Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft
File:                     SpR3QFKci4QPf4kzCXmshyyj-rg.mft (raw, json)
Hash identifier:          tHhnvUB44Cim/2CbpEJUPdRBAFEd+HdtqQWnvyaRzhE=
Subject key identifier:   B4:D4:E7:11:2C:B0:9C:2B:D0:27:71:E9:69:71:BF:FF:16:6F:88:4C
Authority key identifier: 4A:94:77:40:52:9C:8B:84:0F:7F:89:33:09:79:AC:87:2C:A3:FA:B8
Certificate issuer:       /CN=4a947740529c8b840f7f89330979ac872ca3fab8
Certificate serial:       0199FFC77B0B4065BB75F26023091B93D642
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft
Manifest number:          028E
Signing time:             Mon 20 Oct 2025 04:01:27 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:27 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:27 +0000
Files and hashes:         1: SpR3QFKci4QPf4kzCXmshyyj-rg.crl (hash: 2+5WwUDElUtf5n/O7EBpEF4TwyNAJOo0qvnLolZAUs8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:7b:0b:40:65:bb:75:f2:60:23:09:1b:93:d6:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a947740529c8b840f7f89330979ac872ca3fab8
        Validity
            Not Before: Oct 20 04:01:27 2025 GMT
            Not After : Oct 21 04:01:27 2025 GMT
        Subject: CN=b4d4e7112cb09c2bd02771e96971bfff166f884c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a2:a3:eb:0f:56:29:ee:3a:65:6f:6f:82:09:
                    52:89:8b:39:09:2a:60:30:2d:95:9d:c4:e4:50:50:
                    50:b2:ef:7e:a4:95:91:35:4a:e5:3e:ec:1e:05:ac:
                    37:6f:c8:84:7d:aa:86:86:71:76:3e:4d:91:26:26:
                    f1:bc:a2:8f:57:d2:80:0b:4b:45:57:fc:20:fc:ec:
                    65:01:39:e8:13:d3:68:4c:75:9e:98:f6:fa:78:75:
                    98:b9:05:99:70:64:43:2c:56:28:42:07:e7:9c:09:
                    a9:d9:6d:6d:cb:e8:c8:3a:f0:8a:dd:3e:31:c3:ea:
                    44:da:2e:4b:6e:2b:22:b9:a1:2f:2e:c0:65:1d:5c:
                    21:49:2d:13:31:81:71:22:08:1e:7d:fd:31:2c:09:
                    91:77:8c:5f:d1:6a:19:ad:a8:50:3f:7a:37:b9:1c:
                    66:4a:5d:1e:97:4d:55:01:de:78:45:57:05:9f:d3:
                    ca:d2:46:41:a8:6a:b1:13:64:f7:d4:b1:68:b0:15:
                    a4:87:09:4c:36:5d:54:2c:88:9b:83:04:33:7f:31:
                    a8:44:a2:50:13:88:17:6a:ce:4e:fc:20:7d:48:54:
                    f5:74:a8:82:c8:b5:15:23:0b:5b:60:74:86:eb:6a:
                    c2:2e:ba:89:98:64:12:3a:15:2d:62:7f:1f:9e:55:
                    cf:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:D4:E7:11:2C:B0:9C:2B:D0:27:71:E9:69:71:BF:FF:16:6F:88:4C
