Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
File:                     a_CO0PpuGTufOlC_cmtB0MMpspc.mft (raw, json)
Hash identifier:          GjIk/7VXBgbysY2mo/E3PteWJqIyCQhSf0cqjTN0EBM=
Subject key identifier:   DF:20:1F:CF:5E:A3:D3:16:8A:2E:07:A0:88:31:CB:BB:66:7C:5D:A4
Authority key identifier: 6B:F0:8E:D0:FA:6E:19:3B:9F:3A:50:BF:72:6B:41:D0:C3:29:B2:97
Certificate issuer:       /CN=6bf08ed0fa6e193b9f3a50bf726b41d0c329b297
Certificate serial:       0199FD6B3DB293E80537222C1178A88D9B30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
Manifest number:          02D2
Signing time:             Sun 19 Oct 2025 17:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 17:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 17:01:27 +0000
Files and hashes:         1: a_CO0PpuGTufOlC_cmtB0MMpspc.crl (hash: SRTGe/LKYYm25+H2jSs/gQvrgTL428eRWhKLMQf1To0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:6b:3d:b2:93:e8:05:37:22:2c:11:78:a8:8d:9b:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bf08ed0fa6e193b9f3a50bf726b41d0c329b297
        Validity
            Not Before: Oct 19 17:01:27 2025 GMT
            Not After : Oct 20 17:01:27 2025 GMT
        Subject: CN=df201fcf5ea3d3168a2e07a08831cbbb667c5da4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:c5:5c:2d:18:b5:5e:1f:d0:2c:1b:5a:ef:2d:
                    c5:42:09:ef:af:14:ac:7a:23:92:62:cd:c8:ef:10:
                    19:a5:e3:aa:dc:e7:72:31:3d:61:97:5a:99:57:97:
                    23:3a:25:63:bb:39:72:87:5f:ab:b3:4c:7d:3b:15:
                    29:2b:75:84:91:fc:9b:0b:a0:fa:45:93:2e:4a:90:
                    8e:66:a2:60:75:c8:4c:e3:1f:8a:0b:87:8c:f7:d0:
                    d3:73:70:ed:8c:03:31:6d:45:ec:d5:78:93:d7:e3:
                    a0:4d:71:8e:5c:68:22:5e:d3:e0:b5:b1:0b:85:31:
                    87:6f:c3:86:6a:57:a8:77:1c:7a:5b:a6:03:6e:c9:
                    1a:20:0c:14:fa:5d:2b:fa:d1:e5:d8:06:27:5f:f8:
                    9c:9d:02:b5:a6:ca:da:5e:9a:65:bb:03:83:69:2f:
                    58:52:c6:04:48:3a:69:1b:b2:c7:8c:50:c2:d1:13:
                    8a:6e:0e:4a:a2:97:61:6d:fb:9e:3e:12:37:1b:e6:
                    4f:ba:de:37:ce:8f:65:0e:a1:0b:93:c6:a4:1d:fd:
                    43:d8:18:da:44:d8:7d:4c:be:72:08:45:3f:57:c1:
                    4b:03:10:19:b4:95:72:bc:28:72:6a:b3:13:6f:a1:
                    c9:0c:6b:57:94:c7:a6:5b:29:86:bc:07:a6:8e:e5:
                    9a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:20:1F:CF:5E:A3:D3:16:8A:2E:07:A0:88:31:CB:BB:66:7C:5D:A4
