Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
File:                     _Nq63VYraOxeFY4easdvfalucyM.mft (raw, json)
Hash identifier:          CApyhm8xPTrnFolM3TzAwv6zQPeA5UKLe3lF5OzDBNk=
Subject key identifier:   04:02:25:C0:5C:66:FD:00:45:9A:0F:CE:79:57:D7:B7:35:EB:83:12
Authority key identifier: FC:DA:BA:DD:56:2B:68:EC:5E:15:8E:1E:6A:C7:6F:7D:A9:6E:73:23
Certificate issuer:       /CN=fcdabadd562b68ec5e158e1e6ac76f7da96e7323
Certificate serial:       0199FE474E5F9275CA4E08409E20B7670F7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 21:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:49 +0000
Files and hashes:         1: _Nq63VYraOxeFY4easdvfalucyM.crl (hash: yUR/GhYAS/Km5POaFZ+ErJsiLoPn5uc0eUl5749nwt0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:4e:5f:92:75:ca:4e:08:40:9e:20:b7:67:0f:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fcdabadd562b68ec5e158e1e6ac76f7da96e7323
        Validity
            Not Before: Oct 19 21:01:49 2025 GMT
            Not After : Oct 20 21:01:49 2025 GMT
        Subject: CN=040225c05c66fd00459a0fce7957d7b735eb8312
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b8:b4:83:db:0c:f1:63:11:10:0b:a3:84:6a:
                    aa:68:93:ba:33:8f:d0:67:38:fb:5b:8a:04:ec:0c:
                    10:c4:94:c4:15:d7:00:79:17:33:5b:37:70:a6:f8:
                    c6:20:6a:16:62:ef:33:84:2b:82:d7:68:75:27:12:
                    ba:3a:77:ab:58:4a:c5:00:87:d3:b4:77:98:91:03:
                    e8:ae:d0:1a:bc:95:8c:e4:03:3f:23:c2:2d:ed:c7:
                    ca:c1:15:27:d6:e7:72:14:ea:d7:57:a6:71:13:ad:
                    a3:6e:f4:4f:57:c5:76:d4:8f:45:23:97:fc:c0:9a:
                    60:41:94:12:69:4d:d4:86:b7:58:c6:f0:67:fe:30:
                    9f:91:63:13:78:b8:98:87:cb:39:00:19:25:99:27:
                    e8:56:99:81:74:27:b1:99:df:49:f5:3d:94:2f:81:
                    2c:4b:08:6b:e3:88:6e:de:b9:ee:5f:3c:a9:58:42:
                    de:db:70:77:c6:89:0d:c6:f7:30:4f:e9:6b:56:88:
                    fa:bd:16:29:e2:42:ec:e2:69:e6:c1:18:2d:f3:c8:
                    f6:1b:fc:a6:44:96:df:31:ce:c1:71:e1:4b:12:fd:
                    d3:0f:55:4d:20:94:12:49:ec:40:a8:e5:86:69:11:
                    d4:5a:d7:74:4a:5d:5e:96:61:50:91:93:28:38:6f:
                    ee:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:02:25:C0:5C:66:FD:00:45:9A:0F:CE:79:57:D7:B7:35:EB:83:12
            X509v3 Authority Key Identifier:
                keyid:FC:DA:BA:DD:56:2B:68:EC:5E:15:8E:1E:6A:C7:6F:7D:A9:6E:73:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:6c:46:d4:02:55:cb:e0:02:f1:8c:1f:72:38:97:4c:6c:f2:
         1e:f3:ad:fa:4e:dd:ae:d9:79:97:ba:26:49:08:32:f7:18:9d:
         a4:3b:2e:53:04:1c:f4:03:db:30:8f:e5:5c:2e:bb:a5:a4:aa:
         3d:14:8d:52:d9:e0:02:fa:43:c7:77:1f:d8:e4:c8:93:09:e4:
         9c:6d:7a:9f:e1:c1:41:69:80:ff:1c:51:22:a1:9a:f3:57:3b:
         d8:7f:35:a8:86:05:51:ab:b3:73:67:9a:b1:4b:50:fa:bc:43:
         c4:6f:dd:fe:93:97:69:39:04:86:1a:b0:06:70:17:30:0e:93:
         8c:60:90:eb:41:1f:0f:f5:8a:4d:2c:f0:d8:38:27:c8:46:9e:
         d5:b3:56:1e:cd:f4:82:79:15:da:4e:b2:8d:32:f8:f9:44:eb:
         a6:5f:2d:b5:7b:38:c3:7b:3d:8c:a5:0e:47:af:6f:d5:32:c9:
         a3:09:21:42:eb:2f:c0:83:4f:cf:20:cf:d8:11:66:86:d9:11:
         05:ce:c0:1c:0a:22:e1:06:1a:89:75:6f:bf:7a:00:d7:f7:dd:
         dd:d2:13:84:e2:5c:64:bf:7a:6d:9a:e7:59:20:b7:af:7b:65:
         d9:6f:ab:3b:40:56:5d:04:cf:61:3e:15:4c:28:73:14:e9:8f:
         e3:57:75:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+R05fknXKTghAniC3Zw98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZGFiYWRkNTYyYjY4ZWM1ZTE1OGUxZTZhYzc2ZjdkYTk2
ZTczMjMwHhcNMjUxMDE5MjEwMTQ5WhcNMjUxMDIwMjEwMTQ5WjAzMTEwLwYDVQQD
EygwNDAyMjVjMDVjNjZmZDAwNDU5YTBmY2U3OTU3ZDdiNzM1ZWI4MzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbi0g9sM8WMREAujhGqqaJO6M4/Q
Zzj7W4oE7AwQxJTEFdcAeRczWzdwpvjGIGoWYu8zhCuC12h1JxK6OnerWErFAIfT
tHeYkQPortAavJWM5AM/I8It7cfKwRUn1udyFOrXV6ZxE62jbvRPV8V21I9FI5f8
wJpgQZQSaU3UhrdYxvBn/jCfkWMTeLiYh8s5ABklmSfoVpmBdCexmd9J9T2UL4Es
Swhr44hu3rnuXzypWELe23B3xokNxvcwT+lrVoj6vRYp4kLs4mnmwRgt88j2G/ym
RJbfMc7BceFLEv3TD1VNIJQSSexAqOWGaRHUWtd0Sl1elmFQkZMoOG/uzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQCJcBcZv0ARZoPznlX17c164MSMB8GA1UdIwQY
MBaAFPzaut1WK2jsXhWOHmrHb32pbnMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lOGJiMTMtOWY4OS00MGNhLThhNmIt
YTM5NGU4NjZiMzdjLzEvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lOGJiMTMtOWY4OS00MGNhLThhNmItYTM5NGU4NjZiMzdj
LzEvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAWxG1AJV
y+AC8YwfcjiXTGzyHvOt+k7drtl5l7omSQgy9xidpDsuUwQc9APbMI/lXC67paSq
PRSNUtngAvpDx3cf2OTIkwnknG16n+HBQWmA/xxRIqGa81c72H81qIYFUauzc2ea
sUtQ+rxDxG/d/pOXaTkEhhqwBnAXMA6TjGCQ60EfD/WKTSzw2DgnyEae1bNWHs30
gnkV2k6yjTL4+UTrpl8ttXs4w3s9jKUOR69v1TLJowkhQusvwINPzyDP2BFmhtkR
Bc7AHAoi4QYaiXVvv3oA1/fd3dIThOJcZL96bZrnWSC3r3tl2W+rO0BWXQTPYT4V
TChzFOmP41d1Gg==
-----END CERTIFICATE-----