            X509v3 Authority Key Identifier:
                keyid:4A:94:77:40:52:9C:8B:84:0F:7F:89:33:09:79:AC:87:2C:A3:FA:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:77:fe:59:bb:92:65:0e:38:8f:2b:a3:bd:dd:c0:60:e7:23:
         29:47:da:44:9c:a7:f6:bb:2b:62:42:d9:a6:dd:fb:bf:93:78:
         14:e8:b5:aa:54:1e:94:1b:a4:2e:39:b9:2e:a5:8d:aa:53:b7:
         e8:92:e9:b3:3c:ae:a4:df:5e:c5:a2:de:4e:28:89:18:01:ad:
         77:ea:a0:6f:4d:89:97:91:1b:9c:0c:35:3c:85:85:2d:a9:d4:
         67:8a:4a:e8:6d:e8:94:d6:3b:05:3d:cc:d5:fb:f1:ea:10:b9:
         1b:2c:8b:87:12:50:6f:bc:d2:fc:7c:c7:4f:cf:d2:78:53:57:
         7d:9c:a9:6e:72:02:84:08:40:87:1d:54:6e:e7:5e:93:25:0e:
         31:6e:01:3a:0c:c3:ee:55:bb:df:7e:5c:5a:a0:8e:00:d6:1c:
         0d:44:4b:40:58:05:77:3c:bd:c0:29:ba:e0:fc:c7:2a:9c:22:
         ca:3c:76:d9:a1:03:49:3a:de:ab:a0:33:e4:c3:c6:04:6c:bc:
         27:69:45:4c:9d:24:32:21:23:d5:02:52:02:f6:85:2f:c4:23:
         20:46:ac:69:45:6f:2c:c7:ae:5f:04:7c:22:74:79:a7:e2:72:
         42:2a:7c:d6:70:b7:26:32:72:3e:b8:1d:e2:06:bf:6f:41:61:
         58:a9:f5:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x3sLQGW7dfJgIwkbk9ZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOTQ3NzQwNTI5YzhiODQwZjdmODkzMzA5NzlhYzg3MmNh
M2ZhYjgwHhcNMjUxMDIwMDQwMTI3WhcNMjUxMDIxMDQwMTI3WjAzMTEwLwYDVQQD
EyhiNGQ0ZTcxMTJjYjA5YzJiZDAyNzcxZTk2OTcxYmZmZjE2NmY4ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKKj6w9WKe46ZW9vgglSiYs5CSpg
MC2VncTkUFBQsu9+pJWRNUrlPuweBaw3b8iEfaqGhnF2Pk2RJibxvKKPV9KAC0tF
V/wg/OxlATnoE9NoTHWemPb6eHWYuQWZcGRDLFYoQgfnnAmp2W1ty+jIOvCK3T4x
w+pE2i5LbisiuaEvLsBlHVwhSS0TMYFxIggeff0xLAmRd4xf0WoZrahQP3o3uRxm
Sl0el01VAd54RVcFn9PK0kZBqGqxE2T31LFosBWkhwlMNl1ULIibgwQzfzGoRKJQ
E4gXas5O/CB9SFT1dKiCyLUVIwtbYHSG62rCLrqJmGQSOhUtYn8fnlXPrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTU5xEssJwr0Cdx6Wlxv/8Wb4hMMB8GA1UdIwQY
MBaAFEqUd0BSnIuED3+JMwl5rIcso/q4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lOTBkNmItNTJlMC00MTk1LTg4YWYt
N2RiMjVhZDdjZDRjLzEvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9lOTBkNmItNTJlMC00MTk1LTg4YWYtN2RiMjVhZDdjZDRj
LzEvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA3f+WbuS
ZQ44jyujvd3AYOcjKUfaRJyn9rsrYkLZpt37v5N4FOi1qlQelBukLjm5LqWNqlO3
6JLpszyupN9exaLeTiiJGAGtd+qgb02Jl5EbnAw1PIWFLanUZ4pK6G3olNY7BT3M
1fvx6hC5GyyLhxJQb7zS/HzHT8/SeFNXfZypbnIChAhAhx1UbudekyUOMW4BOgzD
7lW7335cWqCOANYcDURLQFgFdzy9wCm64PzHKpwiyjx22aEDSTreq6Az5MPGBGy8
J2lFTJ0kMiEj1QJSAvaFL8QjIEasaUVvLMeuXwR8InR5p+JyQip81nC3JjJyPrgd
4ga/b0FhWKn1Zw==
-----END CERTIFICATE-----