Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
File:                     A1mTnOHGqpvru2WA4VbuvYcd87I.mft (raw, json)
Hash identifier:          Ox6AdQy8G4qzN1gaYd4u5mIb8Aa2b0rNC1kcthrVExw=
Subject key identifier:   BF:75:1A:45:14:D5:C3:80:DC:9D:22:C6:63:BE:95:7C:78:25:50:68
Authority key identifier: 03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2
Certificate issuer:       /CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
Certificate serial:       0199FC5835D85D93DCC913DCFBABFE5E68A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
Manifest number:          0539
Signing time:             Sun 19 Oct 2025 12:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:03 +0000
Files and hashes:         1: A1mTnOHGqpvru2WA4VbuvYcd87I.crl (hash: YoyKJTaJdoBeA2igsYsBl1PMjOqGI75+Fc9kReLsGL4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:35:d8:5d:93:dc:c9:13:dc:fb:ab:fe:5e:68:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
        Validity
            Not Before: Oct 19 12:01:03 2025 GMT
            Not After : Oct 20 12:01:03 2025 GMT
        Subject: CN=bf751a4514d5c380dc9d22c663be957c78255068
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:7b:b8:c2:72:a7:81:90:b4:18:06:6c:62:0c:
                    43:cd:1d:8d:c7:3f:f3:88:cb:af:c5:50:ab:a0:cd:
                    c8:d2:6a:9a:5f:ad:8f:5f:98:ea:33:fb:d8:03:e7:
                    3a:82:de:ca:43:67:64:5a:ad:cc:59:13:d8:9a:8e:
                    c3:05:5d:14:87:e6:e8:1c:99:b6:08:fa:46:44:1c:
                    2f:bc:87:80:2f:b4:eb:5f:d3:7f:e1:13:e6:1a:09:
                    d9:88:62:cc:d1:4b:f4:2e:7f:59:4d:ca:53:71:7e:
                    58:d8:4e:72:f8:22:1f:9f:97:b0:ba:e9:65:58:74:
                    9f:5e:c1:c3:63:e4:ba:9d:6b:a6:8b:4a:e0:84:2a:
                    22:fd:c4:9f:38:6d:c7:3e:ed:2f:69:f4:d1:a8:57:
                    d9:90:47:cd:bb:6d:d2:8f:25:7b:54:93:62:f0:e1:
                    7f:5e:b8:9d:b4:90:4d:78:16:23:1e:d1:88:09:05:
                    57:f0:26:5c:d3:45:d9:3f:71:39:5c:0d:7c:8b:d5:
                    39:44:97:48:92:43:4a:f5:0d:05:ad:21:08:1c:61:
                    a3:4e:8d:37:5f:58:a0:0c:66:a2:eb:ab:49:5c:fc:
                    f1:01:ee:b6:b2:4e:f6:9f:23:d0:d7:03:db:11:d0:
                    f0:6d:72:93:d1:83:fe:09:1a:d1:48:c0:b7:7e:64:
                    35:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:75:1A:45:14:D5:C3:80:DC:9D:22:C6:63:BE:95:7C:78:25:50:68
            X509v3 Authority Key Identifier:
                keyid:03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:1c:91:22:fd:9a:1c:83:ac:bd:ae:28:1b:7d:db:b0:69:3e:
         b2:2b:04:bc:4d:3b:b8:a2:68:0e:20:a9:4c:71:99:44:1b:47:
         04:5c:10:27:4e:b2:ab:46:6a:fc:80:07:ec:52:78:e2:f4:7b:
         ba:96:e4:f9:c1:d4:94:bb:54:d8:8b:8d:d6:f8:bb:57:4f:99:
         d0:45:3b:06:92:08:62:dd:11:a8:79:00:e5:f0:41:30:91:43:
         dc:64:ed:51:bf:bf:dc:19:10:4c:7b:5a:aa:5e:5e:37:04:26:
         0b:42:fe:45:37:65:04:20:0f:8e:9d:dc:6f:04:64:08:5b:e6:
         2c:40:97:6e:34:47:a5:62:87:c4:10:9a:c5:93:66:c8:8c:3f:
         6f:32:64:06:c8:b3:a7:9b:f9:c9:34:bf:a4:30:57:c2:f8:d8:
         f7:0c:2e:fd:73:89:af:7c:bc:14:17:ab:b8:98:8f:3f:46:2c:
         b9:74:dc:e1:0c:2c:3d:27:b6:ba:34:0f:e4:93:a5:36:2c:88:
         57:ec:5d:09:be:06:b2:d7:ed:f4:f0:08:b1:76:91:7f:6c:f3:
         58:a2:96:d9:2a:b0:64:23:df:6a:ec:fa:73:9e:5c:b9:08:bb:
         ea:45:f3:5c:f2:c8:6a:37:5f:7e:c3:3f:4d:dc:e3:c2:27:d9:
         18:9c:e4:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WDXYXZPcyRPc+6v+XmigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTk5MzljZTFjNmFhOWJlYmJiNjU4MGUxNTZlZWJkODcx
ZGYzYjIwHhcNMjUxMDE5MTIwMTAzWhcNMjUxMDIwMTIwMTAzWjAzMTEwLwYDVQQD
EyhiZjc1MWE0NTE0ZDVjMzgwZGM5ZDIyYzY2M2JlOTU3Yzc4MjU1MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8nu4wnKngZC0GAZsYgxDzR2Nxz/z
iMuvxVCroM3I0mqaX62PX5jqM/vYA+c6gt7KQ2dkWq3MWRPYmo7DBV0Uh+boHJm2
CPpGRBwvvIeAL7TrX9N/4RPmGgnZiGLM0Uv0Ln9ZTcpTcX5Y2E5y+CIfn5ewuull
WHSfXsHDY+S6nWumi0rghCoi/cSfOG3HPu0vafTRqFfZkEfNu23SjyV7VJNi8OF/
XridtJBNeBYjHtGICQVX8CZc00XZP3E5XA18i9U5RJdIkkNK9Q0FrSEIHGGjTo03
X1igDGai66tJXPzxAe62sk72nyPQ1wPbEdDwbXKT0YP+CRrRSMC3fmQ1rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL91GkUU1cOA3J0ixmO+lXx4JVBoMB8GA1UdIwQY
MBaAFANZk5zhxqqb67tlgOFW7r2HHfOyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAt
YTk2MmMyYjdiMTUzLzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAtYTk2MmMyYjdiMTUz
LzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoxyRIv2a
HIOsva4oG33bsGk+sisEvE07uKJoDiCpTHGZRBtHBFwQJ06yq0Zq/IAH7FJ44vR7
upbk+cHUlLtU2IuN1vi7V0+Z0EU7BpIIYt0RqHkA5fBBMJFD3GTtUb+/3BkQTHta
ql5eNwQmC0L+RTdlBCAPjp3cbwRkCFvmLECXbjRHpWKHxBCaxZNmyIw/bzJkBsiz
p5v5yTS/pDBXwvjY9wwu/XOJr3y8FBeruJiPP0YsuXTc4QwsPSe2ujQP5JOlNiyI
V+xdCb4Gstft9PAIsXaRf2zzWKKW2SqwZCPfauz6c55cuQi76kXzXPLIajdffsM/
TdzjwifZGJzk8Q==
-----END CERTIFICATE-----