Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
File:                     izHINiDus1ExJXtb-vqrOTRSyJE.mft (raw, json)
Hash identifier:          6vqGaz8+k43Y0JilpczbcFfDoeWcDtRvzPtMgaejusM=
Subject key identifier:   62:32:50:E5:01:E2:17:DB:C4:A7:2E:D2:0B:94:A9:07:2A:59:37:EA
Authority key identifier: 8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91
Certificate issuer:       /CN=8b31c83620eeb35131257b5bfafaab393452c891
Certificate serial:       0199FD3426F9CCBC11831A72798C9994256B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 16:01:17 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:17 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:17 +0000
Files and hashes:         1: izHINiDus1ExJXtb-vqrOTRSyJE.crl (hash: u39p07i/yOE6stb30BfA/VRB5EEzwtVuSySl3q1pi2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:26:f9:cc:bc:11:83:1a:72:79:8c:99:94:25:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b31c83620eeb35131257b5bfafaab393452c891
        Validity
            Not Before: Oct 19 16:01:17 2025 GMT
            Not After : Oct 20 16:01:17 2025 GMT
        Subject: CN=623250e501e217dbc4a72ed20b94a9072a5937ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:34:ec:aa:f5:2e:94:71:7b:3d:00:52:0a:79:
                    60:eb:42:f3:4f:df:3f:f3:b8:67:1a:0b:b4:30:4f:
                    17:db:53:63:aa:e4:5f:20:05:50:93:09:1e:e5:bf:
                    b2:09:15:be:85:42:ec:b9:5b:7f:cc:3d:89:54:28:
                    ad:cc:76:71:70:c6:a4:fe:f0:99:1e:46:db:aa:53:
                    a0:4f:06:92:96:50:2a:46:5e:a1:3c:aa:07:40:3b:
                    54:30:ad:ca:6c:30:c7:62:f6:8e:56:fa:67:03:af:
                    58:da:1c:c9:f0:0b:ae:70:50:74:8d:0b:db:56:dd:
                    c5:38:6e:c7:53:d7:f1:1f:fb:bf:c7:59:1e:7d:8c:
                    41:59:71:44:7a:27:9d:49:c9:49:3a:2b:dc:90:2c:
                    3a:e2:44:71:1e:7f:3a:6b:98:f0:69:85:6e:27:7f:
                    a8:77:a1:8e:07:44:96:30:6f:aa:d0:61:25:8b:5f:
                    5c:1f:3a:57:fb:ac:7d:8b:16:59:1f:de:f7:19:54:
                    90:32:9d:42:da:f7:ad:4c:2a:04:04:14:80:a7:dc:
                    f6:e3:9f:c3:da:e0:23:f2:66:6b:a5:9f:9b:f1:a1:
                    cb:b8:1e:e6:28:49:3f:50:bc:ce:48:26:1d:f1:70:
                    40:3a:b6:60:07:80:15:06:68:28:4f:6d:a9:19:49:
                    87:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:32:50:E5:01:E2:17:DB:C4:A7:2E:D2:0B:94:A9:07:2A:59:37:EA
            X509v3 Authority Key Identifier:
                keyid:8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:77:b3:63:e3:61:f8:b9:49:ba:52:97:f6:59:f0:75:56:ee:
         06:65:b7:c4:8c:79:f9:ba:8b:66:8f:60:a0:ad:86:16:18:0a:
         91:fe:83:13:94:5f:33:e8:38:b3:7f:7c:48:8f:7a:2c:f3:a2:
         2d:a5:71:b1:64:32:f1:5d:99:3d:81:85:f5:22:0f:1a:f2:cf:
         f9:25:8e:46:22:79:c7:54:6c:e9:2a:16:9f:b8:c0:3b:21:a0:
         08:e8:69:1d:c3:00:a9:cf:fb:4c:25:60:57:bb:03:fa:46:76:
         62:75:a9:42:fa:70:2d:52:64:37:42:8f:c6:35:e6:b9:6b:49:
         ba:26:f8:2a:26:9e:52:33:63:4b:42:36:aa:3f:b4:6f:0c:57:
         e3:1d:2e:d5:bf:02:5a:5f:47:65:c4:d8:c8:96:26:d8:4a:d8:
         a6:8c:63:d0:9d:6c:a0:6d:f6:ea:ac:e7:ad:c3:97:47:d4:90:
         46:2e:73:ee:0c:3f:27:a7:04:c4:25:b4:2c:e0:d2:d8:11:fe:
         e0:6f:3c:be:5f:1d:7c:8b:82:79:c1:b4:10:e1:c8:2a:6c:9c:
         13:7c:be:d6:cb:6c:dd:22:0d:f4:f4:41:d8:96:41:b3:c2:77:
         a5:77:7b:93:8d:ef:d4:2b:d0:a8:1d:79:d8:b1:57:f1:8a:4d:
         6b:72:52:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NCb5zLwRgxpyeYyZlCVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzFjODM2MjBlZWIzNTEzMTI1N2I1YmZhZmFhYjM5MzQ1
MmM4OTEwHhcNMjUxMDE5MTYwMTE3WhcNMjUxMDIwMTYwMTE3WjAzMTEwLwYDVQQD
Eyg2MjMyNTBlNTAxZTIxN2RiYzRhNzJlZDIwYjk0YTkwNzJhNTkzN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszTsqvUulHF7PQBSCnlg60LzT98/
87hnGgu0ME8X21NjquRfIAVQkwke5b+yCRW+hULsuVt/zD2JVCitzHZxcMak/vCZ
HkbbqlOgTwaSllAqRl6hPKoHQDtUMK3KbDDHYvaOVvpnA69Y2hzJ8AuucFB0jQvb
Vt3FOG7HU9fxH/u/x1kefYxBWXFEeiedSclJOivckCw64kRxHn86a5jwaYVuJ3+o
d6GOB0SWMG+q0GEli19cHzpX+6x9ixZZH973GVSQMp1C2vetTCoEBBSAp9z245/D
2uAj8mZrpZ+b8aHLuB7mKEk/ULzOSCYd8XBAOrZgB4AVBmgoT22pGUmHoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGIyUOUB4hfbxKcu0guUqQcqWTfqMB8GA1UdIwQY
MBaAFIsxyDYg7rNRMSV7W/r6qzk0UsiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEt
Zjg0Njc0ZDQ2MzAzLzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEtZjg0Njc0ZDQ2MzAz
LzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnezY+Nh
+LlJulKX9lnwdVbuBmW3xIx5+bqLZo9goK2GFhgKkf6DE5RfM+g4s398SI96LPOi
LaVxsWQy8V2ZPYGF9SIPGvLP+SWORiJ5x1Rs6SoWn7jAOyGgCOhpHcMAqc/7TCVg
V7sD+kZ2YnWpQvpwLVJkN0KPxjXmuWtJuib4KiaeUjNjS0I2qj+0bwxX4x0u1b8C
Wl9HZcTYyJYm2ErYpoxj0J1soG326qznrcOXR9SQRi5z7gw/J6cExCW0LODS2BH+
4G88vl8dfIuCecG0EOHIKmycE3y+1sts3SIN9PRB2JZBs8J3pXd7k43v1CvQqB15
2LFX8YpNa3JS8A==
-----END CERTIFICATE-----