Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
File:                     ci0p5qil5cpi3rc-r_OrE95VBq0.mft (raw, json)
Hash identifier:          94GyGzzfixBUkr47oT0inaQY3dA+zPQNOYV2b7hVQIM=
Subject key identifier:   5A:BF:61:D4:36:02:6C:39:58:AB:9E:E8:F4:FA:3A:D9:E3:60:3F:F6
Authority key identifier: 72:2D:29:E6:A8:A5:E5:CA:62:DE:B7:3E:AF:F3:AB:13:DE:55:06:AD
Certificate issuer:       /CN=722d29e6a8a5e5ca62deb73eaff3ab13de5506ad
Certificate serial:       0199FB45A84A2F6BC91A019B37DCCE9242E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
Manifest number:          01E8
Signing time:             Sun 19 Oct 2025 07:01:10 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:10 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:10 +0000
Files and hashes:         1: ci0p5qil5cpi3rc-r_OrE95VBq0.crl (hash: rD6LyzAn/umgkFO6yQY4+vm/FOGkuLjfB7IqsxWenUc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:a8:4a:2f:6b:c9:1a:01:9b:37:dc:ce:92:42:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722d29e6a8a5e5ca62deb73eaff3ab13de5506ad
        Validity
            Not Before: Oct 19 07:01:10 2025 GMT
            Not After : Oct 20 07:01:10 2025 GMT
        Subject: CN=5abf61d436026c3958ab9ee8f4fa3ad9e3603ff6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c5:da:0e:85:5f:91:f8:a0:fb:b7:bd:5a:7f:
                    7a:78:d1:3b:cf:ba:a8:2b:15:54:24:bd:5d:7d:f4:
                    83:87:fb:3c:46:bd:00:43:2b:93:e0:2c:f5:13:90:
                    0f:c6:36:a3:45:b2:94:ae:6e:dc:ac:17:e0:37:ca:
                    42:d8:4b:ec:ab:94:c2:65:26:44:a4:0e:20:57:db:
                    79:c8:0c:66:fe:ce:e7:db:4b:a7:a5:cc:35:4c:9c:
                    18:ac:a4:d7:c8:6c:0d:9a:33:c5:6a:28:f9:42:af:
                    a0:55:c1:d4:b3:52:5f:d1:32:fc:40:0f:f7:fd:33:
                    ad:c5:fb:c8:78:87:29:7b:ef:44:d6:7e:e0:6d:e1:
                    83:d6:22:d2:c0:69:29:60:a8:3e:45:ab:f1:76:23:
                    38:32:50:17:b7:80:40:0a:57:9a:a9:db:67:67:2a:
                    3e:24:a3:fb:46:5f:d2:18:eb:c5:12:b4:bb:d2:dc:
                    a7:35:ea:59:bd:89:8c:cc:59:d7:c9:88:db:2c:c9:
                    e7:59:9b:dd:a4:6f:d9:7f:b8:fd:03:58:07:fc:7a:
                    c0:0f:4c:15:34:9b:02:49:6a:2d:a9:fa:84:32:ec:
                    bb:8a:f7:de:49:a1:ae:29:41:b7:e6:98:58:95:9f:
                    77:c6:b0:fa:00:78:36:a9:2d:02:0a:61:d6:01:7c:
                    d5:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:BF:61:D4:36:02:6C:39:58:AB:9E:E8:F4:FA:3A:D9:E3:60:3F:F6
            X509v3 Authority Key Identifier:
