Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.mft
File:                     a-SeWhSwy_QQTANLVyoPnxVKmXU.mft (raw, json)
Hash identifier:          DKgpO65WRd16HVhVP+1nE57k8k1+h3DYXOjzILT1gNs=
Subject key identifier:   52:FD:64:69:74:40:42:71:52:8C:5B:E6:25:2F:FB:8B:69:EF:8E:27
Authority key identifier: 6B:E4:9E:5A:14:B0:CB:F4:10:4C:03:4B:57:2A:0F:9F:15:4A:99:75
Certificate issuer:       /CN=6be49e5a14b0cbf4104c034b572a0f9f154a9975
Certificate serial:       0199FC8F8646CBA2ECE7423F7FEAA381FFB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-SeWhSwy_QQTANLVyoPnxVKmXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.mft
Manifest number:          0587
Signing time:             Sun 19 Oct 2025 13:01:28 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:28 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:28 +0000
Files and hashes:         1: a-SeWhSwy_QQTANLVyoPnxVKmXU.crl (hash: 6NYGYIjVAudx+3/9C/hSnhh4TPRof2sM0Lm1BSDt3QU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-SeWhSwy_QQTANLVyoPnxVKmXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:86:46:cb:a2:ec:e7:42:3f:7f:ea:a3:81:ff:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6be49e5a14b0cbf4104c034b572a0f9f154a9975
        Validity
            Not Before: Oct 19 13:01:28 2025 GMT
            Not After : Oct 20 13:01:28 2025 GMT
        Subject: CN=52fd646974404271528c5be6252ffb8b69ef8e27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:48:dd:9c:e7:83:10:9f:c7:6f:e3:6c:2f:dc:
                    36:fc:b2:40:c2:da:53:c0:f9:70:35:d7:04:7b:f9:
                    32:e0:f8:91:60:37:08:9d:c2:5c:38:e4:12:68:50:
                    80:93:a5:fa:b4:1f:f8:20:2d:37:0f:d2:eb:c8:85:
                    a2:89:69:60:5b:91:8c:22:40:4e:2f:ea:d3:74:cc:
                    ba:59:01:8e:53:c4:60:01:e8:df:51:45:74:25:7b:
                    d4:4a:42:a1:42:c0:2c:06:2b:63:01:06:4d:8f:92:
                    1c:6f:7d:70:f9:9e:16:c2:d2:d3:40:8b:df:a3:07:
                    cd:da:06:2c:b9:ec:aa:10:56:51:7f:b0:79:a4:12:
                    6d:f7:99:1e:ac:e8:3f:f7:d6:4a:d8:d9:7d:f8:b4:
                    34:63:99:57:57:98:90:d0:ff:2c:66:1f:94:73:e6:
                    33:9c:58:cd:54:38:a4:58:bb:c7:45:0e:42:b6:72:
                    19:b1:cc:21:4a:e5:42:83:17:13:c1:f9:cf:9d:0b:
                    79:29:6d:83:a2:0b:2d:13:4a:49:b6:64:13:18:2c:
                    ba:d3:04:53:cd:bf:ca:15:d0:b5:35:b8:79:d9:21:
                    0d:76:c3:13:02:85:9c:f7:5f:ee:f6:51:16:fb:d2:
                    6b:f5:8c:f0:b9:d5:7d:d3:59:38:03:39:14:17:0c:
                    af:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:FD:64:69:74:40:42:71:52:8C:5B:E6:25:2F:FB:8B:69:EF:8E:27
            X509v3 Authority Key Identifier:
