Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft
File:                     68Xg5EXZRzFUru10Rpss-6NmTjU.mft (raw, json)
Hash identifier:          BjGRRSZWKlz0sVhR4x7J9SmHZj66HcbknZdvZ2dIVj4=
Subject key identifier:   AE:19:31:EB:D6:F8:E5:77:53:BA:BD:F5:C8:D2:99:D6:3C:FB:35:6D
Authority key identifier: EB:C5:E0:E4:45:D9:47:31:54:AE:ED:74:46:9B:2C:FB:A3:66:4E:35
Certificate issuer:       /CN=ebc5e0e445d9473154aeed74469b2cfba3664e35
Certificate serial:       0199FFC7BB2DC699AC2DBF029E708B644B9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/68Xg5EXZRzFUru10Rpss-6NmTjU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft
Manifest number:          0A28
Signing time:             Mon 20 Oct 2025 04:01:43 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:43 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:43 +0000
Files and hashes:         1: 68Xg5EXZRzFUru10Rpss-6NmTjU.crl (hash: kVXxT+xMaXZIDtt7UFf5rPIyIosr/u5hE0nKorkEI3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/68Xg5EXZRzFUru10Rpss-6NmTjU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:bb:2d:c6:99:ac:2d:bf:02:9e:70:8b:64:4b:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebc5e0e445d9473154aeed74469b2cfba3664e35
        Validity
            Not Before: Oct 20 04:01:43 2025 GMT
            Not After : Oct 21 04:01:43 2025 GMT
        Subject: CN=ae1931ebd6f8e57753babdf5c8d299d63cfb356d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:48:d5:f2:18:c3:89:44:07:85:85:11:c6:88:
                    98:20:57:90:b3:9f:47:c0:b3:09:b7:10:34:99:0c:
                    f2:42:ac:fc:bf:bd:33:6b:6c:59:56:da:a5:1f:04:
                    89:11:99:83:00:02:cf:97:ca:b5:15:e3:ee:3a:ad:
                    c3:2d:3a:a8:f3:4c:07:03:23:75:fb:c2:59:5e:91:
                    e7:63:e6:70:4c:7f:2f:eb:57:07:f8:8c:a0:10:3f:
                    49:73:fc:87:24:bd:c6:18:d8:26:3a:10:fa:89:ed:
                    95:24:fb:f8:98:fa:7f:59:e8:be:90:b1:7c:cc:1d:
                    8c:ff:2b:3b:71:10:c8:53:34:97:6e:0f:da:e1:af:
                    c5:71:31:e1:2d:f4:ab:93:be:f7:a0:9e:b5:94:26:
                    67:12:8b:46:68:a6:3d:00:b5:8a:49:38:7b:89:7d:
                    63:ea:7a:2b:52:ce:81:92:c1:81:0a:ac:68:d1:37:
                    07:eb:a9:d3:93:1c:c7:3d:59:e0:b8:e0:e7:40:47:
                    23:82:6d:bb:6e:b1:83:8a:01:40:b3:9c:47:16:c6:
                    45:c7:5a:6d:32:2a:28:ec:49:c0:c0:4b:e5:30:f3:
                    5a:21:34:84:d4:27:eb:a8:d1:8b:04:74:33:39:ad:
                    ff:16:09:df:c6:36:f8:9b:b2:36:50:91:00:b3:95:
                    0d:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:19:31:EB:D6:F8:E5:77:53:BA:BD:F5:C8:D2:99:D6:3C:FB:35:6D
            X509v3 Authority Key Identifier:
