Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          10GWOXKgEcYrYQCFzeVxQ0Ro4hvuaUwief5VKuZBlXo=
Subject key identifier:   2E:75:EE:47:98:00:3B:78:F0:E2:ED:EE:E5:D1:BD:74:0C:E7:23:1D
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       0199FCC6CF41C6F7D64AA9106688403A063B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 14:01:51 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:51 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:51 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: stbiyrOgzDOcqiD0XeFv2sTUBVLa2oj1b3kOzY0prDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 14:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:cf:41:c6:f7:d6:4a:a9:10:66:88:40:3a:06:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Oct 19 14:01:51 2025 GMT
            Not After : Oct 20 14:01:51 2025 GMT
        Subject: CN=2e75ee4798003b78f0e2edeee5d1bd740ce7231d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:27:4b:45:5e:50:f0:6f:22:c8:3f:e8:fb:43:
                    33:1b:fa:53:54:5a:5e:4f:07:00:f2:ef:77:1a:2e:
                    3b:7c:73:99:59:15:de:b3:eb:c5:94:f0:a2:e8:7c:
                    20:a2:20:2e:bc:6d:50:68:d4:de:ed:c1:a7:42:7f:
                    93:ab:e4:9b:de:75:e3:e9:89:4c:00:0d:14:83:92:
                    30:ce:f6:b6:f0:b3:00:c9:a1:7f:ef:7d:5a:ff:58:
                    3b:73:40:86:25:81:fa:31:c2:f6:36:57:01:24:4e:
                    ad:aa:30:81:99:86:5c:93:69:ab:b2:79:6f:ec:e2:
                    5d:ac:49:a5:58:e7:a1:72:da:b0:f2:fd:b3:4f:02:
                    ea:3c:72:4b:0a:38:b8:69:67:9e:8d:70:18:ab:a0:
                    db:f1:47:04:68:ea:11:98:99:4c:c5:e8:73:97:46:
                    45:df:94:d4:5e:5a:ff:f2:3f:54:6f:55:e1:3b:cc:
                    78:94:38:65:39:37:c4:47:41:70:39:4f:3d:fc:5a:
                    dd:69:93:d8:3c:85:73:eb:d0:69:31:36:50:8b:38:
                    66:cb:66:f8:c0:bf:60:a9:24:a4:2c:1b:cb:92:be:
                    d5:a1:e2:c2:a2:ee:c2:cc:b6:01:fe:a8:39:97:d0:
                    90:1d:89:5e:17:9e:df:39:3d:ce:f4:f6:ba:d2:7c:
                    91:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:75:EE:47:98:00:3B:78:F0:E2:ED:EE:E5:D1:BD:74:0C:E7:23:1D
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:c9:a3:ed:79:e2:15:a4:60:06:a3:3d:9a:2c:8d:c0:e7:05:
         49:f0:b0:6c:62:c9:20:ed:69:51:f9:fc:34:6d:d8:34:d2:ce:
         e5:f2:cd:aa:21:f6:43:c6:39:43:fa:5d:ce:0f:77:9f:4c:d8:
         ed:50:e7:5f:1c:bd:c1:20:aa:b4:03:98:ad:fb:a0:80:38:07:
         18:2c:92:b2:64:b8:93:9e:9d:45:cc:67:cc:30:6e:a3:19:2b:
         69:08:49:fb:48:2a:0e:73:ac:78:82:4c:6e:01:a6:5c:20:4b:
         20:29:ea:fa:57:70:96:f3:cd:53:3a:84:90:5e:ef:46:33:b3:
         c0:79:32:ae:d1:79:f4:af:5d:41:33:ef:cd:34:fa:60:8c:73:
         08:9c:2f:67:03:86:82:75:5b:54:cc:6b:a4:88:42:67:39:9c:
         12:58:1d:ed:94:af:1c:e2:3e:cd:aa:39:44:d9:ad:8c:b0:fa:
         9c:a4:fe:fc:72:f7:3c:50:29:5f:44:2a:99:73:82:a4:39:e3:
         62:7f:3a:cb:fc:8f:b9:97:65:42:6e:dc:5f:bf:5f:96:40:39:
         f6:5a:b0:de:cc:16:b6:b2:fb:8b:56:27:e2:55:40:92:65:be:
         8b:8e:84:74:af:9b:4a:57:80:3e:81:0c:4f:a6:8b:69:b3:8e:
         8e:85:e2:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xs9BxvfWSqkQZohAOgY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjUxMDE5MTQwMTUxWhcNMjUxMDIwMTQwMTUxWjAzMTEwLwYDVQQD
EygyZTc1ZWU0Nzk4MDAzYjc4ZjBlMmVkZWVlNWQxYmQ3NDBjZTcyMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCdLRV5Q8G8iyD/o+0MzG/pTVFpe
TwcA8u93Gi47fHOZWRXes+vFlPCi6HwgoiAuvG1QaNTe7cGnQn+Tq+Sb3nXj6YlM
AA0Ug5Iwzva28LMAyaF/731a/1g7c0CGJYH6McL2NlcBJE6tqjCBmYZck2mrsnlv
7OJdrEmlWOehctqw8v2zTwLqPHJLCji4aWeejXAYq6Db8UcEaOoRmJlMxehzl0ZF
35TUXlr/8j9Ub1XhO8x4lDhlOTfER0FwOU89/FrdaZPYPIVz69BpMTZQizhmy2b4
wL9gqSSkLBvLkr7VoeLCou7CzLYB/qg5l9CQHYleF57fOT3O9Pa60nyR/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC517keYADt48OLt7uXRvXQM5yMdMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJcmj7Xni
FaRgBqM9miyNwOcFSfCwbGLJIO1pUfn8NG3YNNLO5fLNqiH2Q8Y5Q/pdzg93n0zY
7VDnXxy9wSCqtAOYrfuggDgHGCySsmS4k56dRcxnzDBuoxkraQhJ+0gqDnOseIJM
bgGmXCBLICnq+ldwlvPNUzqEkF7vRjOzwHkyrtF59K9dQTPvzTT6YIxzCJwvZwOG
gnVbVMxrpIhCZzmcElgd7ZSvHOI+zao5RNmtjLD6nKT+/HL3PFApX0QqmXOCpDnj
Yn86y/yPuZdlQm7cX79flkA59lqw3swWtrL7i1Yn4lVAkmW+i46EdK+bSleAPoEM
T6aLabOOjoXiww==
-----END CERTIFICATE-----