Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
File:                     geY5cEKnqWRfwS91nQJhldfL_Vg.mft (raw, json)
Hash identifier:          /pT2hM2sbebkfpPb40w4N+ayXo1m+6Qqe7hGdtEDANY=
Subject key identifier:   F4:CD:B6:AD:74:95:C4:6A:C7:B3:76:BC:9C:BF:13:E0:A2:8F:56:22
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Certificate issuer:       /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial:       019A02228CD53CA51F79CA8AA4348364C44A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
Manifest number:          0DF0
Signing time:             Mon 20 Oct 2025 15:00:09 +0000
Manifest this update:     Mon 20 Oct 2025 15:00:09 +0000
Manifest next update:     Tue 21 Oct 2025 15:00:09 +0000
Files and hashes:         1: geY5cEKnqWRfwS91nQJhldfL_Vg.crl (hash: iByvfcHgCa64EUJcihz1KqDPHzFW86uvboFI3p2CLKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:22:8c:d5:3c:a5:1f:79:ca:8a:a4:34:83:64:c4:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
        Validity
            Not Before: Oct 20 15:00:09 2025 GMT
            Not After : Oct 21 15:00:09 2025 GMT
        Subject: CN=f4cdb6ad7495c46ac7b376bc9cbf13e0a28f5622
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:df:a8:f3:2d:dd:89:2b:fd:12:9c:21:c2:29:
                    27:5b:10:6c:d1:c5:91:aa:b2:d9:cd:ae:c4:ba:a4:
                    38:0e:81:2f:ae:e7:95:f0:b5:50:d9:8d:cf:e7:9d:
                    f4:92:75:af:e9:f4:62:61:33:aa:6c:b7:59:64:89:
                    4c:5b:61:2d:a8:73:06:bf:b7:fe:f3:b7:2c:13:19:
                    4c:6b:a8:a8:f2:36:ac:03:91:a5:80:c1:74:48:3e:
                    c4:9e:ed:a2:81:b5:ee:95:e6:a9:14:d0:1e:a6:14:
                    4b:d6:80:59:f6:4c:8c:c2:b1:79:70:3f:b4:62:b7:
                    ef:df:ca:04:b2:ab:11:a8:a7:b2:a8:79:f0:09:b5:
                    0e:22:9d:04:56:3e:75:47:21:f4:1c:9c:bb:69:fc:
                    2e:25:84:09:bf:b5:66:86:c1:f5:c4:1e:e3:51:7d:
                    29:a4:cf:2b:20:b1:09:27:e0:4c:1e:f7:56:7e:c2:
                    5e:d1:b9:85:b9:8a:5f:cc:f3:74:ab:e3:5f:2d:86:
                    da:2f:c8:67:26:20:71:ba:7d:e6:7b:7b:4c:29:6e:
                    a3:05:77:c6:c6:30:34:8d:1f:25:4d:91:95:2a:d1:
                    08:dd:18:6d:ec:b6:25:1a:c7:c1:fa:32:4c:d7:23:
                    ec:ba:9b:7c:c5:79:c9:b3:fb:01:45:04:e4:74:48:
                    19:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:CD:B6:AD:74:95:C4:6A:C7:B3:76:BC:9C:BF:13:E0:A2:8F:56:22
            X509v3 Authority Key Identifier:
                keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:a8:2e:15:9a:95:ca:0b:9f:7d:3d:0c:2c:36:96:ca:4c:c6:
         3e:6f:d5:6e:3f:95:a4:23:9f:9c:ad:f9:72:ce:c3:f2:8a:14:
         a6:0f:92:b4:10:f6:06:70:5e:a0:6c:c9:7b:d7:83:13:09:2c:
         5a:f6:ee:f5:e1:57:f9:e2:f1:72:a9:a5:b9:50:a3:68:e6:b1:
         01:c1:c1:da:b2:0e:65:36:33:ac:d6:77:3e:95:8d:ea:5b:ce:
         91:57:9d:27:a1:4d:48:d2:fb:53:bf:da:63:5c:02:3c:f8:b8:
         c2:4b:3b:7d:85:e4:75:98:f6:ea:02:e5:43:9c:dc:2c:f0:37:
         fe:15:28:b5:7a:40:fb:1d:29:f1:5c:1b:a6:31:15:2e:65:41:
         1b:a9:73:41:74:2b:b6:da:82:7d:77:fb:c4:d1:7b:d3:b5:7a:
         d5:e8:ae:5c:f7:a9:d5:cd:1c:53:ac:24:0a:cf:00:3e:3a:a6:
         e1:3b:42:4f:ef:b5:67:2d:b6:d7:8f:c7:be:9e:fd:9d:44:a9:
         6c:ec:c1:3e:ee:ab:37:6c:51:97:5b:f1:17:c5:40:c4:0f:31:
         c7:73:7a:5f:b1:a8:9a:5f:f3:9d:9f:98:d5:4a:4e:dd:f3:ec:
         97:9a:a6:78:87:72:f9:df:aa:c0:2b:b9:cd:09:10:1a:f0:01:
         9e:0b:03:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCIozVPKUfecqKpDSDZMRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjUxMDIwMTUwMDA5WhcNMjUxMDIxMTUwMDA5WjAzMTEwLwYDVQQD
EyhmNGNkYjZhZDc0OTVjNDZhYzdiMzc2YmM5Y2JmMTNlMGEyOGY1NjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud+o8y3diSv9EpwhwiknWxBs0cWR
qrLZza7EuqQ4DoEvrueV8LVQ2Y3P5530knWv6fRiYTOqbLdZZIlMW2EtqHMGv7f+
87csExlMa6io8jasA5GlgMF0SD7Enu2igbXuleapFNAephRL1oBZ9kyMwrF5cD+0
Yrfv38oEsqsRqKeyqHnwCbUOIp0EVj51RyH0HJy7afwuJYQJv7VmhsH1xB7jUX0p
pM8rILEJJ+BMHvdWfsJe0bmFuYpfzPN0q+NfLYbaL8hnJiBxun3me3tMKW6jBXfG
xjA0jR8lTZGVKtEI3Rht7LYlGsfB+jJM1yPsupt8xXnJs/sBRQTkdEgZFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTNtq10lcRqx7N2vJy/E+Cij1YiMB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX6guFZqV
yguffT0MLDaWykzGPm/Vbj+VpCOfnK35cs7D8ooUpg+StBD2BnBeoGzJe9eDEwks
Wvbu9eFX+eLxcqmluVCjaOaxAcHB2rIOZTYzrNZ3PpWN6lvOkVedJ6FNSNL7U7/a
Y1wCPPi4wks7fYXkdZj26gLlQ5zcLPA3/hUotXpA+x0p8VwbpjEVLmVBG6lzQXQr
ttqCfXf7xNF707V61eiuXPep1c0cU6wkCs8APjqm4TtCT++1Zy2214/Hvp79nUSp
bOzBPu6rN2xRl1vxF8VAxA8xx3N6X7Goml/znZ+Y1UpO3fPsl5qmeIdy+d+qwCu5
zQkQGvABngsDyw==
-----END CERTIFICATE-----