Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
File:                     8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft (raw, json)
Hash identifier:          +/8ZiayvE4kFjKw0/Im7MJV/cntbllP+IZN3joSIH+4=
Subject key identifier:   43:D5:AC:A3:61:C5:EC:1A:3B:AE:5A:A0:A9:D6:78:BE:A5:29:A0:87
Authority key identifier: F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80
Certificate issuer:       /CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
Certificate serial:       0199FC5867D5DDE378E6343C2996FD70B1A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
Manifest number:          0BC2
Signing time:             Sun 19 Oct 2025 12:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:16 +0000
Files and hashes:         1: 8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl (hash: jmf8pacO86gdMUFQtiyl3eXO4CSiYNsvLKUQhFXd5HQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:67:d5:dd:e3:78:e6:34:3c:29:96:fd:70:b1:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
        Validity
            Not Before: Oct 19 12:01:16 2025 GMT
            Not After : Oct 20 12:01:16 2025 GMT
        Subject: CN=43d5aca361c5ec1a3bae5aa0a9d678bea529a087
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0b:fe:ce:83:d0:2b:e1:11:b5:58:14:0b:78:
                    21:5b:59:d1:7d:b1:64:8d:18:e9:96:b5:5e:1f:72:
                    0e:97:a3:3c:99:cb:91:e7:00:ce:0d:c0:ed:1b:83:
                    10:53:67:cc:8d:3f:c3:05:96:96:27:c0:7e:24:0d:
                    de:e3:bb:ed:66:a4:2a:48:38:92:cd:f8:b2:22:54:
                    fa:23:67:da:59:29:1b:75:8b:90:cb:25:63:c5:d9:
                    96:3d:c5:6f:75:2c:58:5b:40:b3:d8:b5:9f:f9:1a:
                    47:c2:48:bc:e6:f8:2b:46:04:7f:dd:e3:47:7a:8c:
                    a5:28:29:e9:5e:29:38:54:73:b4:83:47:32:ec:1e:
                    f2:0e:8e:7a:7a:67:b4:30:8f:42:87:82:83:33:ff:
                    a9:88:ae:63:bd:f6:e8:42:8f:fe:2f:86:a9:c2:6c:
                    da:ea:fc:83:1d:bd:c0:88:33:4d:6e:53:d9:a2:bc:
                    50:5a:1f:e2:58:dd:47:dc:ee:74:f0:73:01:24:e0:
                    a2:cf:6d:41:de:bc:c7:fb:4e:5e:6f:eb:17:84:d0:
                    3c:65:99:ed:7c:0a:0a:01:50:91:ef:82:9f:88:6c:
                    74:87:65:3c:53:a7:c6:b2:07:75:cf:4d:83:ca:ba:
                    86:0e:5c:0f:f0:06:11:db:c8:f6:88:2b:de:c6:bb:
                    61:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:D5:AC:A3:61:C5:EC:1A:3B:AE:5A:A0:A9:D6:78:BE:A5:29:A0:87
            X509v3 Authority Key Identifier:
                keyid:F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:46:5e:61:21:88:c5:33:04:fa:11:26:75:b4:5f:ac:bf:c4:
         9f:6d:be:b3:d1:3e:be:44:df:c8:05:05:a6:41:49:9b:5e:2d:
         ac:2a:57:6a:59:e5:8e:6b:aa:59:29:dd:65:e3:5f:d5:0c:5b:
         d9:1e:03:47:4e:fb:ee:07:46:5b:98:77:ea:99:ee:15:29:bc:
         f6:54:fa:b4:ae:42:ae:77:e3:54:f3:de:0a:a0:22:84:cb:41:
         09:45:fc:c3:39:6e:89:bd:2f:a0:e3:ec:ea:76:b4:83:3b:50:
         97:5a:6f:dc:37:28:6d:76:02:60:47:df:25:cd:02:a7:0d:ba:
         49:da:a2:86:35:04:b7:4c:e1:52:82:39:ce:4f:d6:81:06:0c:
         d3:16:a0:fc:0b:68:2f:b4:44:fa:4b:92:90:4d:92:67:df:13:
         f1:4a:6f:d2:1e:ac:e6:5e:ce:ee:4d:fe:7a:86:75:42:c2:80:
         93:b9:ed:a1:4e:f1:6d:c6:d3:f3:2e:81:ec:22:e1:56:3e:5d:
         d2:70:0f:c9:7e:e2:d0:94:a8:a9:dc:b2:7d:f0:63:15:8b:9b:
         60:2a:67:b6:50:7b:f0:b9:e8:c5:50:81:a2:2f:71:20:33:fc:
         70:d9:e4:82:41:e8:2f:0a:91:47:c2:33:a2:76:85:88:63:57:
         83:cd:8e:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WGfV3eN45jQ8KZb9cLGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzc3NGEyNzYyMTRiODZlMGE1YjRmYTc3MjFiZGIwZTMy
MmUwODAwHhcNMjUxMDE5MTIwMTE2WhcNMjUxMDIwMTIwMTE2WjAzMTEwLwYDVQQD
Eyg0M2Q1YWNhMzYxYzVlYzFhM2JhZTVhYTBhOWQ2NzhiZWE1MjlhMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgv+zoPQK+ERtVgUC3ghW1nRfbFk
jRjplrVeH3IOl6M8mcuR5wDODcDtG4MQU2fMjT/DBZaWJ8B+JA3e47vtZqQqSDiS
zfiyIlT6I2faWSkbdYuQyyVjxdmWPcVvdSxYW0Cz2LWf+RpHwki85vgrRgR/3eNH
eoylKCnpXik4VHO0g0cy7B7yDo56eme0MI9Ch4KDM/+piK5jvfboQo/+L4apwmza
6vyDHb3AiDNNblPZorxQWh/iWN1H3O508HMBJOCiz21B3rzH+05eb+sXhNA8ZZnt
fAoKAVCR74KfiGx0h2U8U6fGsgd1z02DyrqGDlwP8AYR28j2iCvexrth3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPVrKNhxewaO65aoKnWeL6lKaCHMB8GA1UdIwQY
MBaAFPA3dKJ2IUuG4KW0+nchvbDjIuCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQt
YjgxNjIyNjAxMjRmLzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQtYjgxNjIyNjAxMjRm
LzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh0ZeYSGI
xTME+hEmdbRfrL/En22+s9E+vkTfyAUFpkFJm14trCpXalnljmuqWSndZeNf1Qxb
2R4DR0777gdGW5h36pnuFSm89lT6tK5CrnfjVPPeCqAihMtBCUX8wzluib0voOPs
6na0gztQl1pv3DcobXYCYEffJc0Cpw26SdqihjUEt0zhUoI5zk/WgQYM0xag/Ato
L7RE+kuSkE2SZ98T8Upv0h6s5l7O7k3+eoZ1QsKAk7ntoU7xbcbT8y6B7CLhVj5d
0nAPyX7i0JSoqdyyffBjFYubYCpntlB78LnoxVCBoi9xIDP8cNnkgkHoLwqRR8Iz
onaFiGNXg82O6Q==
-----END CERTIFICATE-----