Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
File:                     jmcNnjgoGVjuocw46s67vcM4HTY.mft (raw, json)
Hash identifier:          oSdC28ygiyxiFHsyXJxM6aAUppsF5FGGnnZVD5DcxBk=
Subject key identifier:   54:07:15:77:7C:B7:F9:6F:71:3F:6B:F1:8A:4E:87:FC:78:63:AD:98
Authority key identifier: 8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36
Certificate issuer:       /CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
Certificate serial:       0199FDD8C8A978B0C089AD1165FA5B583856
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
Manifest number:          0BBD
Signing time:             Sun 19 Oct 2025 19:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:06 +0000
Files and hashes:         1: jmcNnjgoGVjuocw46s67vcM4HTY.crl (hash: fwZw4sqcqumteBFMevUKPLkdi0AdXORwXbkju/qtIgE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:c8:a9:78:b0:c0:89:ad:11:65:fa:5b:58:38:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
        Validity
            Not Before: Oct 19 19:01:06 2025 GMT
            Not After : Oct 20 19:01:06 2025 GMT
        Subject: CN=540715777cb7f96f713f6bf18a4e87fc7863ad98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1d:f5:c1:70:6c:c7:0a:9d:06:1a:22:6a:7e:
                    ef:3e:9d:e1:fd:d5:42:55:d3:36:0f:ae:fd:c7:4d:
                    d3:16:fe:32:7e:5b:3e:e0:dd:c4:82:41:8a:88:8c:
                    cd:05:9f:a9:d9:fc:8c:e2:0d:b7:54:a3:5c:03:69:
                    f1:61:29:8a:eb:93:3f:10:e7:a8:6a:61:94:9c:9a:
                    3c:45:97:de:f4:ae:fe:7a:ca:a7:11:06:59:ab:18:
                    22:6e:2d:e5:c3:db:69:65:cc:3e:f1:4b:2f:57:60:
                    61:e5:f7:9b:ff:3d:db:56:00:26:0b:08:91:91:73:
                    d0:f9:9f:0f:aa:8c:59:9a:0a:53:69:7c:f5:b2:c6:
                    3a:5d:fa:81:db:f5:46:02:13:ec:c8:20:cc:fb:11:
                    79:eb:d8:41:03:f6:fb:29:c2:9d:99:70:ef:55:44:
                    ca:c5:7f:6a:a5:e9:0c:00:3f:f6:f1:19:7c:0c:39:
                    3e:a0:3d:c7:4d:d7:90:90:c2:1e:42:fc:c2:52:3f:
                    65:14:14:86:6d:1e:2f:08:80:00:6e:b6:76:c3:f8:
                    ec:7c:82:cb:36:a3:78:9a:ef:dd:ae:db:6d:26:f5:
                    ce:cb:f6:b7:54:14:cf:05:96:d1:4e:e8:07:f6:3b:
                    16:d1:04:77:e0:4c:df:e4:a9:7f:89:17:b0:23:f2:
                    52:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:07:15:77:7C:B7:F9:6F:71:3F:6B:F1:8A:4E:87:FC:78:63:AD:98
            X509v3 Authority Key Identifier:
                keyid:8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:54:1a:61:4e:8b:27:21:0d:b9:d2:91:6b:09:5c:91:51:23:
         d1:af:2a:02:d8:1b:50:40:b8:78:f0:7d:1a:69:97:d8:e5:94:
         6d:74:6a:da:b3:81:ae:3c:37:0d:43:ef:28:6a:d0:b1:a8:7e:
         0c:ed:b4:87:21:1a:8d:7e:4c:0c:43:0c:7f:06:12:95:89:d8:
         0e:e0:43:22:b3:12:79:15:18:60:75:3e:5a:77:db:91:c7:d5:
         f6:d9:42:fc:9c:e3:51:5f:95:a0:f9:73:1a:68:c8:e7:63:53:
         29:92:7a:6e:8d:7b:74:a2:1f:db:a8:5b:06:11:fe:a6:fc:8d:
         90:e7:0e:e7:15:78:b9:ea:1b:b4:97:a0:62:3f:15:cf:3a:70:
         43:f1:4c:9a:ed:f8:52:f6:88:d9:df:90:67:d6:ad:a5:b5:e4:
         af:9d:cc:56:4e:45:ce:75:06:ce:a0:32:a9:90:85:69:c4:d8:
         c7:98:99:7a:c9:fc:1d:eb:bc:f1:49:ce:ad:e6:21:f4:06:86:
         a5:2a:c0:fa:7c:1d:3c:66:f6:c3:19:f7:b2:ac:68:21:d5:b8:
         ab:f9:51:f7:26:0c:f4:57:c6:f3:b7:27:6b:55:2f:7b:16:f3:
         c2:a6:b5:a4:9d:96:4a:42:d7:53:28:08:cf:99:e3:81:7a:8c:
         01:2f:0c:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92MipeLDAia0RZfpbWDhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjcwZDllMzgyODE5NThlZWExY2MzOGVhY2ViYmJkYzMz
ODFkMzYwHhcNMjUxMDE5MTkwMTA2WhcNMjUxMDIwMTkwMTA2WjAzMTEwLwYDVQQD
Eyg1NDA3MTU3NzdjYjdmOTZmNzEzZjZiZjE4YTRlODdmYzc4NjNhZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB31wXBsxwqdBhoian7vPp3h/dVC
VdM2D679x03TFv4yfls+4N3EgkGKiIzNBZ+p2fyM4g23VKNcA2nxYSmK65M/EOeo
amGUnJo8RZfe9K7+esqnEQZZqxgibi3lw9tpZcw+8UsvV2Bh5feb/z3bVgAmCwiR
kXPQ+Z8PqoxZmgpTaXz1ssY6XfqB2/VGAhPsyCDM+xF569hBA/b7KcKdmXDvVUTK
xX9qpekMAD/28Rl8DDk+oD3HTdeQkMIeQvzCUj9lFBSGbR4vCIAAbrZ2w/jsfILL
NqN4mu/drtttJvXOy/a3VBTPBZbRTugH9jsW0QR34Ezf5Kl/iRewI/JSEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQHFXd8t/lvcT9r8YpOh/x4Y62YMB8GA1UdIwQY
MBaAFI5nDZ44KBlY7qHMOOrOu73DOB02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUt
Y2NhOWRmNmUxOWUzLzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUtY2NhOWRmNmUxOWUz
LzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfFQaYU6L
JyENudKRawlckVEj0a8qAtgbUEC4ePB9GmmX2OWUbXRq2rOBrjw3DUPvKGrQsah+
DO20hyEajX5MDEMMfwYSlYnYDuBDIrMSeRUYYHU+WnfbkcfV9tlC/JzjUV+VoPlz
GmjI52NTKZJ6bo17dKIf26hbBhH+pvyNkOcO5xV4ueobtJegYj8VzzpwQ/FMmu34
UvaI2d+QZ9atpbXkr53MVk5FznUGzqAyqZCFacTYx5iZesn8Heu88UnOreYh9AaG
pSrA+nwdPGb2wxn3sqxoIdW4q/lR9yYM9FfG87cna1Uvexbzwqa1pJ2WSkLXUygI
z5njgXqMAS8MLg==
-----END CERTIFICATE-----