Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft
File:                     4CzXYQ92Hg7SUq57ufMPHisXtec.mft (raw, json)
Hash identifier:          XIakl3/QBnRv13OOt1K+yH69TT54nraS6u1mDJpzYMc=
Subject key identifier:   A8:88:E6:F9:75:2E:44:D6:E3:D1:22:2E:A4:AF:B1:D3:F1:09:23:A1
Authority key identifier: E0:2C:D7:61:0F:76:1E:0E:D2:52:AE:7B:B9:F3:0F:1E:2B:17:B5:E7
Certificate issuer:       /CN=e02cd7610f761e0ed252ae7bb9f30f1e2b17b5e7
Certificate serial:       0199FC58563ED08D968068A42B191E954A33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft
Manifest number:          1373
Signing time:             Sun 19 Oct 2025 12:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:11 +0000
Files and hashes:         1: 4CzXYQ92Hg7SUq57ufMPHisXtec.crl (hash: qIvM7jvdFSQLrIxgf4q6mi4Vw1FnPJAWqT6O8qnnCAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:56:3e:d0:8d:96:80:68:a4:2b:19:1e:95:4a:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e02cd7610f761e0ed252ae7bb9f30f1e2b17b5e7
        Validity
            Not Before: Oct 19 12:01:11 2025 GMT
            Not After : Oct 20 12:01:11 2025 GMT
        Subject: CN=a888e6f9752e44d6e3d1222ea4afb1d3f10923a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:27:58:d5:c1:62:fd:23:70:99:26:9b:37:e8:
                    ec:1a:46:ed:39:97:b9:86:a1:73:78:3b:9f:f0:3c:
                    83:01:90:cf:b1:59:6e:af:08:25:e5:fe:90:03:d2:
                    20:93:fe:8a:88:cf:fb:ec:73:d9:14:7b:eb:1a:37:
                    5f:62:72:6e:6d:c0:a9:9d:ee:7b:a7:c0:ea:f1:74:
                    9e:45:39:55:d8:9d:3b:8e:fb:2c:5f:a9:ad:22:6c:
                    a8:c9:1a:04:ce:d7:2c:5b:87:52:a5:12:45:22:52:
                    2a:69:b1:0b:06:e1:85:9a:0e:18:14:91:fd:32:98:
                    b2:96:e7:3d:17:5d:bd:98:7f:c8:83:03:a9:f6:86:
                    bb:f6:e1:31:f0:86:5a:8c:ba:da:bf:1b:b4:f1:ab:
                    fd:da:12:17:77:bf:0c:ad:3e:58:1a:3a:36:5e:72:
                    05:ab:3b:3d:0e:7f:f7:df:36:db:9d:c6:71:9a:e7:
                    03:fa:b0:73:55:1d:5e:00:82:c9:ea:b9:8a:f3:bf:
                    54:17:98:61:f6:a3:28:6c:56:94:ac:bc:4e:93:44:
                    4d:4e:9d:57:9e:8b:8f:c4:e1:c1:4a:3c:1a:22:3f:
                    a9:ee:bc:37:09:30:63:f9:25:66:32:05:e9:dc:0c:
                    b5:72:6f:ff:3f:1a:fc:c4:14:60:2a:da:a9:a7:e0:
                    86:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:88:E6:F9:75:2E:44:D6:E3:D1:22:2E:A4:AF:B1:D3:F1:09:23:A1
            X509v3 Authority Key Identifier:
