Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft
File:                     41wFcLO3dz0eEYgufdLGJVN-sJw.mft (raw, json)
Hash identifier:          hRf6bKUc023cnVA0yQ/HYE8FYZNuTClqCTluXqU6KOs=
Subject key identifier:   86:F5:6C:63:B5:90:17:37:63:63:9A:92:12:0C:72:CE:D1:3A:FD:8F
Authority key identifier: E3:5C:05:70:B3:B7:77:3D:1E:11:88:2E:7D:D2:C6:25:53:7E:B0:9C
Certificate issuer:       /CN=e35c0570b3b7773d1e11882e7dd2c625537eb09c
Certificate serial:       0199FBEAB795222E52B3DCEB199432588C35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/41wFcLO3dz0eEYgufdLGJVN-sJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft
Manifest number:          141A
Signing time:             Sun 19 Oct 2025 10:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:27 +0000
Files and hashes:         1: 41wFcLO3dz0eEYgufdLGJVN-sJw.crl (hash: GFOVsc5GxJk0GM4Lzq1Kwi2nj1ILD/I4hU3iP7EP4ps=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/41wFcLO3dz0eEYgufdLGJVN-sJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:b7:95:22:2e:52:b3:dc:eb:19:94:32:58:8c:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e35c0570b3b7773d1e11882e7dd2c625537eb09c
        Validity
            Not Before: Oct 19 10:01:27 2025 GMT
            Not After : Oct 20 10:01:27 2025 GMT
        Subject: CN=86f56c63b590173763639a92120c72ced13afd8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:e5:f9:55:05:0a:dc:d5:dc:86:b0:34:09:d2:
                    a0:06:5b:b7:54:84:c3:99:b3:2a:ea:a5:3b:9b:79:
                    37:3f:31:a1:96:47:48:9b:48:c0:3d:64:48:fa:00:
                    c4:a4:6b:05:1d:23:66:0d:6b:8c:28:dc:10:01:38:
                    d2:73:64:41:f8:2d:9c:6f:e0:6a:f9:59:22:2f:ef:
                    65:98:06:ee:21:5b:6c:e5:bf:b0:e5:e1:70:82:09:
                    84:f7:b5:ad:ac:3d:e3:4d:c5:3b:25:7c:23:9a:41:
                    53:d6:86:d2:85:f5:85:fa:9b:e6:62:37:2a:e1:ea:
                    15:53:2d:34:68:f7:6a:7e:03:ea:4e:f8:3c:6a:fe:
                    21:cd:59:53:10:39:b5:74:7e:25:c2:ef:88:fe:c7:
                    22:d8:0f:9c:85:71:98:79:0e:87:e2:d8:b8:c4:79:
                    7e:ac:16:65:80:27:6c:a8:5f:e8:2d:59:db:c5:02:
                    a2:57:08:34:bf:5d:7e:ff:4a:a1:88:7e:85:22:81:
                    67:eb:15:ba:b6:56:bb:7a:5a:3d:13:be:46:37:ba:
                    6c:b7:c2:18:db:f0:a5:c8:2f:8d:c5:c2:62:f4:c5:
                    23:b2:c7:6f:23:c2:05:60:42:cd:a1:4c:2f:e1:cb:
                    d0:24:bc:4a:d9:b9:33:8f:2c:31:af:00:f9:e5:71:
                    3d:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:F5:6C:63:B5:90:17:37:63:63:9A:92:12:0C:72:CE:D1:3A:FD:8F
            X509v3 Authority Key Identifier:
