Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft
File:                     rARWSrE5dm8d7mSLNaChi702IQk.mft (raw, json)
Hash identifier:          TFGw0zuMjzUFLNug9Kc74d/cVbjilA/DmUYsie8ba0M=
Subject key identifier:   C4:2D:3E:8E:29:FB:6A:78:CE:56:E2:4C:5D:C2:FB:C5:B8:97:46:44
Authority key identifier: AC:04:56:4A:B1:39:76:6F:1D:EE:64:8B:35:A0:A1:8B:BD:36:21:09
Certificate issuer:       /CN=ac04564ab139766f1dee648b35a0a18bbd362109
Certificate serial:       0199FFFEBC0577E1D5D6252FC5B0D0F91B5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rARWSrE5dm8d7mSLNaChi702IQk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft
Manifest number:          16E1
Signing time:             Mon 20 Oct 2025 05:01:48 +0000
Manifest this update:     Mon 20 Oct 2025 05:01:48 +0000
Manifest next update:     Tue 21 Oct 2025 05:01:48 +0000
Files and hashes:         1: rARWSrE5dm8d7mSLNaChi702IQk.crl (hash: 5oXj9ifbQXaapsOEgdlPsPj1vx5oWK4v7Z2xnFk+wVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rARWSrE5dm8d7mSLNaChi702IQk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 05:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:fe:bc:05:77:e1:d5:d6:25:2f:c5:b0:d0:f9:1b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac04564ab139766f1dee648b35a0a18bbd362109
        Validity
            Not Before: Oct 20 05:01:48 2025 GMT
            Not After : Oct 21 05:01:48 2025 GMT
        Subject: CN=c42d3e8e29fb6a78ce56e24c5dc2fbc5b8974644
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:0f:28:98:52:71:6c:d1:da:d9:5d:f9:93:ea:
                    1a:c2:e9:5e:c5:26:28:fc:66:cc:bf:74:85:b2:cb:
                    2c:2e:59:09:c4:df:b5:4c:e2:fd:b9:42:64:9b:58:
                    c4:cf:6b:5d:2f:ad:ee:2b:80:e9:aa:fa:09:25:28:
                    df:bb:55:61:73:f4:80:98:66:ed:bf:b5:58:a7:b3:
                    1a:5b:23:73:ee:1d:33:95:a2:27:8e:76:52:42:3a:
                    f8:34:ff:be:c6:92:ca:6a:f8:c5:8d:ac:e5:5c:4f:
                    a6:e8:9a:b2:53:53:a8:19:de:cf:81:62:e4:7b:24:
                    b6:7c:1f:e8:3b:24:a6:ab:b1:b7:ef:ef:10:aa:04:
                    e8:bd:00:ec:53:5b:9c:9f:af:e4:9f:63:2f:17:c8:
                    0b:75:7d:70:e0:cc:13:f1:c4:b2:b7:5b:e3:ee:dd:
                    9c:6d:a1:b8:23:d8:21:ed:f4:42:7f:ba:c9:b3:f4:
                    bc:96:e2:8c:89:c5:e2:eb:83:48:77:35:dc:a6:51:
                    5f:c3:48:f0:d0:b6:a1:ec:7a:8e:e2:a4:30:e4:7e:
                    ec:42:25:0f:e1:4a:18:c3:65:93:dc:a8:e0:02:08:
                    9c:d4:41:16:18:76:e4:b0:10:91:04:c5:bf:fe:be:
                    0a:ab:e9:ff:07:c0:69:1f:fa:b4:c1:8b:f3:be:d8:
                    b9:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:2D:3E:8E:29:FB:6A:78:CE:56:E2:4C:5D:C2:FB:C5:B8:97:46:44