            X509v3 Authority Key Identifier:
                keyid:6B:F0:8E:D0:FA:6E:19:3B:9F:3A:50:BF:72:6B:41:D0:C3:29:B2:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:47:4f:c3:12:9a:14:7c:95:4f:6b:f1:5b:14:08:80:41:e5:
         5e:42:84:69:44:ba:92:80:48:68:87:1a:c8:60:71:5b:6e:89:
         76:35:50:b8:b6:73:a7:ec:74:71:14:78:bf:c7:ce:87:9d:fc:
         3d:0c:1a:95:1d:7a:b9:7a:ec:36:50:bc:c7:52:f2:a3:fb:25:
         7f:3a:a8:7f:d1:5d:28:76:d8:f8:52:9f:85:4c:c6:c0:3d:38:
         11:31:7b:10:89:32:5a:ca:96:53:5b:75:29:b3:e6:b4:f5:84:
         76:50:d1:75:b7:85:c5:51:cd:6b:09:35:3d:5b:11:e3:83:86:
         5d:9b:99:77:65:60:2c:44:21:3b:0f:74:23:18:f3:19:2d:da:
         46:3e:f2:01:24:74:c5:2d:a9:4b:a5:20:09:d8:89:ba:30:dc:
         c4:e6:9b:31:35:e5:b0:00:a0:e8:34:f9:fc:e5:e8:eb:d3:d2:
         fd:34:d4:42:c5:91:38:b5:31:ce:e6:e4:8c:1b:3f:2a:92:3d:
         22:37:76:55:96:21:31:dd:11:6d:c3:52:8e:85:f1:13:89:67:
         33:7f:db:3d:12:46:f8:57:40:9c:ed:fb:f3:f5:ee:ad:1e:ad:
         bd:e7:2f:27:73:32:f6:de:08:96:4d:3f:ac:4b:46:6c:09:7c:
         26:5c:58:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9az2yk+gFNyIsEXiojZswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZjA4ZWQwZmE2ZTE5M2I5ZjNhNTBiZjcyNmI0MWQwYzMy
OWIyOTcwHhcNMjUxMDE5MTcwMTI3WhcNMjUxMDIwMTcwMTI3WjAzMTEwLwYDVQQD
EyhkZjIwMWZjZjVlYTNkMzE2OGEyZTA3YTA4ODMxY2JiYjY2N2M1ZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18VcLRi1Xh/QLBta7y3FQgnvrxSs
eiOSYs3I7xAZpeOq3OdyMT1hl1qZV5cjOiVjuzlyh1+rs0x9OxUpK3WEkfybC6D6
RZMuSpCOZqJgdchM4x+KC4eM99DTc3DtjAMxbUXs1XiT1+OgTXGOXGgiXtPgtbEL
hTGHb8OGaleodxx6W6YDbskaIAwU+l0r+tHl2AYnX/icnQK1psraXppluwODaS9Y
UsYESDppG7LHjFDC0ROKbg5KopdhbfuePhI3G+ZPut43zo9lDqELk8akHf1D2Bja
RNh9TL5yCEU/V8FLAxAZtJVyvChyarMTb6HJDGtXlMemWymGvAemjuWa9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8gH89eo9MWii4HoIgxy7tmfF2kMB8GA1UdIwQY
MBaAFGvwjtD6bhk7nzpQv3JrQdDDKbKXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC82N2E2M2EtMWEwMy00ODIyLWFjOWUt
M2Q0MjA1ZjVlMmQzLzEvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC82N2E2M2EtMWEwMy00ODIyLWFjOWUtM2Q0MjA1ZjVlMmQz
LzEvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEdPwxKa
FHyVT2vxWxQIgEHlXkKEaUS6koBIaIcayGBxW26JdjVQuLZzp+x0cRR4v8fOh538
PQwalR16uXrsNlC8x1Lyo/slfzqof9FdKHbY+FKfhUzGwD04ETF7EIkyWsqWU1t1
KbPmtPWEdlDRdbeFxVHNawk1PVsR44OGXZuZd2VgLEQhOw90IxjzGS3aRj7yASR0
xS2pS6UgCdiJujDcxOabMTXlsACg6DT5/OXo69PS/TTUQsWROLUxzubkjBs/KpI9
Ijd2VZYhMd0RbcNSjoXxE4lnM3/bPRJG+FdAnO378/XurR6tvecvJ3My9t4Ilk0/
rEtGbAl8JlxY4w==
-----END CERTIFICATE-----