Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
File:                     9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft (raw, json)
Hash identifier:          OwVcym2fdm24LAHLEopXygBPen77khR9w9FisKt0XJ4=
Subject key identifier:   13:D0:2F:3A:84:70:80:0B:7D:A1:6B:85:AF:F6:27:67:BB:07:A8:61
Authority key identifier: F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F
Certificate issuer:       /CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
Certificate serial:       0199FBEC1D34F7662C2EF16B8F38C869B5C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
Manifest number:          0AEE
Signing time:             Sun 19 Oct 2025 10:02:59 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:59 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:59 +0000
Files and hashes:         1: 9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl (hash: KV8XVPsRhyiXTM4t35DnkswAo50ukInEf7S6Y+wi6d0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:1d:34:f7:66:2c:2e:f1:6b:8f:38:c8:69:b5:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
        Validity
            Not Before: Oct 19 10:02:59 2025 GMT
            Not After : Oct 20 10:02:59 2025 GMT
        Subject: CN=13d02f3a8470800b7da16b85aff62767bb07a861
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a8:f4:0f:30:0f:25:1a:e9:35:94:6d:98:04:
                    55:bf:bd:85:03:6a:26:0d:f1:2e:1a:b0:87:99:60:
                    af:d9:3b:bd:94:3e:d0:69:eb:84:20:e5:8e:a4:90:
                    14:8d:da:26:79:4e:b8:c3:bb:0d:39:e9:50:d0:bf:
                    4c:f0:c4:1d:5b:c4:b8:e9:53:b8:d4:10:be:2b:19:
                    70:0d:b5:05:b5:d4:e1:d4:f9:c9:ad:50:55:57:3b:
                    f7:d8:fa:d3:92:22:b3:5a:fc:51:3e:c6:78:08:ad:
                    93:74:da:58:f5:79:0d:9b:ca:9a:61:97:6a:aa:9c:
                    e7:85:96:0d:0e:15:14:20:4c:78:c0:13:0f:44:a3:
                    d2:9b:3f:30:f0:0d:10:33:8d:b7:f5:c5:0a:48:50:
                    3a:30:37:da:17:3a:00:2c:dc:eb:76:f4:dd:f2:0c:
                    bf:56:61:7e:0d:4b:00:5d:7c:2f:01:51:3a:5f:b9:
                    e7:30:1c:83:fd:9e:3a:ad:10:c2:36:8b:14:51:a8:
                    ac:69:9f:2d:fd:f3:02:3b:20:21:3b:f1:ce:05:c1:
                    f7:fc:06:70:e4:83:dc:03:f5:37:f9:70:73:33:fd:
                    ce:1a:6c:a7:4e:3d:9f:46:6e:29:38:87:a3:53:0c:
                    30:33:6c:68:39:99:5a:d3:56:83:c3:a9:0d:e0:be:
                    96:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:D0:2F:3A:84:70:80:0B:7D:A1:6B:85:AF:F6:27:67:BB:07:A8:61
            X509v3 Authority Key Identifier:
                keyid:F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:a3:4d:05:90:88:9d:a4:42:3a:b3:cb:da:ea:8d:3d:54:62:
         25:48:6b:02:fe:71:27:11:7b:66:5b:80:49:5e:b9:78:2c:1f:
         4d:dd:03:c7:ca:33:23:24:3d:f8:a2:7e:47:a9:80:7e:94:45:
         fa:3d:fe:9d:17:8a:a4:8f:ca:89:c2:d0:2c:ff:b3:df:b0:2d:
         50:ea:38:43:7d:1b:00:16:36:02:73:89:cb:e6:6e:c6:c4:e6:
         df:56:07:cf:da:63:0f:0e:71:d1:86:7f:8c:c0:4a:df:8b:0e:
         26:41:ad:56:ce:08:62:0e:b3:3b:f7:30:ee:77:dc:aa:ad:53:
         66:b5:fc:40:6f:9f:97:27:70:04:ce:7b:51:e5:71:f8:b6:98:
         fb:b7:90:3f:d4:ae:b5:e2:00:44:bb:bd:ec:2d:56:81:c9:d0:
         53:82:b0:80:ac:4d:8c:cf:e1:67:e3:75:42:e7:79:8f:03:c1:
         8a:44:5d:47:c6:72:d7:c6:3b:dd:98:27:ec:71:ff:47:37:92:
         d2:71:09:18:7e:84:74:fd:0f:14:b8:71:e9:62:bb:b7:ef:c9:
         ee:5f:cc:8b:e5:04:7c:c1:02:49:92:11:d5:b2:5b:09:d5:9a:
         76:e8:76:f1:3b:12:b8:ad:78:e4:5b:44:bf:27:6d:50:c4:3a:
         42:92:93:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77B0092YsLvFrjzjIabXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWQ1ZTVkYmJhMWVhYjZkMzk1OGU1OTQxODI5YzlkYTFi
MmM2N2YwHhcNMjUxMDE5MTAwMjU5WhcNMjUxMDIwMTAwMjU5WjAzMTEwLwYDVQQD
EygxM2QwMmYzYTg0NzA4MDBiN2RhMTZiODVhZmY2Mjc2N2JiMDdhODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6j0DzAPJRrpNZRtmARVv72FA2om
DfEuGrCHmWCv2Tu9lD7QaeuEIOWOpJAUjdomeU64w7sNOelQ0L9M8MQdW8S46VO4
1BC+KxlwDbUFtdTh1PnJrVBVVzv32PrTkiKzWvxRPsZ4CK2TdNpY9XkNm8qaYZdq
qpznhZYNDhUUIEx4wBMPRKPSmz8w8A0QM4239cUKSFA6MDfaFzoALNzrdvTd8gy/
VmF+DUsAXXwvAVE6X7nnMByD/Z46rRDCNosUUaisaZ8t/fMCOyAhO/HOBcH3/AZw
5IPcA/U3+XBzM/3OGmynTj2fRm4pOIejUwwwM2xoOZla01aDw6kN4L6WBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBPQLzqEcIALfaFrha/2J2e7B6hhMB8GA1UdIwQY
MBaAFPTtXl27oeq205WOWUGCnJ2hssZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQt
ZGIxYTZiYmNiYjcyLzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQtZGIxYTZiYmNiYjcy
LzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASqNNBZCI
naRCOrPL2uqNPVRiJUhrAv5xJxF7ZluASV65eCwfTd0Dx8ozIyQ9+KJ+R6mAfpRF
+j3+nReKpI/KicLQLP+z37AtUOo4Q30bABY2AnOJy+ZuxsTm31YHz9pjDw5x0YZ/
jMBK34sOJkGtVs4IYg6zO/cw7nfcqq1TZrX8QG+flydwBM57UeVx+LaY+7eQP9Su
teIARLu97C1WgcnQU4KwgKxNjM/hZ+N1Qud5jwPBikRdR8Zy18Y73Zgn7HH/RzeS
0nEJGH6EdP0PFLhx6WK7t+/J7l/Mi+UEfMECSZIR1bJbCdWaduh28TsSuK145FtE
vydtUMQ6QpKT1w==
-----END CERTIFICATE-----