                keyid:E0:2C:D7:61:0F:76:1E:0E:D2:52:AE:7B:B9:F3:0F:1E:2B:17:B5:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:c0:3a:fc:86:ec:86:c9:34:ed:37:f7:7a:76:54:4e:ce:f3:
         40:72:f8:5f:03:0c:3c:c5:bf:a5:78:97:fd:2b:ab:5f:33:eb:
         14:6e:a8:cb:bf:ec:6b:3d:1d:65:c1:0d:48:3d:5d:d4:fd:27:
         2e:0c:54:db:6a:1d:01:f1:f5:db:8e:6b:77:40:56:fc:80:07:
         f0:a5:b1:15:f6:fd:0f:03:db:2b:d9:31:d3:68:26:59:d0:f7:
         2b:77:fa:18:de:a5:20:cd:72:30:98:fe:cd:0a:26:2e:cb:f4:
         b1:09:e9:e8:71:22:6b:1e:4c:54:c5:c9:3a:c5:c0:aa:0b:e8:
         ae:ac:4f:9d:c5:d7:65:3c:e7:39:91:fb:2d:43:e3:ca:97:af:
         d3:b1:b4:68:e0:76:98:09:75:dd:ec:0f:95:cf:97:d1:60:66:
         56:8e:6e:3e:ec:cd:9d:89:1b:20:4a:a0:93:7b:0f:dc:a0:3a:
         3e:b9:92:57:41:06:2e:ab:3a:49:a7:be:83:5d:e2:ec:73:d7:
         9e:2e:69:10:0b:9c:36:7b:df:c5:6d:8e:d7:d1:1d:f1:b1:e3:
         98:50:b9:fa:38:b9:32:62:b1:f4:4c:b1:83:7c:fb:a3:6a:45:
         9c:bc:d0:9c:da:92:f0:9b:e2:a9:42:41:3b:4f:da:0b:d5:90:
         e3:53:a7:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WFY+0I2WgGikKxkelUozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMmNkNzYxMGY3NjFlMGVkMjUyYWU3YmI5ZjMwZjFlMmIx
N2I1ZTcwHhcNMjUxMDE5MTIwMTExWhcNMjUxMDIwMTIwMTExWjAzMTEwLwYDVQQD
EyhhODg4ZTZmOTc1MmU0NGQ2ZTNkMTIyMmVhNGFmYjFkM2YxMDkyM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqydY1cFi/SNwmSabN+jsGkbtOZe5
hqFzeDuf8DyDAZDPsVlurwgl5f6QA9Igk/6KiM/77HPZFHvrGjdfYnJubcCpne57
p8Dq8XSeRTlV2J07jvssX6mtImyoyRoEztcsW4dSpRJFIlIqabELBuGFmg4YFJH9
Mpiyluc9F129mH/IgwOp9oa79uEx8IZajLravxu08av92hIXd78MrT5YGjo2XnIF
qzs9Dn/33zbbncZxmucD+rBzVR1eAILJ6rmK879UF5hh9qMobFaUrLxOk0RNTp1X
nouPxOHBSjwaIj+p7rw3CTBj+SVmMgXp3Ay1cm//Pxr8xBRgKtqpp+CGgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiI5vl1LkTW49EiLqSvsdPxCSOhMB8GA1UdIwQY
MBaAFOAs12EPdh4O0lKue7nzDx4rF7XnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iZGJlZTktNWVlZS00NTYxLWE1MjMt
OTQzNTE1OWM5M2ViLzEvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iZGJlZTktNWVlZS00NTYxLWE1MjMtOTQzNTE1OWM5M2Vi
LzEvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL8A6/Ibs
hsk07Tf3enZUTs7zQHL4XwMMPMW/pXiX/SurXzPrFG6oy7/saz0dZcENSD1d1P0n
LgxU22odAfH1245rd0BW/IAH8KWxFfb9DwPbK9kx02gmWdD3K3f6GN6lIM1yMJj+
zQomLsv0sQnp6HEiax5MVMXJOsXAqgvorqxPncXXZTznOZH7LUPjypev07G0aOB2
mAl13ewPlc+X0WBmVo5uPuzNnYkbIEqgk3sP3KA6PrmSV0EGLqs6Sae+g13i7HPX
ni5pEAucNnvfxW2O19Ed8bHjmFC5+ji5MmKx9Eyxg3z7o2pFnLzQnNqS8JviqUJB
O0/aC9WQ41OnDg==
-----END CERTIFICATE-----