Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
File:                     09XiCPMtcw1DHUpNTtgJWx59lDE.mft (raw, json)
Hash identifier:          2iqbacchLivx3zfm4qysLfjR8uhS5mqIpuPXJgUQh6E=
Subject key identifier:   07:8D:42:BC:89:DF:3A:2C:38:28:91:02:25:FD:CA:6A:97:BB:B4:DC
Authority key identifier: D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31
Certificate issuer:       /CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431
Certificate serial:       0199FBEB1C5F01400B8BEDA28855E2C9C128
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
Manifest number:          020F
Signing time:             Sun 19 Oct 2025 10:01:53 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:53 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:53 +0000
Files and hashes:         1: 09XiCPMtcw1DHUpNTtgJWx59lDE.crl (hash: cl0yL65Qitz/Nm/51IBT59Xk3sR1bWUbdKtGlzLeC1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:1c:5f:01:40:0b:8b:ed:a2:88:55:e2:c9:c1:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431
        Validity
            Not Before: Oct 19 10:01:53 2025 GMT
            Not After : Oct 20 10:01:53 2025 GMT
        Subject: CN=078d42bc89df3a2c3828910225fdca6a97bbb4dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9b:5c:b0:9b:3c:8a:e0:0f:bf:e7:fb:a7:be:
                    01:2b:d5:d0:66:f3:a2:6a:9e:51:fa:ae:fe:e6:4d:
                    2d:f8:c5:08:f3:7c:6f:65:87:6d:81:7d:3d:36:d9:
                    d7:5f:98:a8:79:fe:d5:a5:7b:72:97:3b:a7:a8:3b:
                    45:d6:53:8d:32:17:b2:fa:65:db:df:89:53:bc:58:
                    40:b9:9f:79:78:b7:11:63:3a:9c:09:7e:9d:e3:4a:
                    b0:3b:e1:bf:45:d7:b7:d2:9d:40:e2:26:4f:7d:d8:
                    8d:00:7f:fd:78:1a:1a:38:64:87:c6:4a:4a:47:3f:
                    68:91:f0:e8:a4:1d:8d:b5:a1:28:22:8a:be:14:0e:
                    ed:78:24:cb:3e:aa:e1:dd:4f:37:02:7a:d5:17:9a:
                    c9:27:53:48:ab:3d:aa:5d:f0:2d:61:10:3c:e2:02:
                    3a:49:d4:b5:89:69:92:87:bf:5b:b2:45:e1:ae:41:
                    f1:14:d1:9b:e1:c1:3e:f7:6f:f0:d9:dc:28:13:2d:
                    5d:b7:6c:3d:be:85:56:13:9d:4d:7d:f5:b5:b6:b5:
                    22:9e:a8:f8:bf:42:cb:5b:ee:f6:8b:8d:9d:de:d3:
                    e7:88:c8:43:b3:2a:a3:85:14:2a:9d:78:a7:88:e7:
                    de:37:5d:94:ff:0a:ca:c8:dc:99:1a:47:29:f0:8f:
                    77:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:8D:42:BC:89:DF:3A:2C:38:28:91:02:25:FD:CA:6A:97:BB:B4:DC
            X509v3 Authority Key Identifier:
                keyid:D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:af:b5:d8:d8:c8:c2:eb:a3:e9:93:48:94:97:11:ae:e8:c4:
         3f:81:8a:4d:16:26:5f:39:29:70:81:f1:58:94:65:dc:d8:6f:
         cf:2b:13:9a:2c:e6:a1:81:c9:eb:73:6c:c0:86:91:37:44:b0:
         f9:eb:9f:8b:46:fd:bc:cd:b0:62:5e:d3:65:1f:22:7a:50:1d:
         40:85:cf:58:45:a9:97:18:ee:40:43:a6:5d:be:b0:fd:d7:24:
         da:93:06:08:e5:28:5d:2e:a5:5e:92:fb:12:1f:25:b6:14:3f:
         08:d1:db:8c:8e:01:73:fa:e1:f1:eb:57:7e:3a:c5:56:33:01:
         73:5f:fb:1d:2f:44:7d:0f:f0:bc:85:f1:e9:ec:46:67:c5:e9:
         83:63:04:c2:70:60:30:93:08:d2:ef:18:90:c5:d5:05:33:bf:
         0f:7e:bd:51:f4:d4:3e:98:45:1b:85:bb:6b:a7:34:e4:0f:5c:
         82:d6:09:f1:dd:b1:bf:9b:7f:fc:e3:a3:5f:5f:38:fc:5b:cd:
         c0:f5:61:73:1b:d9:a9:2b:99:44:ea:03:f5:51:43:c2:cf:91:
         f6:02:5b:55:e8:90:2a:06:29:23:bc:92:39:0d:bd:9c:73:06:
         83:83:30:2c:19:ab:be:4f:38:a8:06:0e:94:99:1e:c5:fc:3f:
         31:d9:f9:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76xxfAUALi+2iiFXiycEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDVlMjA4ZjMyZDczMGQ0MzFkNGE0ZDRlZDgwOTViMWU3
ZDk0MzEwHhcNMjUxMDE5MTAwMTUzWhcNMjUxMDIwMTAwMTUzWjAzMTEwLwYDVQQD
EygwNzhkNDJiYzg5ZGYzYTJjMzgyODkxMDIyNWZkY2E2YTk3YmJiNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJtcsJs8iuAPv+f7p74BK9XQZvOi
ap5R+q7+5k0t+MUI83xvZYdtgX09NtnXX5ioef7VpXtylzunqDtF1lONMhey+mXb
34lTvFhAuZ95eLcRYzqcCX6d40qwO+G/Rde30p1A4iZPfdiNAH/9eBoaOGSHxkpK
Rz9okfDopB2NtaEoIoq+FA7teCTLPqrh3U83AnrVF5rJJ1NIqz2qXfAtYRA84gI6
SdS1iWmSh79bskXhrkHxFNGb4cE+92/w2dwoEy1dt2w9voVWE51NffW1trUinqj4
v0LLW+72i42d3tPniMhDsyqjhRQqnXiniOfeN12U/wrKyNyZGkcp8I93OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAeNQryJ3zosOCiRAiX9ymqXu7TcMB8GA1UdIwQY
MBaAFNPV4gjzLXMNQx1KTU7YCVsefZQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEt
NmU4OWE4OGRhZTkzLzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEtNmU4OWE4OGRhZTkz
LzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJK+12NjI
wuuj6ZNIlJcRrujEP4GKTRYmXzkpcIHxWJRl3NhvzysTmizmoYHJ63NswIaRN0Sw
+eufi0b9vM2wYl7TZR8ielAdQIXPWEWplxjuQEOmXb6w/dck2pMGCOUoXS6lXpL7
Eh8lthQ/CNHbjI4Bc/rh8etXfjrFVjMBc1/7HS9EfQ/wvIXx6exGZ8Xpg2MEwnBg
MJMI0u8YkMXVBTO/D369UfTUPphFG4W7a6c05A9cgtYJ8d2xv5t//OOjX184/FvN
wPVhcxvZqSuZROoD9VFDws+R9gJbVeiQKgYpI7ySOQ29nHMGg4MwLBmrvk84qAYO
lJkexfw/Mdn5Rg==
-----END CERTIFICATE-----