Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          1ycrnvhVcAnBva9dUmrFphgmaKCty6zF36KfpXeN5Fk=
Subject key identifier:   06:D7:FD:05:A9:EE:5E:9C:FF:72:2F:67:FB:EC:05:60:5C:BE:6F:75
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       0199FC58470CEB094DD15047C041BC781BDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          100B
Signing time:             Sun 19 Oct 2025 12:01:07 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:07 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:07 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: QlWydAiCQFsd11nlm4MSElB7bZ7AUMaiPcwAXoIXcAs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:47:0c:eb:09:4d:d1:50:47:c0:41:bc:78:1b:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Oct 19 12:01:07 2025 GMT
            Not After : Oct 20 12:01:07 2025 GMT
        Subject: CN=06d7fd05a9ee5e9cff722f67fbec05605cbe6f75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e3:f6:44:d2:de:88:96:bb:b1:53:91:cf:29:
                    42:09:90:36:71:09:f2:33:b4:78:fa:12:96:3d:20:
                    7c:e9:fb:d4:93:3f:d8:3a:64:43:4c:12:69:18:d0:
                    03:6e:87:b0:69:ab:05:a1:a8:2f:a1:60:91:27:d7:
                    85:eb:57:00:1f:98:64:9e:b5:65:46:14:12:16:34:
                    e2:44:16:7f:02:ac:39:5e:0c:02:e7:9d:19:6f:aa:
                    ac:13:04:05:7d:f0:8b:0a:3f:30:bd:1f:7f:56:e8:
                    d3:04:33:ee:8e:e3:69:73:df:86:ad:ec:5e:de:5c:
                    40:8c:7c:d4:00:d4:ec:90:8a:2e:d7:e8:f0:73:8c:
                    86:2c:21:76:69:d4:33:8e:43:e6:00:c6:3b:2a:52:
                    f8:4d:46:a5:7a:09:08:43:5d:47:3b:4c:b3:a5:c6:
                    9f:e4:37:4c:2f:7d:24:c6:cc:4c:9a:0f:ef:2a:61:
                    0d:32:57:3d:8e:f4:e2:9b:90:c8:7f:ba:05:f7:77:
                    d3:2f:77:0c:da:59:e3:df:eb:13:68:8f:ce:8c:d4:
                    85:0b:b5:a8:f1:ec:52:19:bc:3a:15:f3:12:97:76:
                    5f:fc:10:13:cf:9d:c2:37:bf:35:3e:42:f8:bd:ca:
                    e2:13:fb:6c:84:ad:65:93:67:af:72:41:6e:00:c9:
                    fe:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:D7:FD:05:A9:EE:5E:9C:FF:72:2F:67:FB:EC:05:60:5C:BE:6F:75
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:a0:00:8a:a4:2c:78:dc:b3:91:02:fe:4d:a0:c8:e9:11:44:
         99:34:58:06:4f:65:2f:1d:5e:8a:7e:c5:ee:c5:89:63:9d:c0:
         28:43:74:70:25:7d:74:b1:7b:06:95:24:db:90:a4:c3:b4:54:
         c5:32:ee:f8:7f:88:81:dd:1c:ce:72:80:d8:95:d7:8b:07:fc:
         c8:0b:db:fd:e9:b2:5c:17:34:8c:38:81:db:53:3f:f4:5e:17:
         61:c0:1a:cd:e6:37:2a:f1:da:f8:bc:24:12:1d:ab:2f:f6:35:
         cf:c5:f4:f7:df:05:84:da:00:1c:f1:fa:f9:52:65:d1:6d:e4:
         85:e8:73:54:6c:f1:9e:59:9f:9e:e7:b0:b6:c1:92:d6:c4:4c:
         fd:04:b3:53:53:43:03:69:15:e5:59:1e:8f:95:d5:b2:da:0d:
         ad:08:af:10:39:c1:93:da:f0:17:f6:04:2f:14:d1:0f:9a:83:
         a7:1d:fe:7d:a0:53:e6:d2:75:c1:43:2f:15:60:32:1e:2b:44:
         3e:66:b2:c6:a0:24:9a:9b:c1:57:18:9a:14:c5:b8:90:9b:a6:
         8d:39:66:91:35:66:80:98:1d:74:ec:22:54:22:79:b1:60:f4:
         03:a8:6b:4a:72:de:43:a4:04:d9:5f:ab:38:14:2a:5a:9d:8a:
         bb:02:68:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WEcM6wlN0VBHwEG8eBvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjUxMDE5MTIwMTA3WhcNMjUxMDIwMTIwMTA3WjAzMTEwLwYDVQQD
EygwNmQ3ZmQwNWE5ZWU1ZTljZmY3MjJmNjdmYmVjMDU2MDVjYmU2Zjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+P2RNLeiJa7sVORzylCCZA2cQny
M7R4+hKWPSB86fvUkz/YOmRDTBJpGNADboewaasFoagvoWCRJ9eF61cAH5hknrVl
RhQSFjTiRBZ/Aqw5XgwC550Zb6qsEwQFffCLCj8wvR9/VujTBDPujuNpc9+Grexe
3lxAjHzUANTskIou1+jwc4yGLCF2adQzjkPmAMY7KlL4TUalegkIQ11HO0yzpcaf
5DdML30kxsxMmg/vKmENMlc9jvTim5DIf7oF93fTL3cM2lnj3+sTaI/OjNSFC7Wo
8exSGbw6FfMSl3Zf/BATz53CN781PkL4vcriE/tshK1lk2evckFuAMn+YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAbX/QWp7l6c/3IvZ/vsBWBcvm91MB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARKAAiqQs
eNyzkQL+TaDI6RFEmTRYBk9lLx1ein7F7sWJY53AKEN0cCV9dLF7BpUk25Ckw7RU
xTLu+H+Igd0cznKA2JXXiwf8yAvb/emyXBc0jDiB21M/9F4XYcAazeY3KvHa+Lwk
Eh2rL/Y1z8X0998FhNoAHPH6+VJl0W3khehzVGzxnlmfnuewtsGS1sRM/QSzU1ND
A2kV5Vkej5XVstoNrQivEDnBk9rwF/YELxTRD5qDpx3+faBT5tJ1wUMvFWAyHitE
PmayxqAkmpvBVxiaFMW4kJumjTlmkTVmgJgddOwiVCJ5sWD0A6hrSnLeQ6QE2V+r
OBQqWp2KuwJoqA==
-----END CERTIFICATE-----