                keyid:E3:5C:05:70:B3:B7:77:3D:1E:11:88:2E:7D:D2:C6:25:53:7E:B0:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/41wFcLO3dz0eEYgufdLGJVN-sJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:5d:7e:ab:05:75:07:ac:c9:38:4c:93:dd:d4:81:95:be:81:
         d0:2e:8f:4d:a0:7f:20:10:78:62:88:cd:fc:77:19:59:aa:6b:
         23:bc:ba:57:84:cb:4f:e1:39:af:48:29:16:c3:4e:c3:76:9f:
         05:7d:ed:5c:96:4e:16:0f:ba:d5:50:b2:2f:38:3c:6f:2a:9a:
         23:92:48:15:30:a8:f5:89:e0:0c:49:d1:57:6a:1f:b5:a8:66:
         e2:aa:b4:85:b5:e7:e6:3b:76:b0:32:9c:6e:fe:83:3e:5e:eb:
         bb:1e:f4:88:8c:81:d0:ef:f4:6b:9c:4c:40:e4:98:45:b7:82:
         70:37:93:c4:80:fe:90:f7:a7:4f:8d:4f:54:17:c1:1d:89:68:
         6a:66:b8:bb:42:59:fc:a0:4b:94:f4:2e:e9:f5:56:e7:b9:ba:
         41:16:eb:8f:6d:d3:42:f4:be:65:e7:bd:c5:a4:29:89:c3:b6:
         e4:d5:3a:94:55:fd:d5:f3:29:4e:76:cf:b2:92:81:ad:70:b0:
         cd:9b:47:b5:ba:d3:42:ed:1d:56:12:84:95:6a:4f:1a:ae:89:
         df:1d:7c:0a:fa:1b:e3:43:0c:f0:0d:e8:15:fc:5c:87:6b:07:
         38:f2:d6:f0:07:7c:f6:73:71:ed:49:97:81:bb:0f:91:04:84:
         c5:52:e2:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76reVIi5Ss9zrGZQyWIw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNWMwNTcwYjNiNzc3M2QxZTExODgyZTdkZDJjNjI1NTM3
ZWIwOWMwHhcNMjUxMDE5MTAwMTI3WhcNMjUxMDIwMTAwMTI3WjAzMTEwLwYDVQQD
Eyg4NmY1NmM2M2I1OTAxNzM3NjM2MzlhOTIxMjBjNzJjZWQxM2FmZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+X5VQUK3NXchrA0CdKgBlu3VITD
mbMq6qU7m3k3PzGhlkdIm0jAPWRI+gDEpGsFHSNmDWuMKNwQATjSc2RB+C2cb+Bq
+VkiL+9lmAbuIVts5b+w5eFwggmE97WtrD3jTcU7JXwjmkFT1obShfWF+pvmYjcq
4eoVUy00aPdqfgPqTvg8av4hzVlTEDm1dH4lwu+I/sci2A+chXGYeQ6H4ti4xHl+
rBZlgCdsqF/oLVnbxQKiVwg0v11+/0qhiH6FIoFn6xW6tla7elo9E75GN7pst8IY
2/ClyC+NxcJi9MUjssdvI8IFYELNoUwv4cvQJLxK2bkzjywxrwD55XE9/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIb1bGO1kBc3Y2OakhIMcs7ROv2PMB8GA1UdIwQY
MBaAFONcBXCzt3c9HhGILn3SxiVTfrCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDF3RmNMTzNkejBlRVlndWZkTEdKVk4tc0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9jMmY1NzktNzUwMS00YTViLThkZDct
ZjY5MTI4YTkxOTgzLzEvNDF3RmNMTzNkejBlRVlndWZkTEdKVk4tc0p3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9jMmY1NzktNzUwMS00YTViLThkZDctZjY5MTI4YTkxOTgz
LzEvNDF3RmNMTzNkejBlRVlndWZkTEdKVk4tc0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs11+qwV1
B6zJOEyT3dSBlb6B0C6PTaB/IBB4YojN/HcZWaprI7y6V4TLT+E5r0gpFsNOw3af
BX3tXJZOFg+61VCyLzg8byqaI5JIFTCo9YngDEnRV2oftahm4qq0hbXn5jt2sDKc
bv6DPl7rux70iIyB0O/0a5xMQOSYRbeCcDeTxID+kPenT41PVBfBHYloama4u0JZ
/KBLlPQu6fVW57m6QRbrj23TQvS+Zee9xaQpicO25NU6lFX91fMpTnbPspKBrXCw
zZtHtbrTQu0dVhKElWpPGq6J3x18Cvob40MM8A3oFfxch2sHOPLW8Ad89nNx7UmX
gbsPkQSExVLibQ==
-----END CERTIFICATE-----