Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
File:                     iYDaJ6VQ15vmUa15rnGcz8vFo28.mft (raw, json)
Hash identifier:          XvbglIGk9ZsuPMnva1L8aJiVgTATAi0Ahxlie/S1fJk=
Subject key identifier:   A1:0D:52:C2:27:F5:31:E9:ED:B1:6C:27:41:B8:F9:8A:D8:05:07:9F
Authority key identifier: 89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F
Certificate issuer:       /CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
Certificate serial:       0199FC58B968347B4B2F5DAC46C793E5CCAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
Manifest number:          044C
Signing time:             Sun 19 Oct 2025 12:01:36 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:36 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:36 +0000
Files and hashes:         1: iYDaJ6VQ15vmUa15rnGcz8vFo28.crl (hash: Bxv+gwR2JZ6xN4SxXv0F8T/IgIH3DS6CLKW9Ni71VkA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:b9:68:34:7b:4b:2f:5d:ac:46:c7:93:e5:cc:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
        Validity
            Not Before: Oct 19 12:01:36 2025 GMT
            Not After : Oct 20 12:01:36 2025 GMT
        Subject: CN=a10d52c227f531e9edb16c2741b8f98ad805079f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e9:a6:00:5d:10:67:af:37:84:8a:0d:48:a1:
                    0d:fe:bd:6f:59:98:9d:60:d8:28:30:eb:1b:43:85:
                    85:21:76:26:6c:2b:30:37:87:de:32:e8:a3:86:da:
                    48:30:c8:86:42:a3:03:dd:c7:0e:25:b6:c7:14:6a:
                    48:db:c3:3d:a6:d1:77:3f:f5:87:27:22:ea:1d:c9:
                    2f:17:80:73:99:ac:89:9f:04:b7:c9:f3:34:c4:a2:
                    ed:1b:87:5c:b2:4b:e6:80:6c:51:f1:0c:e1:c6:6b:
                    32:08:9f:30:c4:b6:ed:12:30:ae:80:14:15:7b:00:
                    29:1a:5a:15:19:71:91:9b:49:b1:0d:48:23:7e:87:
                    03:a1:9d:0f:b6:33:5d:8b:b3:0d:f2:a7:3f:9d:fa:
                    11:4d:9b:7c:34:20:39:e3:62:48:2a:89:68:dd:fb:
                    16:d1:b8:a1:45:84:ac:e9:9e:44:41:70:16:5f:58:
                    a2:de:e2:70:e0:3c:92:2f:76:45:ba:d3:ab:c9:a9:
                    2f:4a:e4:ea:8e:2f:12:e4:1d:cb:f0:6c:85:bf:82:
                    3f:ee:c7:2c:4d:ac:e4:cc:61:f2:34:0d:ec:de:4b:
                    41:be:33:e7:83:7a:83:e1:ca:11:30:78:c2:3d:cb:
                    49:f4:37:93:65:58:99:7a:13:ea:67:71:55:47:a8:
                    29:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:0D:52:C2:27:F5:31:E9:ED:B1:6C:27:41:B8:F9:8A:D8:05:07:9F
            X509v3 Authority Key Identifier:
                keyid:89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:6b:8b:99:e9:1f:fa:f6:f3:f8:f6:83:d4:f1:58:a5:99:39:
         7e:cd:2d:7e:37:1b:88:e3:5d:a3:fe:0f:4d:72:21:6f:4d:a4:
         c0:e6:5d:d9:e7:ec:d7:88:fc:8d:a2:18:48:a9:9d:01:1f:e8:
         4d:34:c9:18:76:2d:a0:39:56:2d:33:9e:6f:0a:43:91:e7:ff:
         fe:e0:35:69:01:9f:80:08:ec:ae:22:ce:1a:20:39:81:04:96:
         cf:a5:85:5e:de:b2:96:ab:43:b7:24:72:8e:f3:ec:08:a0:20:
         8f:06:9b:99:75:79:bd:c8:14:cc:6c:87:6e:9c:ea:99:3a:fb:
         75:69:5c:14:35:70:af:fe:c9:d8:5f:f9:39:77:96:08:55:20:
         3a:d7:cf:d4:95:b6:bc:a5:84:b7:ac:64:82:43:8a:4f:20:fe:
         0b:0c:04:1f:08:3f:22:53:7c:c6:f2:d0:2a:83:d7:7d:a1:72:
         fc:a8:21:cd:22:bc:45:99:01:76:a4:f6:1d:e5:74:13:b1:59:
         14:0c:4d:9b:12:19:be:ab:90:24:27:83:e6:50:bf:cc:22:f2:
         83:1b:fe:08:97:4e:9d:1a:da:1a:a4:e6:41:cb:5e:4c:48:46:
         55:23:f9:ae:9c:47:9e:7c:45:49:a0:57:0e:64:d5:b3:04:98:
         a0:c9:47:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WLloNHtLL12sRseT5cyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODBkYTI3YTU1MGQ3OWJlNjUxYWQ3OWFlNzE5Y2NmY2Jj
NWEzNmYwHhcNMjUxMDE5MTIwMTM2WhcNMjUxMDIwMTIwMTM2WjAzMTEwLwYDVQQD
EyhhMTBkNTJjMjI3ZjUzMWU5ZWRiMTZjMjc0MWI4Zjk4YWQ4MDUwNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOmmAF0QZ683hIoNSKEN/r1vWZid
YNgoMOsbQ4WFIXYmbCswN4feMuijhtpIMMiGQqMD3ccOJbbHFGpI28M9ptF3P/WH
JyLqHckvF4BzmayJnwS3yfM0xKLtG4dcskvmgGxR8QzhxmsyCJ8wxLbtEjCugBQV
ewApGloVGXGRm0mxDUgjfocDoZ0PtjNdi7MN8qc/nfoRTZt8NCA542JIKolo3fsW
0bihRYSs6Z5EQXAWX1ii3uJw4DySL3ZFutOryakvSuTqji8S5B3L8GyFv4I/7scs
TazkzGHyNA3s3ktBvjPng3qD4coRMHjCPctJ9DeTZViZehPqZ3FVR6gp7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKENUsIn9THp7bFsJ0G4+YrYBQefMB8GA1UdIwQY
MBaAFImA2ielUNeb5lGtea5xnM/LxaNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYt
Mjk3NjJjMWFhZjY1LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYtMjk3NjJjMWFhZjY1
LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMGuLmekf
+vbz+PaD1PFYpZk5fs0tfjcbiONdo/4PTXIhb02kwOZd2efs14j8jaIYSKmdAR/o
TTTJGHYtoDlWLTOebwpDkef//uA1aQGfgAjsriLOGiA5gQSWz6WFXt6ylqtDtyRy
jvPsCKAgjwabmXV5vcgUzGyHbpzqmTr7dWlcFDVwr/7J2F/5OXeWCFUgOtfP1JW2
vKWEt6xkgkOKTyD+CwwEHwg/IlN8xvLQKoPXfaFy/KghzSK8RZkBdqT2HeV0E7FZ
FAxNmxIZvquQJCeD5lC/zCLygxv+CJdOnRraGqTmQcteTEhGVSP5rpxHnnxFSaBX
DmTVswSYoMlHNA==
-----END CERTIFICATE-----