Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
File:                     iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json)
Hash identifier:          kR4yzJrJSqWZJrIJKaee9Vu3+qG083wGV9iDjKDACJU=
Subject key identifier:   67:C4:3A:7D:C7:B9:5E:42:64:8C:F4:C4:FB:6A:23:2B:C3:CC:2D:17
Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
Certificate issuer:       /CN=88f75722db25b3723decda5d870df69bf0d865ae
Certificate serial:       0199FDD8AC009B1022A9B9EEC49E9BAD9273
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
Manifest number:          10DB
Signing time:             Sun 19 Oct 2025 19:00:59 +0000
Manifest this update:     Sun 19 Oct 2025 19:00:59 +0000
Manifest next update:     Mon 20 Oct 2025 19:00:59 +0000
Files and hashes:         1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: PnpMYWcYWKAcVOkl2MlN+xBeyWpAZdktkOOrBLMszJU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:ac:00:9b:10:22:a9:b9:ee:c4:9e:9b:ad:92:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae
        Validity
            Not Before: Oct 19 19:00:59 2025 GMT
            Not After : Oct 20 19:00:59 2025 GMT
        Subject: CN=67c43a7dc7b95e42648cf4c4fb6a232bc3cc2d17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:62:2b:ac:92:6d:a7:b0:ed:28:32:94:99:a0:
                    83:11:09:b5:e6:1b:72:53:5f:b5:8c:a9:32:19:c4:
                    3e:dc:9c:a2:c5:a0:a8:b9:ef:fa:bd:7e:1a:50:c9:
                    86:56:98:d9:5c:f6:85:7d:d2:39:df:7d:e0:cf:ba:
                    ad:06:3b:d0:53:bb:b5:5a:cf:25:bb:57:bc:f8:2b:
                    a6:98:00:6f:49:3a:05:5b:39:96:33:f5:fe:06:26:
                    cd:24:c0:ed:39:79:6a:d4:f8:54:31:ce:54:7d:43:
                    68:30:e4:bf:e7:2c:22:47:f5:57:e7:68:2e:55:5d:
                    d6:e2:1f:92:a2:2e:9d:a4:c8:97:45:a7:77:a0:5e:
                    24:fb:50:c7:e0:36:65:68:b3:15:d6:d8:f5:0e:9a:
                    f0:3c:31:1f:ed:82:57:34:30:8a:77:38:94:0c:6d:
                    ac:a8:6a:87:da:54:9e:0d:c1:cd:c2:c3:52:68:de:
                    17:0f:c4:67:96:82:5b:ce:44:3c:fe:47:0c:3a:11:
                    9f:bd:a1:98:51:fd:fe:ce:4b:ea:f7:76:6c:f8:ee:
                    5b:ec:2f:bb:69:f5:2a:f1:e2:fd:39:3f:dd:88:00:
                    31:fa:54:3c:d1:eb:d3:c3:6e:ee:ad:2d:32:b0:02:
                    eb:57:46:fe:95:fe:15:9d:b5:65:39:c7:2c:8f:62:
                    2a:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C4:3A:7D:C7:B9:5E:42:64:8C:F4:C4:FB:6A:23:2B:C3:CC:2D:17
            X509v3 Authority Key Identifier:
                keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:91:5a:b3:f0:7d:dd:f6:b8:16:bd:6a:d3:ed:71:66:1f:df:
         6b:b2:7c:8d:c7:fa:f4:71:87:f7:2b:d1:3b:f4:c8:b2:ab:a5:
         51:f2:cd:85:d7:ae:4c:e9:e8:fa:2a:ec:8a:15:af:1f:5a:a5:
         3c:79:34:1a:6e:21:2f:17:6c:e7:2a:25:36:f6:86:e0:3d:93:
         05:e2:83:ba:1f:80:40:1a:07:1c:85:a8:83:29:4f:89:eb:9f:
         a1:85:4f:9d:a6:17:d8:26:d0:21:46:49:8d:5c:87:7e:c0:f1:
         d5:d6:24:7c:46:74:40:22:00:04:47:bb:a6:25:83:60:5f:72:
         7b:9e:42:3e:4b:d6:73:d3:79:b2:34:d8:7e:64:18:b8:eb:53:
         7d:c3:df:74:3f:d6:55:4b:19:71:86:a3:8d:f5:de:22:3f:d5:
         d4:8b:7a:1b:2a:c5:4b:9d:c1:85:a6:cc:0f:35:58:4d:af:a9:
         ba:ff:05:d7:76:69:9d:ea:a7:07:df:23:40:8f:67:32:fe:cd:
         30:88:6d:2a:4a:20:58:68:23:2c:e6:95:61:bd:89:9e:05:65:
         8e:63:b9:02:6d:e5:03:86:55:cf:3a:13:9e:50:12:8f:c3:d1:
         78:23:37:b6:46:c9:03:0e:45:90:26:4d:2b:95:be:81:09:0a:
         cf:f3:d1:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92KwAmxAiqbnuxJ6brZJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk
ODY1YWUwHhcNMjUxMDE5MTkwMDU5WhcNMjUxMDIwMTkwMDU5WjAzMTEwLwYDVQQD
Eyg2N2M0M2E3ZGM3Yjk1ZTQyNjQ4Y2Y0YzRmYjZhMjMyYmMzY2MyZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGIrrJJtp7DtKDKUmaCDEQm15hty
U1+1jKkyGcQ+3JyixaCoue/6vX4aUMmGVpjZXPaFfdI5333gz7qtBjvQU7u1Ws8l
u1e8+CummABvSToFWzmWM/X+BibNJMDtOXlq1PhUMc5UfUNoMOS/5ywiR/VX52gu
VV3W4h+Soi6dpMiXRad3oF4k+1DH4DZlaLMV1tj1DprwPDEf7YJXNDCKdziUDG2s
qGqH2lSeDcHNwsNSaN4XD8RnloJbzkQ8/kcMOhGfvaGYUf3+zkvq93Zs+O5b7C+7
afUq8eL9OT/diAAx+lQ80evTw27urS0ysALrV0b+lf4VnbVlOccsj2IqvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfEOn3HuV5CZIz0xPtqIyvDzC0XMB8GA1UdIwQY
MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt
MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm
LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAZFas/B9
3fa4Fr1q0+1xZh/fa7J8jcf69HGH9yvRO/TIsqulUfLNhdeuTOno+irsihWvH1ql
PHk0Gm4hLxds5yolNvaG4D2TBeKDuh+AQBoHHIWogylPieufoYVPnaYX2CbQIUZJ
jVyHfsDx1dYkfEZ0QCIABEe7piWDYF9ye55CPkvWc9N5sjTYfmQYuOtTfcPfdD/W
VUsZcYajjfXeIj/V1It6GyrFS53BhabMDzVYTa+puv8F13ZpneqnB98jQI9nMv7N
MIhtKkogWGgjLOaVYb2JngVljmO5Am3lA4ZVzzoTnlASj8PReCM3tkbJAw5FkCZN
K5W+gQkKz/PRmg==
-----END CERTIFICATE-----