Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
File:                     eY97H9gCs9xqvXpc2nhqYxHh1j0.mft (raw, json)
Hash identifier:          VX6g1DyOvNn6L/sL7sTfuI7YK2C2WqjLqhz/hbE/um0=
Subject key identifier:   84:71:3A:F3:F5:AA:47:71:A5:A4:65:56:7F:2E:2B:B8:F3:F9:44:5D
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Certificate issuer:       /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial:       019A00A328DE652CDE8F8D1FE439ED0BF9C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
Manifest number:          0F2A
Signing time:             Mon 20 Oct 2025 08:01:24 +0000
Manifest this update:     Mon 20 Oct 2025 08:01:24 +0000
Manifest next update:     Tue 21 Oct 2025 08:01:24 +0000
Files and hashes:         1: eY97H9gCs9xqvXpc2nhqYxHh1j0.crl (hash: PhcbkQ8kTot8FrGF+8q/8d+VZKq+/8znRXqZ/w+sSVo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 08:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:a3:28:de:65:2c:de:8f:8d:1f:e4:39:ed:0b:f9:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
        Validity
            Not Before: Oct 20 08:01:24 2025 GMT
            Not After : Oct 21 08:01:24 2025 GMT
        Subject: CN=84713af3f5aa4771a5a465567f2e2bb8f3f9445d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:8f:0e:a6:70:36:84:e4:00:29:82:97:b0:46:
                    47:7a:f8:a9:d4:1a:48:6a:e3:35:0b:95:44:e3:f3:
                    f2:74:68:3e:69:57:46:b5:e7:33:17:a1:8b:26:3e:
                    04:6d:08:d3:d1:fa:85:37:51:22:06:d5:f2:8c:06:
                    b0:1c:53:ea:2a:d7:c1:12:de:54:8e:9b:a7:30:0d:
                    d5:af:c8:9e:fa:f7:e9:71:12:d8:a1:04:84:42:01:
                    94:8a:d5:39:04:e6:9d:55:2c:ca:47:c6:55:51:40:
                    a4:f4:18:d6:eb:c2:1f:5b:93:89:21:02:e8:2b:52:
                    a0:5f:d0:8b:75:c0:70:94:f7:2a:ff:3a:68:d6:7a:
                    61:a6:39:f0:3c:a9:9a:15:7c:e6:47:9f:a5:fd:da:
                    9e:ed:ca:c0:ac:41:4b:d2:1e:3e:65:75:bf:88:9b:
                    16:4f:39:ce:78:c9:14:83:61:13:b7:2d:19:e4:2f:
                    80:aa:ef:ee:6d:5a:4f:eb:18:73:14:76:f5:31:ad:
                    c5:43:86:33:e1:14:80:1a:69:cf:e0:57:b6:96:0e:
                    d9:16:4d:b3:c6:d7:2f:d7:d5:c3:01:b2:12:fd:0b:
                    04:3b:d8:57:38:c8:94:c4:7d:ef:7b:05:e9:80:56:
                    d8:f2:a6:ea:46:d6:bd:62:7c:59:2b:74:ee:4c:69:
                    8e:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:71:3A:F3:F5:AA:47:71:A5:A4:65:56:7F:2E:2B:B8:F3:F9:44:5D
            X509v3 Authority Key Identifier:
                keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:86:5f:91:03:d5:5c:0a:30:d5:56:78:d1:8e:8b:ac:29:e4:
         92:a5:6e:50:02:17:d5:ce:84:74:64:b5:96:53:05:6a:d4:82:
         f6:76:57:16:73:1f:c6:ec:31:49:34:48:34:c0:da:30:c2:b5:
         62:82:75:f1:9b:a5:71:10:ab:a0:d1:9f:1d:5b:34:f9:41:f9:
         ef:59:fb:89:52:dc:e4:18:02:6a:e1:07:29:3e:ac:76:3a:71:
         7e:e9:ba:91:d4:e9:73:2d:fd:b6:16:71:13:75:71:f3:0a:45:
         18:ee:a4:10:ce:dd:a8:73:d6:e5:88:32:c6:bd:80:03:8d:44:
         71:1f:73:57:af:69:4d:a2:9f:bb:5b:c8:87:05:f1:96:9e:22:
         27:a7:fc:75:62:61:37:36:6f:f1:d2:1d:db:df:09:d0:80:43:
         ac:22:98:bc:3e:12:a7:f9:39:d4:d5:8d:06:28:aa:25:df:c6:
         63:3b:30:54:33:7c:98:b8:eb:82:45:03:de:ea:94:59:ff:32:
         d6:d7:45:e1:bd:1b:c8:b5:0d:9c:d9:7e:46:c3:43:1d:ef:98:
         ff:5f:f2:d7:e7:9e:fe:01:de:e3:57:36:ba:68:b6:93:2f:3d:
         89:38:ed:7b:e1:13:f8:9b:64:b4:46:bf:77:27:86:2b:5f:a7:
         5c:5d:54:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAoyjeZSzej40f5DntC/nJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUxMDIwMDgwMTI0WhcNMjUxMDIxMDgwMTI0WjAzMTEwLwYDVQQD
Eyg4NDcxM2FmM2Y1YWE0NzcxYTVhNDY1NTY3ZjJlMmJiOGYzZjk0NDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzo8OpnA2hOQAKYKXsEZHevip1BpI
auM1C5VE4/PydGg+aVdGteczF6GLJj4EbQjT0fqFN1EiBtXyjAawHFPqKtfBEt5U
jpunMA3Vr8ie+vfpcRLYoQSEQgGUitU5BOadVSzKR8ZVUUCk9BjW68IfW5OJIQLo
K1KgX9CLdcBwlPcq/zpo1nphpjnwPKmaFXzmR5+l/dqe7crArEFL0h4+ZXW/iJsW
TznOeMkUg2ETty0Z5C+Aqu/ubVpP6xhzFHb1Ma3FQ4Yz4RSAGmnP4Fe2lg7ZFk2z
xtcv19XDAbIS/QsEO9hXOMiUxH3vewXpgFbY8qbqRta9YnxZK3TuTGmO2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRxOvP1qkdxpaRlVn8uK7jz+URdMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApIZfkQPV
XAow1VZ40Y6LrCnkkqVuUAIX1c6EdGS1llMFatSC9nZXFnMfxuwxSTRINMDaMMK1
YoJ18ZulcRCroNGfHVs0+UH571n7iVLc5BgCauEHKT6sdjpxfum6kdTpcy39thZx
E3Vx8wpFGO6kEM7dqHPW5Ygyxr2AA41EcR9zV69pTaKfu1vIhwXxlp4iJ6f8dWJh
NzZv8dId298J0IBDrCKYvD4Sp/k51NWNBiiqJd/GYzswVDN8mLjrgkUD3uqUWf8y
1tdF4b0byLUNnNl+RsNDHe+Y/1/y1+ee/gHe41c2umi2ky89iTjte+ET+JtktEa/
dyeGK1+nXF1U1A==
-----END CERTIFICATE-----