Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
File:                     rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft (raw, json)
Hash identifier:          eWLLyRCCuvNwEyN0UJfgNQ8KBsbalUk1+yrJV/QuZxw=
Subject key identifier:   2F:79:CD:1F:EE:FA:20:14:4A:05:38:C3:D2:E0:98:99:58:E8:8B:09
Authority key identifier: AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78
Certificate issuer:       /CN=ad30fb4388ee67144ae04ddc86812d63e028f478
Certificate serial:       0199FBEA7F939854EE3ED712DC8C0C555493
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:13 +0000
Files and hashes:         1: rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl (hash: Czm0OjeMETFCouckin3PYNBZOY1HdGFaYvCSQK5mVGo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:7f:93:98:54:ee:3e:d7:12:dc:8c:0c:55:54:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad30fb4388ee67144ae04ddc86812d63e028f478
        Validity
            Not Before: Oct 19 10:01:13 2025 GMT
            Not After : Oct 20 10:01:13 2025 GMT
        Subject: CN=2f79cd1feefa20144a0538c3d2e0989958e88b09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:59:b9:9c:75:e3:d1:a7:9e:cf:5f:ce:73:82:
                    24:7e:b1:05:ec:fd:b1:b5:99:9d:67:81:17:be:51:
                    65:8c:59:a8:28:b9:d6:a6:33:99:7d:ff:08:15:b7:
                    4b:8d:b7:2f:5f:cc:1d:33:9f:d3:d4:dc:6a:00:31:
                    dd:9e:db:33:79:21:2c:53:d8:29:e5:04:4d:c9:c1:
                    27:d4:9d:6b:c8:37:d7:3d:32:a5:a9:21:9c:31:c3:
                    d9:b9:87:a6:c1:47:1a:83:b5:dd:bf:2c:1b:09:8a:
                    f7:fe:6e:11:38:bb:0a:39:b9:0c:71:16:30:0b:b9:
                    b3:2c:a3:94:36:a0:9b:ae:aa:f2:54:39:a4:97:23:
                    af:d3:eb:c9:77:b1:ba:c2:7b:6e:5a:08:58:8b:98:
                    d7:f4:8d:3e:59:b0:68:ea:40:3b:70:6d:fe:06:d0:
                    ad:af:d3:4c:11:18:91:80:12:a3:4c:0b:bf:48:1d:
                    b6:e5:65:b6:fc:24:23:6f:67:8e:b3:3b:da:a7:29:
                    79:d2:da:47:01:62:25:3e:a1:33:79:ae:b4:77:64:
                    11:bb:a9:70:a4:a7:cb:a0:d2:55:6b:ce:11:bd:69:
                    84:79:04:d0:0f:c7:30:8b:a1:33:06:c9:0c:2f:47:
                    04:16:ae:e9:3c:9c:84:a2:4d:3a:82:f4:0a:41:7d:
                    fa:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:79:CD:1F:EE:FA:20:14:4A:05:38:C3:D2:E0:98:99:58:E8:8B:09
            X509v3 Authority Key Identifier:
                keyid:AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:79:31:41:63:9c:30:28:c5:60:12:87:62:76:9e:7c:6a:81:
         3c:31:90:f3:95:ba:a6:87:61:3a:c1:1f:f9:29:24:94:1e:bf:
         05:51:fe:8e:78:ef:e0:8a:25:22:f2:46:ff:8c:b6:0a:1d:57:
         fb:e2:7b:d2:79:f6:55:63:f0:c3:66:a1:f9:2f:f4:65:c4:33:
         0e:cb:aa:70:24:e7:ed:d2:94:96:f3:c2:1d:3f:38:6c:3b:d4:
         2a:48:c8:83:b2:ee:c4:63:b3:47:a8:1a:78:e4:cb:f2:2a:56:
         dd:c0:07:fc:7c:fd:ae:26:00:74:2b:3e:cd:fd:70:57:ba:4b:
         48:d9:54:a0:0c:cb:ca:14:48:dd:5b:57:05:94:52:7f:c6:47:
         79:6c:bd:80:a1:43:e9:40:6f:d3:40:38:b9:fa:a6:29:71:ad:
         b3:9c:33:46:05:49:d8:68:d2:3d:00:f9:5e:7a:80:a3:9b:94:
         5f:bc:88:65:95:f8:d8:5b:6a:8c:dd:3a:94:6f:e4:50:cb:35:
         1a:ee:d7:77:7d:52:2b:1e:5d:73:77:d6:99:8b:5a:f2:e6:4b:
         51:3c:36:66:43:e7:26:59:e2:c7:e8:39:dc:29:54:62:9c:0a:
         ca:41:44:f9:8d:f3:6f:8a:40:cc:da:91:da:f5:c7:9a:7e:24:
         ed:d0:be:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76n+TmFTuPtcS3IwMVVSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzBmYjQzODhlZTY3MTQ0YWUwNGRkYzg2ODEyZDYzZTAy
OGY0NzgwHhcNMjUxMDE5MTAwMTEzWhcNMjUxMDIwMTAwMTEzWjAzMTEwLwYDVQQD
EygyZjc5Y2QxZmVlZmEyMDE0NGEwNTM4YzNkMmUwOTg5OTU4ZTg4YjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1m5nHXj0aeez1/Oc4IkfrEF7P2x
tZmdZ4EXvlFljFmoKLnWpjOZff8IFbdLjbcvX8wdM5/T1NxqADHdntszeSEsU9gp
5QRNycEn1J1ryDfXPTKlqSGcMcPZuYemwUcag7XdvywbCYr3/m4ROLsKObkMcRYw
C7mzLKOUNqCbrqryVDmklyOv0+vJd7G6wntuWghYi5jX9I0+WbBo6kA7cG3+BtCt
r9NMERiRgBKjTAu/SB225WW2/CQjb2eOszvapyl50tpHAWIlPqEzea60d2QRu6lw
pKfLoNJVa84RvWmEeQTQD8cwi6EzBskML0cEFq7pPJyEok06gvQKQX36MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC95zR/u+iAUSgU4w9LgmJlY6IsJMB8GA1UdIwQY
MBaAFK0w+0OI7mcUSuBN3IaBLWPgKPR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQt
YjY2MDQ0YWRiY2IxLzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQtYjY2MDQ0YWRiY2Ix
LzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnkxQWOc
MCjFYBKHYnaefGqBPDGQ85W6podhOsEf+SkklB6/BVH+jnjv4IolIvJG/4y2Ch1X
++J70nn2VWPww2ah+S/0ZcQzDsuqcCTn7dKUlvPCHT84bDvUKkjIg7LuxGOzR6ga
eOTL8ipW3cAH/Hz9riYAdCs+zf1wV7pLSNlUoAzLyhRI3VtXBZRSf8ZHeWy9gKFD
6UBv00A4ufqmKXGts5wzRgVJ2GjSPQD5XnqAo5uUX7yIZZX42FtqjN06lG/kUMs1
Gu7Xd31SKx5dc3fWmYta8uZLUTw2ZkPnJlnix+g53ClUYpwKykFE+Y3zb4pAzNqR
2vXHmn4k7dC+6Q==
-----END CERTIFICATE-----