Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          qUsBi79JX39+KC7mVyX7J7oMnS71PfoHImXPQB4SVBE=
Subject key identifier:   62:ED:76:EE:B1:40:12:94:9B:DB:A7:28:81:56:1E:9A:70:34:E0:F1
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       0199FD3493FFF419372BD06B3C1092C03CA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          1014
Signing time:             Sun 19 Oct 2025 16:01:45 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:45 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:45 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: kIZRetoNciOnP9TvEIWJoEHYBPpOYdYQAlxdSn2WHCA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:93:ff:f4:19:37:2b:d0:6b:3c:10:92:c0:3c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Oct 19 16:01:45 2025 GMT
            Not After : Oct 20 16:01:45 2025 GMT
        Subject: CN=62ed76eeb14012949bdba72881561e9a7034e0f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:bc:5c:55:a3:39:54:bc:c1:be:64:19:75:1e:
                    00:c2:8d:f7:59:0a:c1:11:3e:7e:10:c3:f1:0d:f8:
                    cf:46:7a:87:8a:31:b3:25:0b:ae:07:eb:c8:49:db:
                    2b:7f:05:70:42:4f:44:77:f4:3b:32:fa:fc:b0:03:
                    81:6c:26:30:9a:3d:5e:a1:e5:ef:f1:4c:4c:e7:e3:
                    1c:42:3c:3e:22:60:a1:0c:59:44:c7:34:b6:9f:0c:
                    b1:74:04:05:90:cf:6c:92:36:74:32:cd:ec:3b:b6:
                    04:49:34:bd:06:70:35:bc:0b:25:56:aa:04:dc:a1:
                    b3:f9:06:4d:ec:42:62:04:7f:07:4c:5a:18:88:2b:
                    e9:1e:2a:c3:7f:a1:15:e9:7b:c4:5e:a5:4c:8d:62:
                    70:08:4f:ba:ce:a3:3c:47:48:65:cd:53:b9:ff:7a:
                    fd:c6:c9:70:73:18:fb:41:32:ce:7e:63:7a:06:e0:
                    78:46:fb:09:d4:0b:0d:07:94:4f:57:4c:cd:2d:cf:
                    3f:17:8b:fd:44:98:b0:93:db:cb:d3:c2:f1:5d:0d:
                    61:29:ea:33:b8:bc:be:a8:c8:2a:16:2b:8b:24:be:
                    b8:6d:b8:55:f6:68:00:80:91:a9:d6:f7:24:21:08:
                    e0:f8:fb:c3:86:e2:26:10:1a:ef:3b:45:75:dc:9b:
                    8c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:ED:76:EE:B1:40:12:94:9B:DB:A7:28:81:56:1E:9A:70:34:E0:F1
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:fc:3b:e1:3b:f7:3d:b0:14:e7:55:6b:46:42:47:da:62:fe:
         cd:d8:67:4c:3b:da:d0:51:19:e5:bc:fd:61:bb:e8:89:b2:91:
         05:9a:dd:da:aa:4e:9c:cc:dc:bc:df:ae:4c:f1:6e:25:13:81:
         7a:34:51:bc:08:06:c1:1f:b6:68:d2:3a:69:1b:12:60:e0:b1:
         79:66:e3:81:77:53:e5:60:a3:59:38:7b:db:35:e6:a3:f3:83:
         84:5b:e2:1b:26:14:e0:b2:a6:5d:36:93:55:21:b7:ff:b0:dd:
         e2:10:41:20:18:14:ab:d0:ad:3b:10:21:d4:15:b5:a3:b0:55:
         a5:03:4f:6d:46:34:9b:b4:cd:3b:22:5e:58:fe:d7:f9:5d:a6:
         f3:20:00:14:3b:a7:f3:a8:c1:14:04:fe:39:3d:83:f8:1b:98:
         cd:7a:62:2c:fa:c6:01:63:8e:5f:c4:70:d5:0a:a0:97:e1:31:
         05:d9:a7:6a:5c:f5:1e:4a:b7:33:6f:ed:9e:d8:6f:65:25:38:
         3e:67:ed:6a:19:57:8e:b9:e2:77:fa:2e:ac:ea:04:7c:ac:43:
         47:dc:3b:f8:58:26:45:ee:b6:92:8d:a2:81:17:67:32:ee:06:
         92:77:10:c1:20:05:aa:c1:dc:3a:9f:c1:7a:0f:b9:8c:48:5c:
         5b:4d:86:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NJP/9Bk3K9BrPBCSwDykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjUxMDE5MTYwMTQ1WhcNMjUxMDIwMTYwMTQ1WjAzMTEwLwYDVQQD
Eyg2MmVkNzZlZWIxNDAxMjk0OWJkYmE3Mjg4MTU2MWU5YTcwMzRlMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bxcVaM5VLzBvmQZdR4Awo33WQrB
ET5+EMPxDfjPRnqHijGzJQuuB+vISdsrfwVwQk9Ed/Q7Mvr8sAOBbCYwmj1eoeXv
8UxM5+McQjw+ImChDFlExzS2nwyxdAQFkM9skjZ0Ms3sO7YESTS9BnA1vAslVqoE
3KGz+QZN7EJiBH8HTFoYiCvpHirDf6EV6XvEXqVMjWJwCE+6zqM8R0hlzVO5/3r9
xslwcxj7QTLOfmN6BuB4RvsJ1AsNB5RPV0zNLc8/F4v9RJiwk9vL08LxXQ1hKeoz
uLy+qMgqFiuLJL64bbhV9mgAgJGp1vckIQjg+PvDhuImEBrvO0V13JuMCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGLtdu6xQBKUm9unKIFWHppwNODxMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvw74Tv3
PbAU51VrRkJH2mL+zdhnTDva0FEZ5bz9YbvoibKRBZrd2qpOnMzcvN+uTPFuJROB
ejRRvAgGwR+2aNI6aRsSYOCxeWbjgXdT5WCjWTh72zXmo/ODhFviGyYU4LKmXTaT
VSG3/7Dd4hBBIBgUq9CtOxAh1BW1o7BVpQNPbUY0m7TNOyJeWP7X+V2m8yAAFDun
86jBFAT+OT2D+BuYzXpiLPrGAWOOX8Rw1Qqgl+ExBdmnalz1Hkq3M2/tnthvZSU4
PmftahlXjrnid/ourOoEfKxDR9w7+FgmRe62ko2igRdnMu4GkncQwSAFqsHcOp/B
eg+5jEhcW02GRg==
-----END CERTIFICATE-----