Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          wUXCm9fZ8UA1XUOLuVdflB+iIyw91KPV06zKcf7N4aA=
Subject key identifier:   0D:F6:CE:4A:AA:D5:23:7E:13:CA:A7:72:76:1E:6F:10:13:AE:1D:93
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       0199FBEA72E9947AE7F5833E1A984A02EE09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0C6C
Signing time:             Sun 19 Oct 2025 10:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:09 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: w3xy8Sai1EZkJiyfnripqiGQgX8z/0OJt2GjYcol354=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:72:e9:94:7a:e7:f5:83:3e:1a:98:4a:02:ee:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Oct 19 10:01:09 2025 GMT
            Not After : Oct 20 10:01:09 2025 GMT
        Subject: CN=0df6ce4aaad5237e13caa772761e6f1013ae1d93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:15:19:35:4d:80:37:9b:34:5d:20:b8:f5:ef:
                    1b:e2:37:be:d2:b1:ef:42:ec:86:d9:5b:4e:e7:b7:
                    6c:09:c1:2e:bd:80:51:48:07:c1:dd:47:3a:43:f4:
                    ad:99:fd:1d:94:85:5c:b8:d5:1c:64:4b:22:d2:2d:
                    46:e9:2c:ed:00:5a:bc:c8:f4:0c:8a:9b:3e:75:0c:
                    43:78:53:12:ce:dc:07:7b:06:7e:0a:20:e7:a2:6e:
                    3c:c1:d4:e9:e4:f6:a6:c0:b9:db:cb:4b:12:cc:d1:
                    35:ee:f8:44:6d:2a:56:d3:aa:68:f0:e8:72:53:8b:
                    d0:be:17:40:97:0f:fa:23:30:93:91:f9:15:14:9f:
                    a3:22:9e:2e:41:e6:e2:c5:dc:1a:02:cf:01:6e:a1:
                    39:f2:7b:3c:16:d4:af:1e:a0:87:93:d6:3a:b0:a0:
                    a0:2e:82:31:9d:8b:6c:b8:86:6f:c4:48:b3:f4:ad:
                    7e:9d:eb:6e:31:0f:a5:80:06:c2:c4:d6:f6:51:01:
                    20:cf:c2:38:12:61:88:24:5e:d1:2a:cc:d7:0d:cf:
                    66:d4:3f:45:cf:78:99:ed:e9:16:6b:46:80:a2:bb:
                    a0:91:5e:eb:08:a4:9c:b3:6a:d8:37:84:37:22:8f:
                    af:c8:10:a7:74:b2:e4:5d:7f:28:6a:10:c7:f8:05:
                    0f:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:F6:CE:4A:AA:D5:23:7E:13:CA:A7:72:76:1E:6F:10:13:AE:1D:93
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:49:85:ba:c3:3a:b4:d5:f1:21:9f:28:4c:fc:0a:7e:c3:b2:
         aa:33:ca:2c:af:38:d8:e4:39:86:4d:1e:ad:dd:ef:5b:dc:f5:
         59:14:9b:cc:e9:3e:0d:9f:81:96:6c:3c:44:02:1b:fc:35:9b:
         a3:52:2e:f3:cc:4a:3d:74:83:d0:be:b6:62:40:6a:c2:35:62:
         a5:0b:b3:63:a3:72:03:2d:51:c2:48:15:ff:c8:d4:f4:ef:01:
         e9:3a:d1:b5:5b:15:01:dc:c5:53:cc:f7:e2:07:b3:c7:b2:2b:
         05:44:e1:34:8d:02:57:43:07:58:53:3c:1e:16:b8:d9:13:9b:
         49:05:2c:6a:bf:4e:f6:1f:5b:60:7d:9c:9e:8e:52:e2:ae:d9:
         01:13:c0:c5:3e:58:f5:2e:76:5e:6a:f6:7c:b6:05:52:8e:64:
         dd:2a:09:6f:82:92:06:82:25:9f:46:e1:9c:0b:f2:cd:64:fe:
         e1:af:f3:ea:bf:94:35:3c:61:42:d5:d2:3a:c0:9a:4e:b0:e5:
         8c:5b:f4:3e:36:b0:1d:bf:b1:c1:46:3e:9e:09:0a:61:7e:d4:
         fb:e6:cd:95:6a:ee:57:f0:46:ce:a7:59:35:c8:5e:a9:be:64:
         93:c8:c1:9d:3e:06:67:2a:4f:42:ef:df:00:b3:85:82:31:18:
         57:f5:ad:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76nLplHrn9YM+GphKAu4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjUxMDE5MTAwMTA5WhcNMjUxMDIwMTAwMTA5WjAzMTEwLwYDVQQD
EygwZGY2Y2U0YWFhZDUyMzdlMTNjYWE3NzI3NjFlNmYxMDEzYWUxZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRUZNU2AN5s0XSC49e8b4je+0rHv
QuyG2VtO57dsCcEuvYBRSAfB3Uc6Q/Stmf0dlIVcuNUcZEsi0i1G6SztAFq8yPQM
ips+dQxDeFMSztwHewZ+CiDnom48wdTp5PamwLnby0sSzNE17vhEbSpW06po8Ohy
U4vQvhdAlw/6IzCTkfkVFJ+jIp4uQebixdwaAs8BbqE58ns8FtSvHqCHk9Y6sKCg
LoIxnYtsuIZvxEiz9K1+netuMQ+lgAbCxNb2UQEgz8I4EmGIJF7RKszXDc9m1D9F
z3iZ7ekWa0aAorugkV7rCKScs2rYN4Q3Io+vyBCndLLkXX8oahDH+AUPeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA32zkqq1SN+E8qncnYebxATrh2TMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfkmFusM6
tNXxIZ8oTPwKfsOyqjPKLK842OQ5hk0erd3vW9z1WRSbzOk+DZ+Blmw8RAIb/DWb
o1Iu88xKPXSD0L62YkBqwjVipQuzY6NyAy1RwkgV/8jU9O8B6TrRtVsVAdzFU8z3
4gezx7IrBUThNI0CV0MHWFM8Hha42RObSQUsar9O9h9bYH2cno5S4q7ZARPAxT5Y
9S52Xmr2fLYFUo5k3SoJb4KSBoIln0bhnAvyzWT+4a/z6r+UNTxhQtXSOsCaTrDl
jFv0PjawHb+xwUY+ngkKYX7U++bNlWruV/BGzqdZNcheqb5kk8jBnT4GZypPQu/f
ALOFgjEYV/WtwQ==
-----END CERTIFICATE-----