Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
File:                     bHwktnELOtfXKCoMlH9rlTHVjsU.mft (raw, json)
Hash identifier:          3SQ69QX+ZHgmjCdNZ01uA8cmC9xKJChkMiAjxnn4MUg=
Subject key identifier:   D5:F7:6D:B5:53:E6:FD:09:FF:D3:EC:8C:43:12:31:CD:E7:B3:3D:F6
Authority key identifier: 6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5
Certificate issuer:       /CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
Certificate serial:       0199FC58FF49D4E084CA909271A0F80319F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 12:01:54 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:54 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:54 +0000
Files and hashes:         1: bHwktnELOtfXKCoMlH9rlTHVjsU.crl (hash: n/DPhzUcvEZK/RfJY+5opZakWQgojUG5pQkUSnYXKac=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:ff:49:d4:e0:84:ca:90:92:71:a0:f8:03:19:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
        Validity
            Not Before: Oct 19 12:01:54 2025 GMT
            Not After : Oct 20 12:01:54 2025 GMT
        Subject: CN=d5f76db553e6fd09ffd3ec8c431231cde7b33df6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:cc:ab:a4:93:3e:db:9a:82:63:a6:e0:1b:a0:
                    18:1b:04:b2:90:3d:bf:d7:59:43:15:9d:2b:3e:14:
                    09:2d:93:05:76:89:52:f0:e8:34:b1:4f:5c:72:aa:
                    d0:7a:5a:d7:e1:77:b0:5f:9d:fe:a1:69:b5:41:5d:
                    6b:20:a0:cb:43:31:3f:07:f0:f3:88:05:9c:52:5d:
                    b5:13:3a:26:1c:b9:6c:8b:6e:d6:71:e0:55:eb:e4:
                    cb:98:4e:2b:9e:8e:3f:c4:da:65:ac:04:cf:a2:71:
                    7d:f0:c2:14:ef:a0:e9:f9:fb:de:8b:0b:1a:09:2b:
                    11:c8:5a:3b:17:fe:c0:fb:9f:f7:3c:bc:20:3c:09:
                    7f:da:26:e1:5f:62:92:81:6d:87:4a:8d:8e:a4:35:
                    5a:c8:33:cc:c7:39:0b:4b:35:90:df:30:33:e4:5f:
                    ea:78:49:c0:d9:21:28:41:65:6f:0a:93:c3:43:3b:
                    fd:33:90:74:1e:e6:26:d5:f4:f2:59:0b:0b:7e:bb:
                    a9:e1:fc:9c:0d:db:dd:cd:7e:52:b0:d8:33:8e:f0:
                    5b:c9:b3:f0:99:3d:33:3d:5a:80:a7:ea:ae:ba:de:
                    43:62:5b:fa:0b:88:a9:55:cb:88:37:42:cf:be:b7:
                    49:8f:4b:6a:e1:eb:ed:75:0c:1d:e4:55:19:5a:98:
                    6f:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:F7:6D:B5:53:E6:FD:09:FF:D3:EC:8C:43:12:31:CD:E7:B3:3D:F6
            X509v3 Authority Key Identifier:
                keyid:6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:2e:dc:d7:c6:16:7d:a3:6c:f4:36:4c:01:ea:2e:ef:a3:11:
         92:36:97:60:0d:c3:9f:a1:15:cd:cc:11:32:80:e6:11:45:44:
         c9:8c:a7:bf:0f:8c:ab:a7:ad:39:ad:a8:1f:f6:df:f3:b1:2f:
         82:c5:aa:9d:7b:34:55:9c:7e:04:d8:41:7e:6f:5d:12:e8:95:
         67:0c:57:a7:6e:e5:d8:95:90:5e:d5:80:4d:a3:0b:3b:58:97:
         cd:e4:43:8f:a0:bf:cb:28:65:ba:24:5b:76:37:94:04:6c:1a:
         39:59:eb:1a:2b:3d:f7:1a:a2:e9:aa:f4:9b:ee:7e:4f:04:8e:
         f4:ad:ba:66:10:e2:19:84:32:5a:93:2a:bb:aa:ea:70:fd:5c:
         e5:4e:fd:92:90:64:ec:7c:21:9a:2b:46:45:0c:61:7e:50:c6:
         e9:4a:d8:3a:60:df:cb:cd:3c:8b:e3:3b:f7:d1:dc:f6:6d:41:
         9d:a5:9e:7e:1e:03:26:f8:b4:f8:45:46:4c:1b:f3:ca:ef:ce:
         7d:c1:9e:13:cc:8c:66:46:21:6b:35:a4:0c:94:02:0b:66:12:
         d8:2f:d7:b7:f3:2e:89:a9:f9:39:d5:cb:7e:64:4b:6e:86:e1:
         00:88:28:88:42:13:c0:ca:40:d1:f5:3e:8f:92:09:c6:6c:a5:
         39:55:5a:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WP9J1OCEypCScaD4AxnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjN2MyNGI2NzEwYjNhZDdkNzI4MmEwYzk0N2Y2Yjk1MzFk
NThlYzUwHhcNMjUxMDE5MTIwMTU0WhcNMjUxMDIwMTIwMTU0WjAzMTEwLwYDVQQD
EyhkNWY3NmRiNTUzZTZmZDA5ZmZkM2VjOGM0MzEyMzFjZGU3YjMzZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMyrpJM+25qCY6bgG6AYGwSykD2/
11lDFZ0rPhQJLZMFdolS8Og0sU9ccqrQelrX4XewX53+oWm1QV1rIKDLQzE/B/Dz
iAWcUl21EzomHLlsi27WceBV6+TLmE4rno4/xNplrATPonF98MIU76Dp+fveiwsa
CSsRyFo7F/7A+5/3PLwgPAl/2ibhX2KSgW2HSo2OpDVayDPMxzkLSzWQ3zAz5F/q
eEnA2SEoQWVvCpPDQzv9M5B0HuYm1fTyWQsLfrup4fycDdvdzX5SsNgzjvBbybPw
mT0zPVqAp+quut5DYlv6C4ipVcuIN0LPvrdJj0tq4evtdQwd5FUZWphvgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNX3bbVT5v0J/9PsjEMSMc3nsz32MB8GA1UdIwQY
MBaAFGx8JLZxCzrX1ygqDJR/a5Ux1Y7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEt
MThmMGE1MGM4ZTI2LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEtMThmMGE1MGM4ZTI2
LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgS7c18YW
faNs9DZMAeou76MRkjaXYA3Dn6EVzcwRMoDmEUVEyYynvw+Mq6etOa2oH/bf87Ev
gsWqnXs0VZx+BNhBfm9dEuiVZwxXp27l2JWQXtWATaMLO1iXzeRDj6C/yyhluiRb
djeUBGwaOVnrGis99xqi6ar0m+5+TwSO9K26ZhDiGYQyWpMqu6rqcP1c5U79kpBk
7HwhmitGRQxhflDG6UrYOmDfy808i+M799Hc9m1BnaWefh4DJvi0+EVGTBvzyu/O
fcGeE8yMZkYhazWkDJQCC2YS2C/Xt/Muian5OdXLfmRLbobhAIgoiEITwMpA0fU+
j5IJxmylOVVaCA==
-----END CERTIFICATE-----