                keyid:EB:C5:E0:E4:45:D9:47:31:54:AE:ED:74:46:9B:2C:FB:A3:66:4E:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68Xg5EXZRzFUru10Rpss-6NmTjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:0f:15:9c:72:e5:c6:51:39:67:ed:d3:ac:9e:a5:a2:9f:4d:
         b4:0b:c3:d7:80:88:48:12:a0:04:25:80:e4:e0:bc:59:c7:2d:
         1d:6e:df:93:91:30:3c:00:25:a1:e1:ed:dc:67:98:0d:91:c1:
         ad:b1:ef:8d:58:70:57:fe:32:05:d8:a8:a1:d4:9e:f0:81:5e:
         fa:b4:c3:5b:9c:28:d9:2e:3f:38:f9:b9:20:61:63:6f:2f:13:
         60:cd:50:c4:d1:34:79:4b:50:5f:d9:af:32:0a:ba:db:ef:f6:
         87:c7:7e:5b:45:52:67:87:e4:29:85:d6:86:f5:53:ac:84:d9:
         66:a6:6e:45:d8:c5:9a:ef:ca:59:87:6a:d5:a5:f6:c1:35:ec:
         7b:29:1c:d0:48:3c:89:d9:37:a4:0a:19:28:2a:c9:4e:eb:5f:
         ac:d7:a9:03:73:29:22:3c:35:75:62:88:23:d6:b5:9a:85:8d:
         f3:fd:39:ab:9f:57:c9:7e:1e:04:d2:72:6f:05:28:83:da:0d:
         0a:2f:69:7b:7a:0e:de:03:65:3f:38:b1:61:84:7e:af:30:7e:
         74:a8:c1:37:59:78:c0:64:52:32:f1:48:70:ec:c2:52:96:97:
         1d:56:cc:ee:d0:59:06:4e:88:e1:dd:e5:15:b1:88:09:f8:34:
         2f:ff:f6:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x7stxpmsLb8CnnCLZEucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYzVlMGU0NDVkOTQ3MzE1NGFlZWQ3NDQ2OWIyY2ZiYTM2
NjRlMzUwHhcNMjUxMDIwMDQwMTQzWhcNMjUxMDIxMDQwMTQzWjAzMTEwLwYDVQQD
EyhhZTE5MzFlYmQ2ZjhlNTc3NTNiYWJkZjVjOGQyOTlkNjNjZmIzNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4EjV8hjDiUQHhYURxoiYIFeQs59H
wLMJtxA0mQzyQqz8v70za2xZVtqlHwSJEZmDAALPl8q1FePuOq3DLTqo80wHAyN1
+8JZXpHnY+ZwTH8v61cH+IygED9Jc/yHJL3GGNgmOhD6ie2VJPv4mPp/Wei+kLF8
zB2M/ys7cRDIUzSXbg/a4a/FcTHhLfSrk773oJ61lCZnEotGaKY9ALWKSTh7iX1j
6norUs6BksGBCqxo0TcH66nTkxzHPVnguODnQEcjgm27brGDigFAs5xHFsZFx1pt
Mioo7EnAwEvlMPNaITSE1CfrqNGLBHQzOa3/Fgnfxjb4m7I2UJEAs5UNTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4ZMevW+OV3U7q99cjSmdY8+zVtMB8GA1UdIwQY
MBaAFOvF4ORF2UcxVK7tdEabLPujZk41MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjhYZzVFWFpSekZVcnUxMFJwc3MtNk5tVGpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zMmFiZWUtY2Y3YS00NGY5LTg3NjUt
OGRlYzJlMTYzYTg2LzEvNjhYZzVFWFpSekZVcnUxMFJwc3MtNk5tVGpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zMmFiZWUtY2Y3YS00NGY5LTg3NjUtOGRlYzJlMTYzYTg2
LzEvNjhYZzVFWFpSekZVcnUxMFJwc3MtNk5tVGpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMQ8VnHLl
xlE5Z+3TrJ6lop9NtAvD14CISBKgBCWA5OC8WcctHW7fk5EwPAAloeHt3GeYDZHB
rbHvjVhwV/4yBdioodSe8IFe+rTDW5wo2S4/OPm5IGFjby8TYM1QxNE0eUtQX9mv
Mgq62+/2h8d+W0VSZ4fkKYXWhvVTrITZZqZuRdjFmu/KWYdq1aX2wTXseykc0Eg8
idk3pAoZKCrJTutfrNepA3MpIjw1dWKII9a1moWN8/05q59XyX4eBNJybwUog9oN
Ci9pe3oO3gNlPzixYYR+rzB+dKjBN1l4wGRSMvFIcOzCUpaXHVbM7tBZBk6I4d3l
FbGICfg0L//2Dw==
-----END CERTIFICATE-----