            X509v3 Authority Key Identifier:
                keyid:AC:04:56:4A:B1:39:76:6F:1D:EE:64:8B:35:A0:A1:8B:BD:36:21:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rARWSrE5dm8d7mSLNaChi702IQk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:d8:68:12:44:4e:fb:cc:75:2f:db:96:6a:bb:0c:2f:e9:26:
         1f:3f:da:0c:70:1f:ce:d5:1b:bd:3c:c6:44:f3:b2:0c:38:20:
         44:55:d4:53:6a:68:6d:03:5b:97:86:5d:8a:ec:00:d8:a7:f9:
         9d:6c:06:82:10:5f:92:29:01:8d:ba:8a:a3:b9:2e:cc:cb:11:
         b6:b7:14:cc:44:41:61:fa:2e:74:2a:23:32:80:b9:58:7a:09:
         07:57:92:f7:32:02:4e:e8:db:51:8e:34:2e:24:7e:2a:e7:f0:
         35:20:ea:c5:4e:76:8c:98:c0:65:40:5b:6b:4b:0c:ad:f1:61:
         5c:a4:e0:e3:af:fb:cd:76:1e:95:c3:89:8b:15:dd:05:d8:13:
         1c:62:1d:9e:fd:12:74:6f:52:36:ad:38:3b:26:b4:db:2d:26:
         92:5f:7d:30:78:41:64:e3:7d:14:97:d5:4c:40:3b:b8:06:b6:
         d3:1b:40:17:15:dc:e3:00:67:0d:63:bf:ab:21:4a:4e:72:2e:
         a1:38:ff:14:9d:fe:23:d5:66:ce:38:8f:73:fd:9a:81:30:05:
         f2:e1:be:70:64:d3:29:0b:3e:ea:68:62:a1:e8:43:ac:d5:4c:
         cd:20:4f:73:8b:0f:52:a5:75:87:d4:3e:7d:e6:0f:73:8d:5d:
         ed:9c:40:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//rwFd+HV1iUvxbDQ+RtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDQ1NjRhYjEzOTc2NmYxZGVlNjQ4YjM1YTBhMThiYmQz
NjIxMDkwHhcNMjUxMDIwMDUwMTQ4WhcNMjUxMDIxMDUwMTQ4WjAzMTEwLwYDVQQD
EyhjNDJkM2U4ZTI5ZmI2YTc4Y2U1NmUyNGM1ZGMyZmJjNWI4OTc0NjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw8omFJxbNHa2V35k+oawulexSYo
/GbMv3SFssssLlkJxN+1TOL9uUJkm1jEz2tdL63uK4DpqvoJJSjfu1Vhc/SAmGbt
v7VYp7MaWyNz7h0zlaInjnZSQjr4NP++xpLKavjFjazlXE+m6JqyU1OoGd7PgWLk
eyS2fB/oOySmq7G37+8QqgTovQDsU1ucn6/kn2MvF8gLdX1w4MwT8cSyt1vj7t2c
baG4I9gh7fRCf7rJs/S8luKMicXi64NIdzXcplFfw0jw0Lah7HqO4qQw5H7sQiUP
4UoYw2WT3KjgAgic1EEWGHbksBCRBMW//r4Kq+n/B8BpH/q0wYvzvti5PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMQtPo4p+2p4zlbiTF3C+8W4l0ZEMB8GA1UdIwQY
MBaAFKwEVkqxOXZvHe5kizWgoYu9NiEJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFSV1NyRTVkbThkN21TTE5hQ2hpNzAySVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80NjY4ZDEtMjJhNC00MzJlLTgxZmMt
Mjg0ZTliY2Y4MmM1LzEvckFSV1NyRTVkbThkN21TTE5hQ2hpNzAySVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80NjY4ZDEtMjJhNC00MzJlLTgxZmMtMjg0ZTliY2Y4MmM1
LzEvckFSV1NyRTVkbThkN21TTE5hQ2hpNzAySVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE9hoEkRO
+8x1L9uWarsML+kmHz/aDHAfztUbvTzGRPOyDDggRFXUU2pobQNbl4ZdiuwA2Kf5
nWwGghBfkikBjbqKo7kuzMsRtrcUzERBYfoudCojMoC5WHoJB1eS9zICTujbUY40
LiR+KufwNSDqxU52jJjAZUBba0sMrfFhXKTg46/7zXYelcOJixXdBdgTHGIdnv0S
dG9SNq04Oya02y0mkl99MHhBZON9FJfVTEA7uAa20xtAFxXc4wBnDWO/qyFKTnIu
oTj/FJ3+I9VmzjiPc/2agTAF8uG+cGTTKQs+6mhioehDrNVMzSBPc4sPUqV1h9Q+
feYPc41d7ZxAuA==
-----END CERTIFICATE-----