Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          nIdrE/d9cVZCXqialf0rzc6GZ6pq/E+2gBKYEODTh1E=
Subject key identifier:   8F:53:15:0F:7E:75:97:E6:56:E8:7E:B3:26:4B:77:36:E0:AB:70:B5
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       0199FBEB08770B4C8302F045905C236A3937
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          0899
Signing time:             Sun 19 Oct 2025 10:01:48 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:48 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:48 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: qyH7oKLSaGHM4OQBp2SkKHkp2cjgsh/7FpOd9bdHRf8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:08:77:0b:4c:83:02:f0:45:90:5c:23:6a:39:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Oct 19 10:01:48 2025 GMT
            Not After : Oct 20 10:01:48 2025 GMT
        Subject: CN=8f53150f7e7597e656e87eb3264b7736e0ab70b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7c:20:96:ad:ae:ae:7a:65:a4:42:29:87:33:
                    cc:6e:f1:06:9c:8f:33:d5:6b:9c:90:8f:4b:e8:46:
                    90:a2:e8:65:25:be:51:76:d3:2e:a3:12:b8:de:ef:
                    8e:22:e2:33:ec:7d:1c:32:50:fb:90:b5:21:83:09:
                    72:9e:2e:10:c2:07:43:1d:f0:e2:25:72:42:e8:c8:
                    8b:00:16:a3:d4:3e:17:f4:8d:94:9d:50:60:73:8e:
                    4c:48:a6:e6:6e:00:30:c8:ee:fd:5e:23:f0:63:a3:
                    4d:21:4a:00:74:e7:64:df:19:db:14:67:17:7b:ac:
                    e2:d1:7e:60:32:0e:d0:78:16:0f:a9:b4:4a:da:2c:
                    df:fa:d4:2a:db:e8:cd:84:63:e7:42:dc:ce:95:e7:
                    17:9f:6f:32:fa:3d:42:8c:87:c8:f4:4c:cd:e3:7d:
                    09:96:8d:9f:be:84:1a:eb:4b:91:5c:4c:84:b1:1e:
                    40:f9:2f:3e:e4:88:1d:29:f5:f7:28:ba:a0:e2:5f:
                    ac:7a:55:c2:7d:96:f3:7c:ae:61:88:e8:92:c5:ca:
                    a6:78:99:09:f9:36:74:63:b0:33:58:ee:b4:2b:53:
                    64:27:82:f2:8f:bd:0e:e5:44:df:4b:2b:d8:74:ea:
                    23:9b:87:bf:7c:9e:4d:e1:0b:b8:49:2e:51:ce:d6:
                    4a:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:53:15:0F:7E:75:97:E6:56:E8:7E:B3:26:4B:77:36:E0:AB:70:B5
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:b1:29:4b:ef:b9:33:bd:8f:33:65:75:22:da:65:4e:dd:be:
         e6:fd:51:22:69:84:c8:13:2e:a6:4f:6c:5d:7a:e7:bd:41:40:
         ac:24:c9:08:6a:90:33:64:5f:e8:3a:7c:a7:d5:57:73:b8:cd:
         e8:62:a0:b7:de:4c:31:b5:1d:8f:24:31:ad:fc:dc:f8:41:d9:
         89:9b:64:bd:fc:40:6b:63:f8:09:25:9b:50:12:c7:d5:13:98:
         1e:fc:1b:0f:13:eb:10:5f:26:dd:b7:36:5e:13:b0:b5:77:27:
         d5:d1:99:55:c7:de:98:9b:6b:43:f8:36:39:b8:0a:cb:9c:37:
         30:ed:8c:e1:3c:af:37:12:c7:09:bb:1d:cd:eb:e5:16:99:8f:
         3e:00:bc:46:f0:cf:3d:af:f8:7b:79:b1:fb:95:48:1c:88:a7:
         a6:a4:47:ca:0c:ac:58:33:70:6c:44:1a:b7:19:ed:7d:ae:ce:
         66:9a:bd:92:02:01:81:7e:5b:ee:33:a9:45:46:1f:dc:2b:b6:
         1e:84:5c:32:ad:2b:8a:16:50:8c:23:95:13:bb:ad:dd:b1:88:
         42:ca:a6:32:86:65:bf:af:ef:5e:1e:e0:0c:93:d3:5f:ea:88:
         8c:0c:d5:f6:1b:6e:81:39:15:b1:4e:49:95:8f:57:3f:2f:62:
         fb:c4:27:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wh3C0yDAvBFkFwjajk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjUxMDE5MTAwMTQ4WhcNMjUxMDIwMTAwMTQ4WjAzMTEwLwYDVQQD
Eyg4ZjUzMTUwZjdlNzU5N2U2NTZlODdlYjMyNjRiNzczNmUwYWI3MGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnwglq2urnplpEIphzPMbvEGnI8z
1WuckI9L6EaQouhlJb5RdtMuoxK43u+OIuIz7H0cMlD7kLUhgwlyni4QwgdDHfDi
JXJC6MiLABaj1D4X9I2UnVBgc45MSKbmbgAwyO79XiPwY6NNIUoAdOdk3xnbFGcX
e6zi0X5gMg7QeBYPqbRK2izf+tQq2+jNhGPnQtzOlecXn28y+j1CjIfI9EzN430J
lo2fvoQa60uRXEyEsR5A+S8+5IgdKfX3KLqg4l+selXCfZbzfK5hiOiSxcqmeJkJ
+TZ0Y7AzWO60K1NkJ4Lyj70O5UTfSyvYdOojm4e/fJ5N4Qu4SS5RztZKMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9TFQ9+dZfmVuh+syZLdzbgq3C1MB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLEpS++5
M72PM2V1ItplTt2+5v1RImmEyBMupk9sXXrnvUFArCTJCGqQM2Rf6Dp8p9VXc7jN
6GKgt95MMbUdjyQxrfzc+EHZiZtkvfxAa2P4CSWbUBLH1ROYHvwbDxPrEF8m3bc2
XhOwtXcn1dGZVcfemJtrQ/g2ObgKy5w3MO2M4TyvNxLHCbsdzevlFpmPPgC8RvDP
Pa/4e3mx+5VIHIinpqRHygysWDNwbEQatxntfa7OZpq9kgIBgX5b7jOpRUYf3Cu2
HoRcMq0rihZQjCOVE7ut3bGIQsqmMoZlv6/vXh7gDJPTX+qIjAzV9htugTkVsU5J
lY9XPy9i+8Qnsw==
-----END CERTIFICATE-----