                keyid:6B:E4:9E:5A:14:B0:CB:F4:10:4C:03:4B:57:2A:0F:9F:15:4A:99:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-SeWhSwy_QQTANLVyoPnxVKmXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:6d:ce:06:27:c0:13:06:ff:20:08:be:b6:26:d6:99:af:a7:
         17:e2:92:85:1d:93:78:c4:bf:67:d3:6d:ff:4c:de:ff:26:f8:
         5c:1a:5a:d6:af:8b:41:d2:e3:30:77:9a:e7:4f:65:e0:28:9d:
         92:aa:bd:f5:6f:93:f3:f5:c7:28:1f:81:5b:9d:4d:9f:9d:f9:
         09:4e:0d:88:29:73:da:41:a9:96:06:1d:2d:43:26:9d:84:2a:
         b2:85:b5:a2:2c:0c:23:ff:23:05:fc:f2:1f:7f:ee:10:c3:02:
         e4:0d:9a:25:c0:d9:56:6a:eb:da:03:f5:31:2f:fd:ae:8a:78:
         1f:b3:c7:f0:fe:85:c5:05:96:fd:bd:13:02:d2:36:25:a2:84:
         b9:7c:74:ea:cf:ad:f0:b0:39:0a:c8:8e:f7:ba:80:5e:23:b4:
         74:65:74:d5:c5:1b:cc:fb:10:0f:9b:2d:c1:40:31:27:ac:42:
         5c:d9:d1:e4:fa:4e:93:48:69:60:90:70:03:ac:19:9f:d1:9a:
         e7:47:21:d0:c2:fa:2c:a1:af:82:4e:94:d9:61:e6:07:57:ce:
         87:75:0f:c9:9a:c8:d8:86:26:e0:7f:4b:5b:79:d9:6f:16:dd:
         da:80:f5:d4:03:2f:94:07:c9:be:0d:25:3f:d3:89:e7:b7:d4:
         ec:6a:85:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j4ZGy6Ls50I/f+qjgf+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTQ5ZTVhMTRiMGNiZjQxMDRjMDM0YjU3MmEwZjlmMTU0
YTk5NzUwHhcNMjUxMDE5MTMwMTI4WhcNMjUxMDIwMTMwMTI4WjAzMTEwLwYDVQQD
Eyg1MmZkNjQ2OTc0NDA0MjcxNTI4YzViZTYyNTJmZmI4YjY5ZWY4ZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkjdnOeDEJ/Hb+NsL9w2/LJAwtpT
wPlwNdcEe/ky4PiRYDcIncJcOOQSaFCAk6X6tB/4IC03D9LryIWiiWlgW5GMIkBO
L+rTdMy6WQGOU8RgAejfUUV0JXvUSkKhQsAsBitjAQZNj5Icb31w+Z4WwtLTQIvf
owfN2gYsueyqEFZRf7B5pBJt95kerOg/99ZK2Nl9+LQ0Y5lXV5iQ0P8sZh+Uc+Yz
nFjNVDikWLvHRQ5CtnIZscwhSuVCgxcTwfnPnQt5KW2DogstE0pJtmQTGCy60wRT
zb/KFdC1Nbh52SENdsMTAoWc91/u9lEW+9Jr9YzwudV901k4AzkUFwyvewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFL9ZGl0QEJxUoxb5iUv+4tp744nMB8GA1UdIwQY
MBaAFGvknloUsMv0EEwDS1cqD58VSpl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1TZVdoU3d5X1FRVEFOTFZ5b1BueFZLbVhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yOTVjOTUtZTM2Ny00Y2EyLTliZDUt
YWI5OTdmYzY1MGU0LzEvYS1TZVdoU3d5X1FRVEFOTFZ5b1BueFZLbVhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yOTVjOTUtZTM2Ny00Y2EyLTliZDUtYWI5OTdmYzY1MGU0
LzEvYS1TZVdoU3d5X1FRVEFOTFZ5b1BueFZLbVhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKG3OBifA
Ewb/IAi+tibWma+nF+KShR2TeMS/Z9Nt/0ze/yb4XBpa1q+LQdLjMHea509l4Cid
kqq99W+T8/XHKB+BW51Nn535CU4NiClz2kGplgYdLUMmnYQqsoW1oiwMI/8jBfzy
H3/uEMMC5A2aJcDZVmrr2gP1MS/9rop4H7PH8P6FxQWW/b0TAtI2JaKEuXx06s+t
8LA5CsiO97qAXiO0dGV01cUbzPsQD5stwUAxJ6xCXNnR5PpOk0hpYJBwA6wZn9Ga
50ch0ML6LKGvgk6U2WHmB1fOh3UPyZrI2IYm4H9LW3nZbxbd2oD11AMvlAfJvg0l
P9OJ57fU7GqF/A==
-----END CERTIFICATE-----