Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
File:                     tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json)
Hash identifier:          qianwrzFUVR0LPF/GnVuVMLMY0ee9djqLZxPoF9/wZ4=
Subject key identifier:   3A:19:D3:A3:4A:4D:82:23:0C:E9:B2:28:37:F4:6D:C9:D1:59:18:C6
Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA
Certificate issuer:       /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
Certificate serial:       0199FDD9FF5C17782881B1F092FE85B62617
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 19:02:26 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:26 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:26 +0000
Files and hashes:         1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: qJU654lrfMuSeXjYkb8CcTVHRxROi3IRMI7leRzgVHI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:ff:5c:17:78:28:81:b1:f0:92:fe:85:b6:26:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
        Validity
            Not Before: Oct 19 19:02:26 2025 GMT
            Not After : Oct 20 19:02:26 2025 GMT
        Subject: CN=3a19d3a34a4d82230ce9b22837f46dc9d15918c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:23:0a:2f:3e:ab:4a:44:bd:f7:12:e6:39:21:
                    09:90:40:8e:29:fe:8a:fc:80:63:66:ab:61:e8:42:
                    0d:fa:29:12:1a:2b:c5:5d:0a:a4:3d:f8:93:fd:43:
                    e8:fd:de:89:c6:56:fb:8d:76:a4:24:e8:8d:82:f1:
                    17:b4:7e:10:43:9f:a1:90:34:9b:1a:78:da:c9:9c:
                    80:d6:00:07:8a:11:7f:d2:49:7e:4d:c0:f0:f2:ac:
                    2c:81:0e:e4:20:4d:a0:93:ef:1f:81:5a:8f:eb:82:
                    48:f9:00:77:31:5a:b3:73:cc:3e:13:38:4e:a8:55:
                    81:93:94:6f:c4:a0:00:47:c4:86:17:15:16:66:21:
                    dc:38:82:1f:a3:47:32:ad:e0:9c:fd:92:f9:3f:b3:
                    1a:d2:7f:bf:55:f1:03:c7:37:5f:7b:74:55:9d:bd:
                    97:14:6c:cf:90:79:d2:75:b0:df:0e:be:89:d6:95:
                    f3:08:62:25:0d:26:df:d3:9e:54:6f:71:e6:4e:35:
                    31:20:1a:0d:7b:c6:8a:14:97:c8:d1:37:3a:1e:f6:
                    0a:67:c7:55:29:59:2b:5b:8f:47:44:04:b0:b0:e9:
                    1d:63:e0:8e:a6:8d:86:e3:9e:6a:1d:d7:5a:0f:c2:
                    fb:58:08:89:8a:0a:71:35:d0:87:66:37:40:89:1c:
                    80:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:19:D3:A3:4A:4D:82:23:0C:E9:B2:28:37:F4:6D:C9:D1:59:18:C6
            X509v3 Authority Key Identifier:
                keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:ce:29:14:e6:40:31:fb:28:61:5e:0e:c9:79:75:f5:4c:2e:
         57:f2:36:d4:76:10:0f:9e:3f:39:51:97:3c:b5:e4:57:d5:23:
         1d:ff:65:3d:11:c4:1f:f2:cf:74:31:64:9d:e0:c6:79:55:4e:
         e5:8f:5d:93:b3:10:dd:36:1b:c0:d7:7a:25:39:1b:fc:ae:8e:
         86:57:08:d9:e6:28:c7:ba:fd:d8:c6:ad:47:59:eb:06:57:3c:
         22:27:c9:3c:b7:ea:48:bf:a1:7b:35:72:4b:a1:f2:d4:83:6c:
         ba:9a:cf:22:76:f0:c2:6b:41:4e:b9:e2:b0:7c:2a:23:79:69:
         67:06:0e:cb:dd:36:40:23:a9:05:b2:f1:eb:bf:aa:f0:8e:dc:
         f9:6b:b1:64:12:20:e8:ef:0e:a2:9a:8e:1d:52:a3:76:ad:c7:
         6f:ef:c0:3e:7f:77:40:93:50:c6:38:5f:e5:40:0c:bc:ca:5e:
         2c:da:ce:71:bb:46:bc:eb:70:77:01:20:10:28:83:d4:57:b7:
         85:7b:84:58:bd:db:7e:cc:24:db:58:8b:76:6e:a5:c4:f5:bf:
         95:db:14:3c:85:2b:7a:c8:be:09:19:00:23:bc:e4:7f:18:fe:
         30:5f:de:e9:64:4c:f8:25:be:58:5e:83:54:fc:1d:5f:e6:1c:
         01:07:84:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92f9cF3gogbHwkv6FtiYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj
YWY1ZmEwHhcNMjUxMDE5MTkwMjI2WhcNMjUxMDIwMTkwMjI2WjAzMTEwLwYDVQQD
EygzYTE5ZDNhMzRhNGQ4MjIzMGNlOWIyMjgzN2Y0NmRjOWQxNTkxOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyMKLz6rSkS99xLmOSEJkECOKf6K
/IBjZqth6EIN+ikSGivFXQqkPfiT/UPo/d6Jxlb7jXakJOiNgvEXtH4QQ5+hkDSb
GnjayZyA1gAHihF/0kl+TcDw8qwsgQ7kIE2gk+8fgVqP64JI+QB3MVqzc8w+EzhO
qFWBk5RvxKAAR8SGFxUWZiHcOIIfo0cyreCc/ZL5P7Ma0n+/VfEDxzdfe3RVnb2X
FGzPkHnSdbDfDr6J1pXzCGIlDSbf055Ub3HmTjUxIBoNe8aKFJfI0Tc6HvYKZ8dV
KVkrW49HRASwsOkdY+COpo2G455qHddaD8L7WAiJigpxNdCHZjdAiRyAKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoZ06NKTYIjDOmyKDf0bcnRWRjGMB8GA1UdIwQY
MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt
MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4
LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARM4pFOZA
MfsoYV4OyXl19UwuV/I21HYQD54/OVGXPLXkV9UjHf9lPRHEH/LPdDFkneDGeVVO
5Y9dk7MQ3TYbwNd6JTkb/K6OhlcI2eYox7r92MatR1nrBlc8IifJPLfqSL+hezVy
S6Hy1INsuprPInbwwmtBTrnisHwqI3lpZwYOy902QCOpBbLx67+q8I7c+WuxZBIg
6O8OopqOHVKjdq3Hb+/APn93QJNQxjhf5UAMvMpeLNrOcbtGvOtwdwEgECiD1Fe3
hXuEWL3bfswk21iLdm6lxPW/ldsUPIUresi+CRkAI7zkfxj+MF/e6WRM+CW+WF6D
VPwdX+YcAQeEDA==
-----END CERTIFICATE-----