Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File:                     icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier:          XSGwgWZV7FKRTwtrC2oQsF2PNfyXMmEcbpfj3i4vT4Q=
Subject key identifier:   BB:5A:98:8E:F4:36:09:47:32:2D:C0:C6:23:D5:C2:A7:06:2E:D9:2F
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer:       /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial:       0199FFC8733C3205D63E31456824B2762591
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number:          0854
Signing time:             Mon 20 Oct 2025 04:02:30 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:30 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:30 +0000
Files and hashes:         1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: CqExZmF7iUxn5dlDNZBbULSTZemZGm4gAOcVGImUS0E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:73:3c:32:05:d6:3e:31:45:68:24:b2:76:25:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
        Validity
            Not Before: Oct 20 04:02:30 2025 GMT
            Not After : Oct 21 04:02:30 2025 GMT
        Subject: CN=bb5a988ef4360947322dc0c623d5c2a7062ed92f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d0:4e:76:15:d4:7e:c2:e6:44:79:49:1a:04:
                    48:86:1e:fb:22:0c:18:0f:64:89:46:c4:59:34:fe:
                    7d:d8:96:4b:1e:7c:d0:b4:df:5f:77:13:6a:d9:aa:
                    12:21:d1:aa:07:e9:15:88:2d:00:88:b3:a6:cd:e0:
                    a0:45:e9:00:61:95:cf:0a:7e:70:48:c7:38:46:ce:
                    04:85:e1:63:b3:0c:10:84:e8:7c:52:84:3b:5f:34:
                    dc:1b:75:a8:b9:29:0d:26:42:c4:6b:b1:8b:f8:b1:
                    25:d4:22:19:18:22:e4:10:53:60:34:19:e1:5e:51:
                    e3:b7:f7:c9:3f:b7:d5:8e:ef:79:5e:71:aa:4f:4d:
                    66:6c:0b:97:dd:d1:f1:69:8b:ce:e0:cb:19:3b:ec:
                    6d:37:ef:1b:ad:33:3a:01:2d:63:27:41:86:95:4f:
                    82:a4:0d:8d:d1:a9:68:83:c8:98:f0:c0:af:c7:bc:
                    bf:ad:44:1a:4b:38:ab:67:0f:b1:20:4e:a7:e6:87:
                    b3:2d:25:ee:a7:cb:cc:a0:d9:71:87:f5:d7:57:b8:
                    23:aa:90:e2:f4:f8:e2:45:29:77:dd:37:7a:46:33:
                    be:a9:24:a8:13:48:e7:08:16:f2:56:5e:01:1a:97:
                    b7:9e:04:4b:57:16:a9:5d:4c:1a:9e:e4:52:a3:ce:
                    c5:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:5A:98:8E:F4:36:09:47:32:2D:C0:C6:23:D5:C2:A7:06:2E:D9:2F
            X509v3 Authority Key Identifier:
                keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:92:ff:ea:52:5b:c1:46:51:89:30:dd:33:fb:e0:61:7e:79:
         e2:d3:00:d3:34:52:96:25:bd:7b:e5:59:b7:a9:65:85:05:32:
         ff:01:06:aa:2e:96:dc:a4:4f:d1:9a:b0:73:77:96:60:e0:1e:
         6d:9d:7b:c2:5b:ad:68:97:8f:7b:d3:e4:07:12:83:3a:99:ab:
         00:7b:84:2d:02:b5:be:44:eb:14:0e:f0:c1:9b:b4:9a:44:3b:
         93:da:14:25:5f:55:5b:d1:d1:de:46:9b:cd:cb:c7:46:ef:eb:
         9a:a3:b3:f1:95:ff:36:65:3d:27:e7:90:3c:cb:84:46:47:4c:
         00:ea:64:f6:04:f3:3a:d1:f1:0a:05:61:71:f5:5c:1b:7c:4f:
         62:58:05:df:5c:b2:fa:01:b6:27:da:b9:e5:c6:00:36:dc:d1:
         1b:9d:ab:4b:37:a6:27:8a:25:dd:1d:31:73:36:ad:d4:8f:0e:
         a6:7b:70:90:91:11:c8:f4:ad:61:e6:a6:3e:43:20:fd:ec:3e:
         7b:af:11:c0:a2:49:2e:a8:73:a7:32:51:3a:f5:e4:e3:6b:ac:
         99:76:8b:9d:9e:12:c1:a4:15:f1:38:b3:78:d8:d6:29:c0:0e:
         a4:84:a1:97:d1:2f:31:5a:e7:02:10:0c:d8:55:0a:2e:df:c9:
         b8:96:b8:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yHM8MgXWPjFFaCSydiWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjUxMDIwMDQwMjMwWhcNMjUxMDIxMDQwMjMwWjAzMTEwLwYDVQQD
EyhiYjVhOTg4ZWY0MzYwOTQ3MzIyZGMwYzYyM2Q1YzJhNzA2MmVkOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9BOdhXUfsLmRHlJGgRIhh77IgwY
D2SJRsRZNP592JZLHnzQtN9fdxNq2aoSIdGqB+kViC0AiLOmzeCgRekAYZXPCn5w
SMc4Rs4EheFjswwQhOh8UoQ7XzTcG3WouSkNJkLEa7GL+LEl1CIZGCLkEFNgNBnh
XlHjt/fJP7fVju95XnGqT01mbAuX3dHxaYvO4MsZO+xtN+8brTM6AS1jJ0GGlU+C
pA2N0alog8iY8MCvx7y/rUQaSzirZw+xIE6n5oezLSXup8vMoNlxh/XXV7gjqpDi
9PjiRSl33Td6RjO+qSSoE0jnCBbyVl4BGpe3ngRLVxapXUwanuRSo87FmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLtamI70NglHMi3AxiPVwqcGLtkvMB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG5L/6lJb
wUZRiTDdM/vgYX554tMA0zRSliW9e+VZt6llhQUy/wEGqi6W3KRP0Zqwc3eWYOAe
bZ17wlutaJePe9PkBxKDOpmrAHuELQK1vkTrFA7wwZu0mkQ7k9oUJV9VW9HR3kab
zcvHRu/rmqOz8ZX/NmU9J+eQPMuERkdMAOpk9gTzOtHxCgVhcfVcG3xPYlgF31yy
+gG2J9q55cYANtzRG52rSzemJ4ol3R0xczat1I8OpntwkJERyPStYeamPkMg/ew+
e68RwKJJLqhzpzJROvXk42usmXaLnZ4SwaQV8TizeNjWKcAOpIShl9EvMVrnAhAM
2FUKLt/JuJa42Q==
-----END CERTIFICATE-----