WHXfnCkHPc+kYeRB+PEwDYskS+bFHAPKIlVS3RBZOJfVmvYLsX2usjxa+DN/lLxH
EXe3ItkELnuxmMG5B5u2Bsr78RNDo7G2QkymXRJZyJxZm4qNw6y7e8FndiHgXz+I
BKu8mgQrYUjcZQ==
-----END CERTIFICATE-----