                keyid:72:2D:29:E6:A8:A5:E5:CA:62:DE:B7:3E:AF:F3:AB:13:DE:55:06:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:c4:ba:dc:e7:05:2c:25:13:b7:88:f3:19:62:f5:36:d4:0b:
         bd:89:13:4a:fe:05:d7:43:95:dc:2d:d9:65:f4:6a:6c:83:b1:
         b0:76:18:df:56:e9:aa:71:2c:9b:48:96:75:15:44:b6:60:9f:
         01:d5:13:9b:64:1d:b7:b5:2c:54:9a:84:31:85:96:0a:f1:78:
         b8:8a:60:6c:9c:6d:9a:4d:ab:44:b2:f5:a9:64:30:b2:77:52:
         1f:90:57:7b:c2:7f:57:57:5c:51:53:92:4c:64:be:3c:59:c3:
         bb:74:98:28:2b:28:a5:0c:07:90:2a:4d:1e:b1:b1:56:b6:39:
         6d:2e:4a:2f:c5:15:78:dd:29:00:d7:38:59:df:75:4a:52:7b:
         84:61:6e:2f:ab:41:31:bd:76:b9:f7:4c:1a:49:a6:1b:b5:38:
         5b:ca:b7:3c:fc:92:66:4b:dc:eb:16:ad:c6:63:f1:da:7a:42:
         6c:7b:b3:18:83:d5:8f:53:83:83:3d:ca:73:d4:14:8d:21:67:
         10:4a:1a:83:9c:4a:e1:fd:8e:e0:c6:22:2c:e4:31:e0:4c:ae:
         00:74:70:05:fb:42:7d:b8:39:b4:b8:9c:6b:d0:23:3f:e4:cf:
         2f:0a:ef:5e:dc:af:53:4a:37:c8:2f:f2:d8:00:04:71:b0:c8:
         9b:68:c3:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RahKL2vJGgGbN9zOkkLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmQyOWU2YThhNWU1Y2E2MmRlYjczZWFmZjNhYjEzZGU1
NTA2YWQwHhcNMjUxMDE5MDcwMTEwWhcNMjUxMDIwMDcwMTEwWjAzMTEwLwYDVQQD
Eyg1YWJmNjFkNDM2MDI2YzM5NThhYjllZThmNGZhM2FkOWUzNjAzZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8XaDoVfkfig+7e9Wn96eNE7z7qo
KxVUJL1dffSDh/s8Rr0AQyuT4Cz1E5APxjajRbKUrm7crBfgN8pC2Evsq5TCZSZE
pA4gV9t5yAxm/s7n20unpcw1TJwYrKTXyGwNmjPFaij5Qq+gVcHUs1Jf0TL8QA/3
/TOtxfvIeIcpe+9E1n7gbeGD1iLSwGkpYKg+RavxdiM4MlAXt4BACleaqdtnZyo+
JKP7Rl/SGOvFErS70tynNepZvYmMzFnXyYjbLMnnWZvdpG/Zf7j9A1gH/HrAD0wV
NJsCSWotqfqEMuy7ivfeSaGuKUG35phYlZ93xrD6AHg2qS0CCmHWAXzVMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFq/YdQ2Amw5WKue6PT6OtnjYD/2MB8GA1UdIwQY
MBaAFHItKeaopeXKYt63Pq/zqxPeVQatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2kwcDVxaWw1Y3BpM3JjLXJfT3JFOTVWQnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8xMDZlMGYtYWQ4MC00N2MzLWJkNGYt
NTU0NzkwMGI4ZDU5LzEvY2kwcDVxaWw1Y3BpM3JjLXJfT3JFOTVWQnEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8xMDZlMGYtYWQ4MC00N2MzLWJkNGYtNTU0NzkwMGI4ZDU5
LzEvY2kwcDVxaWw1Y3BpM3JjLXJfT3JFOTVWQnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOsS63OcF
LCUTt4jzGWL1NtQLvYkTSv4F10OV3C3ZZfRqbIOxsHYY31bpqnEsm0iWdRVEtmCf
AdUTm2Qdt7UsVJqEMYWWCvF4uIpgbJxtmk2rRLL1qWQwsndSH5BXe8J/V1dcUVOS
TGS+PFnDu3SYKCsopQwHkCpNHrGxVrY5bS5KL8UVeN0pANc4Wd91SlJ7hGFuL6tB
Mb12ufdMGkmmG7U4W8q3PPySZkvc6xatxmPx2npCbHuzGIPVj1ODgz3Kc9QUjSFn
EEoag5xK4f2O4MYiLOQx4EyuAHRwBftCfbg5tLica9AjP+TPLwrvXtyvU0o3yC/y
2AAEcbDIm2jDxA==
-----END CERTIFICATE-----