Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          ChzMhinXHPxddF1g4/x0FX4npSKEHA7ddylZwqQQsJ8=
Subject key identifier:   35:59:62:31:AB:AE:4F:14:4E:30:D9:3E:1C:A1:A8:EB:BF:50:0B:B2
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       0199FBEBACD8D63E7143DFC95B69C97FB5DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:30 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:30 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:30 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: 7upswMAk6hbtICoPdYRpkiJ8NNuTGv9Z+EDf7iy947E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:ac:d8:d6:3e:71:43:df:c9:5b:69:c9:7f:b5:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Oct 19 10:02:30 2025 GMT
            Not After : Oct 20 10:02:30 2025 GMT
        Subject: CN=35596231abae4f144e30d93e1ca1a8ebbf500bb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:3c:d2:58:d5:82:0c:e2:c4:f6:ce:a6:ff:2f:
                    d2:c0:75:9e:b4:28:4f:fe:e6:e6:e6:1b:ce:ab:51:
                    b1:8c:57:dc:76:6b:8e:d9:94:54:64:e6:8c:20:48:
                    aa:4c:d5:3b:e4:26:a1:f3:24:e2:7a:86:d8:a8:77:
                    78:25:07:b3:f5:2a:9d:b6:20:1c:23:63:2c:a7:2a:
                    0e:6f:88:a5:9d:39:90:bc:54:b0:bb:a0:ad:5b:fa:
                    62:e4:49:e3:0c:b0:5c:42:8a:f6:3b:8d:67:22:4b:
                    ec:86:fb:30:aa:ab:1a:3e:4d:30:b0:c9:45:44:b5:
                    11:3f:27:b4:69:72:cc:f1:15:5d:b7:16:8b:aa:da:
                    74:94:dc:9c:a6:cb:ec:64:8c:fc:f3:40:a1:fb:1d:
                    da:b4:b4:2a:f8:6b:06:0a:6e:dd:e9:d2:90:ad:a7:
                    5c:d4:c0:46:62:c9:29:3e:58:f4:3d:27:54:fc:49:
                    1a:0f:68:59:91:0e:06:72:a5:e1:ad:fc:8a:4c:9e:
                    4a:e8:f7:e0:bb:d3:4a:af:60:de:0a:6b:6b:ea:09:
                    9c:27:84:82:6d:c2:02:c3:a8:ac:2a:3e:9d:a9:df:
                    0d:2e:7c:0e:d4:4a:a8:06:1f:fc:d4:d2:f5:a9:ad:
                    73:36:2c:b9:f4:bf:fd:e5:23:db:c1:8d:e3:05:95:
                    e0:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:59:62:31:AB:AE:4F:14:4E:30:D9:3E:1C:A1:A8:EB:BF:50:0B:B2
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:b1:08:6e:e9:24:df:9c:4a:c6:41:24:b8:0f:bd:c7:cc:df:
         f7:aa:53:2c:17:a7:c7:96:13:49:ec:31:a4:84:4a:86:cb:f0:
         b5:c3:7f:cf:32:27:df:b8:32:78:08:9d:49:ff:e6:78:13:89:
         2b:d2:fc:e8:15:46:1b:5c:0f:ed:e4:e0:ce:79:61:32:b2:d3:
         81:a7:8c:28:98:44:8b:7d:ce:5e:83:6b:8e:4a:7b:34:01:8a:
         ba:ab:60:34:43:a4:fe:44:4b:d3:54:4f:3b:d7:1c:10:4f:8d:
         7e:36:91:75:64:b5:55:31:84:16:05:55:e4:74:3a:b5:56:c0:
         99:72:e6:a5:da:33:27:31:05:f2:b4:d9:10:02:37:9d:45:01:
         8e:58:ea:db:74:9e:ad:67:ab:40:ba:c1:3b:96:26:27:c0:cb:
         47:71:10:00:15:87:dd:17:39:30:c2:2f:e0:e5:37:bf:5d:bb:
         5a:47:34:be:3e:95:0b:3d:2a:0b:90:97:92:e0:3b:77:d0:57:
         a4:8e:83:1a:6b:1c:98:34:6b:53:70:5e:50:01:3f:53:9e:d0:
         64:01:48:09:3a:65:a4:81:37:14:8a:b2:68:3e:93:63:d0:05:
         89:fc:93:1f:7a:ed:01:15:bb:0f:95:7b:1a:f1:f8:2d:8c:0d:
         6a:2d:c2:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766zY1j5xQ9/JW2nJf7XfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjUxMDE5MTAwMjMwWhcNMjUxMDIwMTAwMjMwWjAzMTEwLwYDVQQD
EygzNTU5NjIzMWFiYWU0ZjE0NGUzMGQ5M2UxY2ExYThlYmJmNTAwYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDzSWNWCDOLE9s6m/y/SwHWetChP
/ubm5hvOq1GxjFfcdmuO2ZRUZOaMIEiqTNU75Cah8yTieobYqHd4JQez9SqdtiAc
I2MspyoOb4ilnTmQvFSwu6CtW/pi5EnjDLBcQor2O41nIkvshvswqqsaPk0wsMlF
RLURPye0aXLM8RVdtxaLqtp0lNycpsvsZIz880Ch+x3atLQq+GsGCm7d6dKQradc
1MBGYskpPlj0PSdU/EkaD2hZkQ4GcqXhrfyKTJ5K6Pfgu9NKr2DeCmtr6gmcJ4SC
bcICw6isKj6dqd8NLnwO1EqoBh/81NL1qa1zNiy59L/95SPbwY3jBZXg4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVZYjGrrk8UTjDZPhyhqOu/UAuyMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWLEIbukk
35xKxkEkuA+9x8zf96pTLBenx5YTSewxpIRKhsvwtcN/zzIn37gyeAidSf/meBOJ
K9L86BVGG1wP7eTgznlhMrLTgaeMKJhEi33OXoNrjkp7NAGKuqtgNEOk/kRL01RP
O9ccEE+NfjaRdWS1VTGEFgVV5HQ6tVbAmXLmpdozJzEF8rTZEAI3nUUBjljq23Se
rWerQLrBO5YmJ8DLR3EQABWH3Rc5MMIv4OU3v127Wkc0vj6VCz0qC5CXkuA7d9BX
pI6DGmscmDRrU3BeUAE/U57QZAFICTplpIE3FIqyaD6TY9AFifyTH3rtARW7D5V7
GvH4LYwNai3CFA==
-----END CERTIFICATE-----