Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
File:                     udCVzONbOja-8QjvdipiGvRmJiE.mft (raw, json)
Hash identifier:          czrRI0Y1+RFd8Ar5CJf4vPLlYb8wF0gozfPkgXE08CE=
Subject key identifier:   D9:CA:D5:18:67:5F:CA:0B:9A:7E:01:98:6B:D7:54:51:FC:6F:F2:D2
Authority key identifier: B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21
Certificate issuer:       /CN=b9d095cce35b3a36bef108ef762a621af4662621
Certificate serial:       0199FB7CBC7E7C2254C1BA9779CC46A012EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
Manifest number:          0436
Signing time:             Sun 19 Oct 2025 08:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:19 +0000
Files and hashes:         1: udCVzONbOja-8QjvdipiGvRmJiE.crl (hash: HrDy2yARgcDrvJ8kxA5qkWuYId1A7EtVKvlcquLI9LE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:bc:7e:7c:22:54:c1:ba:97:79:cc:46:a0:12:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d095cce35b3a36bef108ef762a621af4662621
        Validity
            Not Before: Oct 19 08:01:19 2025 GMT
            Not After : Oct 20 08:01:19 2025 GMT
        Subject: CN=d9cad518675fca0b9a7e01986bd75451fc6ff2d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ac:8e:ac:b1:dd:d3:f6:9d:36:e2:9d:60:2c:
                    c5:c6:51:2f:80:4e:78:e6:8f:26:0e:0e:33:21:b2:
                    f1:d8:f8:41:0d:4a:87:6b:e6:11:81:56:61:ee:af:
                    c6:a9:82:64:56:b2:da:4f:44:7c:e9:f9:11:7c:d3:
                    94:b2:15:6c:3d:fc:cf:dd:d7:b1:8c:47:9f:d3:45:
                    4d:43:50:8a:a0:65:03:57:af:a8:d8:57:dd:6b:08:
                    ed:aa:8d:63:c1:9c:1b:ee:46:ba:3e:f2:ba:32:6f:
                    d2:94:6c:5f:59:18:30:0c:d7:06:bb:a0:fb:c7:6d:
                    31:31:8d:71:2b:94:e8:0a:ea:bd:08:bd:b2:01:5a:
                    d2:e8:d2:92:34:50:35:0f:a0:a0:94:1d:e2:b4:3f:
                    8a:50:8d:c6:1a:6d:c7:68:f7:56:a5:b4:db:bf:e7:
                    5b:b6:d6:84:5b:54:5c:0d:11:da:19:be:a1:b9:02:
                    2b:eb:64:db:16:ef:4b:3b:cf:f0:55:12:27:91:eb:
                    1c:4a:20:0a:57:2b:6f:d4:61:59:5f:cd:d8:ae:79:
                    53:a7:90:eb:5b:b7:46:2f:41:86:7e:ac:83:01:1c:
                    38:16:4e:51:e5:a4:d1:dd:97:d9:71:a6:be:c1:a1:
                    8b:ca:b9:6f:c5:a2:75:36:a8:2f:f6:ff:76:33:c1:
                    bb:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:CA:D5:18:67:5F:CA:0B:9A:7E:01:98:6B:D7:54:51:FC:6F:F2:D2
            X509v3 Authority Key Identifier:
                keyid:B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:ed:e3:00:f1:51:ac:97:f8:72:52:fd:d1:92:00:d1:cf:57:
         6d:f5:a8:ad:28:02:9d:55:5f:82:13:7b:33:a0:7a:41:1e:1b:
         14:3b:f7:88:b0:bf:ed:d9:0b:32:96:27:93:7a:18:cd:33:81:
         31:64:f9:99:2a:1c:5c:7f:96:d9:6c:b3:9b:0b:e7:87:8a:3a:
         a1:5e:f5:b0:07:b9:76:1b:77:61:e2:10:a6:64:e8:05:6f:be:
         ea:76:a0:ec:74:64:0c:5c:ec:d5:09:d2:c4:5d:fa:a8:d0:cc:
         94:64:1e:cf:30:b3:c3:b3:ce:f8:1e:f7:33:7b:0f:cf:47:07:
         89:6a:21:d3:26:b0:13:78:f6:50:1c:c1:1d:43:62:e9:63:d0:
         cc:75:83:28:75:04:2b:f2:98:dd:20:23:27:88:d7:85:5c:c9:
         bd:e2:68:bc:1b:26:f4:54:63:25:02:b4:87:0c:6b:8c:49:6a:
         b8:3e:8c:c7:98:4b:f7:f1:18:3c:c8:60:9b:ff:2f:0d:44:29:
         9e:d8:e9:f3:6e:8e:76:d5:e5:4e:61:68:0c:d3:e3:5d:56:d9:
         da:43:b2:12:f3:4e:ec:4a:b0:d3:63:21:b8:4d:e3:f5:8c:7d:
         ca:5d:91:a3:91:24:c2:71:6c:80:15:70:91:88:af:8f:d7:ce:
         8e:ce:53:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fLx+fCJUwbqXecxGoBLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDA5NWNjZTM1YjNhMzZiZWYxMDhlZjc2MmE2MjFhZjQ2
NjI2MjEwHhcNMjUxMDE5MDgwMTE5WhcNMjUxMDIwMDgwMTE5WjAzMTEwLwYDVQQD
EyhkOWNhZDUxODY3NWZjYTBiOWE3ZTAxOTg2YmQ3NTQ1MWZjNmZmMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6yOrLHd0/adNuKdYCzFxlEvgE54
5o8mDg4zIbLx2PhBDUqHa+YRgVZh7q/GqYJkVrLaT0R86fkRfNOUshVsPfzP3dex
jEef00VNQ1CKoGUDV6+o2Ffdawjtqo1jwZwb7ka6PvK6Mm/SlGxfWRgwDNcGu6D7
x20xMY1xK5ToCuq9CL2yAVrS6NKSNFA1D6CglB3itD+KUI3GGm3HaPdWpbTbv+db
ttaEW1RcDRHaGb6huQIr62TbFu9LO8/wVRInkescSiAKVytv1GFZX83YrnlTp5Dr
W7dGL0GGfqyDARw4Fk5R5aTR3ZfZcaa+waGLyrlvxaJ1Nqgv9v92M8G7FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnK1RhnX8oLmn4BmGvXVFH8b/LSMB8GA1UdIwQY
MBaAFLnQlczjWzo2vvEI73YqYhr0ZiYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUt
OGM3MGJjODQ3YmM1LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUtOGM3MGJjODQ3YmM1
LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdO3jAPFR
rJf4clL90ZIA0c9XbfWorSgCnVVfghN7M6B6QR4bFDv3iLC/7dkLMpYnk3oYzTOB
MWT5mSocXH+W2Wyzmwvnh4o6oV71sAe5dht3YeIQpmToBW++6nag7HRkDFzs1QnS
xF36qNDMlGQezzCzw7PO+B73M3sPz0cHiWoh0yawE3j2UBzBHUNi6WPQzHWDKHUE
K/KY3SAjJ4jXhVzJveJovBsm9FRjJQK0hwxrjElquD6Mx5hL9/EYPMhgm/8vDUQp
ntjp826OdtXlTmFoDNPjXVbZ2kOyEvNO7Eqw02MhuE3j9Yx9yl2Ro5EkwnFsgBVw
kYivj9fOjs5TnA==
-----END CERTIFICATE-----