Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          kffzyNogYlOGotVGLZA6fT4GxLPdgO0eC+OqCEqRumg=
Subject key identifier:   9E:66:1D:10:B3:9F:B1:E3:7E:E5:B3:DC:25:55:F6:00:CC:0C:2A:CF
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       0199FBEB93B43052AAD65BA1569E39EC167A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0D84
Signing time:             Sun 19 Oct 2025 10:02:23 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:23 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:23 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: BfHKMbPGDcMDdzBcAKxY9tOz2YAHI4wef0fXUwJBSGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:93:b4:30:52:aa:d6:5b:a1:56:9e:39:ec:16:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Oct 19 10:02:23 2025 GMT
            Not After : Oct 20 10:02:23 2025 GMT
        Subject: CN=9e661d10b39fb1e37ee5b3dc2555f600cc0c2acf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:2d:a8:7f:44:a6:e8:38:e6:bf:f9:70:34:f9:
                    34:5e:f6:4f:16:2b:cf:c2:49:96:60:45:56:e2:f9:
                    6c:38:d5:37:6e:b7:9c:ec:62:54:e8:8c:2e:6d:46:
                    85:db:77:80:7d:bb:67:f4:05:ea:fc:e3:d6:08:44:
                    2d:c3:3f:cf:bb:07:0b:56:56:5b:d2:08:f9:30:1e:
                    94:19:07:53:01:3f:96:58:9e:6c:b9:44:97:46:4b:
                    11:51:8b:ab:1e:2a:48:84:81:49:43:c8:97:a6:1b:
                    ee:4c:ea:c1:02:28:ac:4c:0c:8b:15:5a:40:55:12:
                    59:e0:2d:04:17:5c:63:09:01:eb:72:9a:2f:52:be:
                    ad:67:32:d8:11:7a:02:e6:9b:d8:52:a2:f0:bf:82:
                    d2:1b:99:80:ed:42:2d:be:1a:5b:00:4d:54:be:d2:
                    67:d0:37:d4:32:16:64:0f:55:42:dd:62:f9:3e:60:
                    3e:a9:c2:fb:1c:34:3b:2e:70:55:ff:5c:bc:4b:a2:
                    88:57:3e:86:b8:16:dc:9f:f5:5e:08:29:9a:9e:26:
                    33:f6:38:dd:b7:c3:53:2f:1b:49:ad:49:ab:7c:b1:
                    2d:30:5d:f9:a8:10:c5:e3:1c:54:26:f5:05:ca:5e:
                    c3:91:fd:34:4e:01:d6:01:fc:c8:20:4d:6d:e2:5f:
                    5a:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:66:1D:10:B3:9F:B1:E3:7E:E5:B3:DC:25:55:F6:00:CC:0C:2A:CF
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:5e:dc:77:32:fb:07:07:cc:65:7a:98:f8:a5:76:e7:39:25:
         bc:78:b7:38:cb:90:dd:9c:ff:ef:cb:6e:3a:fe:2a:c5:05:1c:
         66:09:6e:49:e5:ab:3a:13:a7:31:4d:52:ff:38:04:ef:57:1b:
         fb:04:e3:bf:cc:0d:8c:0b:eb:c0:53:95:bc:04:e3:82:81:03:
         c5:b4:29:bf:fc:e3:b7:ce:c1:d5:16:b9:3c:14:45:b8:39:5c:
         de:bc:11:65:92:fc:0b:a2:94:59:32:1b:1e:fe:ec:35:6e:bb:
         91:3c:05:f3:83:93:47:c9:1b:03:3a:b3:c3:85:9d:c9:73:8d:
         4c:bc:f2:10:5b:1c:c2:9c:a0:58:89:d2:60:23:49:4b:40:13:
         ed:e1:92:bf:69:a2:41:60:a3:96:24:b5:96:a6:48:1b:25:3c:
         f6:18:e1:ca:82:e8:24:a7:e6:93:69:d5:5f:d7:0f:28:33:31:
         a1:9e:10:40:b9:3c:a9:da:6c:c1:92:33:af:16:d4:c7:5e:7f:
         a1:df:18:a2:b6:17:29:df:6c:b4:a0:3c:0c:62:11:97:e8:84:
         2b:cc:13:03:39:7a:da:35:c1:ff:9a:24:21:52:46:4a:fb:6a:
         a4:ec:70:82:64:b3:31:a3:52:62:7f:a0:75:4b:ba:75:93:44:
         4b:b1:30:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn765O0MFKq1luhVp457BZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjUxMDE5MTAwMjIzWhcNMjUxMDIwMTAwMjIzWjAzMTEwLwYDVQQD
Eyg5ZTY2MWQxMGIzOWZiMWUzN2VlNWIzZGMyNTU1ZjYwMGNjMGMyYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS2of0Sm6Djmv/lwNPk0XvZPFivP
wkmWYEVW4vlsONU3brec7GJU6IwubUaF23eAfbtn9AXq/OPWCEQtwz/PuwcLVlZb
0gj5MB6UGQdTAT+WWJ5suUSXRksRUYurHipIhIFJQ8iXphvuTOrBAiisTAyLFVpA
VRJZ4C0EF1xjCQHrcpovUr6tZzLYEXoC5pvYUqLwv4LSG5mA7UItvhpbAE1UvtJn
0DfUMhZkD1VC3WL5PmA+qcL7HDQ7LnBV/1y8S6KIVz6GuBbcn/VeCCmaniYz9jjd
t8NTLxtJrUmrfLEtMF35qBDF4xxUJvUFyl7Dkf00TgHWAfzIIE1t4l9aPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5mHRCzn7HjfuWz3CVV9gDMDCrPMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApl7cdzL7
BwfMZXqY+KV25zklvHi3OMuQ3Zz/78tuOv4qxQUcZgluSeWrOhOnMU1S/zgE71cb
+wTjv8wNjAvrwFOVvATjgoEDxbQpv/zjt87B1Ra5PBRFuDlc3rwRZZL8C6KUWTIb
Hv7sNW67kTwF84OTR8kbAzqzw4WdyXONTLzyEFscwpygWInSYCNJS0AT7eGSv2mi
QWCjliS1lqZIGyU89hjhyoLoJKfmk2nVX9cPKDMxoZ4QQLk8qdpswZIzrxbUx15/
od8YorYXKd9stKA8DGIRl+iEK8wTAzl62jXB/5okIVJGSvtqpOxwgmSzMaNSYn+g
dUu6dZNES7EwVw==
-----END CERTIFICATE-----