Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
File:                     sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json)
Hash identifier:          Bo1enb1NtaoEwQZetDie7+ehpVK3LkyVJgvLBRcqbB8=
Subject key identifier:   85:41:0F:F4:FC:66:A6:B7:FC:1E:C5:F1:53:C6:8A:89:C1:E9:B7:32
Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
Certificate issuer:       /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Certificate serial:       0199FBEBA63367A95CBC1630357DCDB06925
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
Manifest number:          0436
Signing time:             Sun 19 Oct 2025 10:02:28 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:28 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:28 +0000
Files and hashes:         1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: h7xmtKGv/zt+DydMczqxvngvdT3O5JvQqiW/UNPPH/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:a6:33:67:a9:5c:bc:16:30:35:7d:cd:b0:69:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
        Validity
            Not Before: Oct 19 10:02:28 2025 GMT
            Not After : Oct 20 10:02:28 2025 GMT
        Subject: CN=85410ff4fc66a6b7fc1ec5f153c68a89c1e9b732
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:82:5a:2d:2e:e0:a5:5f:c4:46:9f:9a:91:ed:
                    0a:a1:60:4f:85:8e:f6:5c:3e:c8:c0:7b:20:ae:f2:
                    de:2d:5a:4c:d1:c1:bc:1c:10:b7:26:31:dc:d1:cc:
                    d3:b2:33:39:fd:02:b7:67:f2:4b:91:59:54:c9:31:
                    71:f6:78:13:1e:81:c1:a0:82:df:ad:1d:7f:9b:e9:
                    c0:69:19:23:15:de:31:b6:8e:4a:0d:bd:6e:55:28:
                    b1:05:a8:27:22:f2:64:81:72:da:94:ca:33:8a:2e:
                    06:19:bf:dd:f8:82:3b:2d:fc:cc:71:ca:c9:14:6a:
                    71:07:7a:26:41:e6:74:81:23:84:98:61:31:08:6e:
                    56:9c:13:6d:21:35:63:b6:e1:fc:22:70:59:fc:d9:
                    cd:8f:13:5d:86:da:af:01:57:a3:c5:29:3a:07:e5:
                    4e:2a:45:3f:34:f5:36:af:3c:09:b4:74:6b:80:e9:
                    7b:d9:78:1b:54:4d:a4:db:59:85:2a:fe:2c:21:8e:
                    7d:d3:01:3b:d0:58:83:dc:6c:c8:01:37:1d:92:9d:
                    a2:e1:80:d3:52:da:13:f6:b7:59:29:7b:e3:8e:6f:
                    71:62:77:1a:53:40:eb:b6:39:e0:1e:fe:fe:b8:ff:
                    8c:16:41:39:d5:16:9e:aa:2f:92:7d:f9:17:78:d4:
                    78:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:41:0F:F4:FC:66:A6:B7:FC:1E:C5:F1:53:C6:8A:89:C1:E9:B7:32
            X509v3 Authority Key Identifier:
                keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:f1:d5:96:05:2b:7e:63:af:a6:19:ce:d5:b6:b7:1c:06:f0:
         44:ad:86:bd:91:c0:fe:2e:9f:77:d3:71:7f:aa:0b:72:a0:35:
         93:a4:be:fe:29:e9:fd:7a:9c:4a:1d:d6:cf:5a:a2:9c:53:35:
         c9:e1:30:70:ba:24:01:3b:9a:3a:ea:0e:16:6c:21:bc:6a:92:
         c2:58:64:0c:3f:c3:9b:ad:83:64:3d:fc:39:98:71:db:bf:7c:
         f8:ed:73:6a:d5:a8:20:b3:d1:2c:62:7b:68:fd:e3:3c:64:64:
         50:82:2e:2b:67:b2:43:34:c0:04:e9:f0:eb:e1:77:2d:0c:c5:
         7a:da:0f:9d:96:d3:be:94:49:c0:41:fd:e3:2c:08:64:05:44:
         5f:9b:e9:57:3d:33:26:4c:f7:75:e2:0f:60:fc:0c:f2:34:1d:
         0d:27:6f:cb:7f:13:55:4a:27:d1:72:f3:a2:cd:52:50:79:65:
         8f:fd:fb:42:60:08:cf:1e:ab:0f:59:33:bc:4c:f8:d8:2a:c6:
         9f:e0:75:ed:7b:d4:10:5f:b1:d8:84:37:b7:84:aa:ef:43:0d:
         5a:81:ca:c4:6a:a3:0d:97:1d:d4:d5:0e:e6:70:ed:c8:47:e0:
         53:41:21:27:21:96:ed:93:42:de:14:0e:25:04:06:91:b6:82:
         c2:7b:7a:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766YzZ6lcvBYwNX3NsGklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4
OWYxNmQwHhcNMjUxMDE5MTAwMjI4WhcNMjUxMDIwMTAwMjI4WjAzMTEwLwYDVQQD
Eyg4NTQxMGZmNGZjNjZhNmI3ZmMxZWM1ZjE1M2M2OGE4OWMxZTliNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYJaLS7gpV/ERp+ake0KoWBPhY72
XD7IwHsgrvLeLVpM0cG8HBC3JjHc0czTsjM5/QK3Z/JLkVlUyTFx9ngTHoHBoILf
rR1/m+nAaRkjFd4xto5KDb1uVSixBagnIvJkgXLalMozii4GGb/d+II7LfzMccrJ
FGpxB3omQeZ0gSOEmGExCG5WnBNtITVjtuH8InBZ/NnNjxNdhtqvAVejxSk6B+VO
KkU/NPU2rzwJtHRrgOl72XgbVE2k21mFKv4sIY590wE70FiD3GzIATcdkp2i4YDT
UtoT9rdZKXvjjm9xYncaU0DrtjngHv7+uP+MFkE51Raeqi+SffkXeNR4KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVBD/T8Zqa3/B7F8VPGionB6bcyMB8GA1UdIwQY
MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt
ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj
LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgPHVlgUr
fmOvphnO1ba3HAbwRK2GvZHA/i6fd9Nxf6oLcqA1k6S+/inp/XqcSh3Wz1qinFM1
yeEwcLokATuaOuoOFmwhvGqSwlhkDD/Dm62DZD38OZhx2798+O1zatWoILPRLGJ7
aP3jPGRkUIIuK2eyQzTABOnw6+F3LQzFetoPnZbTvpRJwEH94ywIZAVEX5vpVz0z
Jkz3deIPYPwM8jQdDSdvy38TVUon0XLzos1SUHllj/37QmAIzx6rD1kzvEz42CrG
n+B17XvUEF+x2IQ3t4Sq70MNWoHKxGqjDZcd1NUO5nDtyEfgU0EhJyGW7ZNC3hQO
JQQGkbaCwnt64g==
-----END CERTIFICATE-----