Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          zuMMwHTMoOzneHR3dHjDaiDjSgfzOK2PNfFV855L4tI=
Subject key identifier:   3A:76:44:D5:36:17:50:E6:DF:A8:6F:A8:51:E9:1E:56:E4:D3:BE:6A
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       0199FC217B31CB1D8355D2A1D3CEEFD8FA83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 11:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:16 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: PmI2Za8uaHoWY1PbJuSpiE2axAfOnJ3en/Kqfu5SMsI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:7b:31:cb:1d:83:55:d2:a1:d3:ce:ef:d8:fa:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Oct 19 11:01:16 2025 GMT
            Not After : Oct 20 11:01:16 2025 GMT
        Subject: CN=3a7644d5361750e6dfa86fa851e91e56e4d3be6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c7:c4:d9:1b:3d:1d:fb:8a:ee:b3:ee:b6:ec:
                    78:2c:17:de:a3:a3:49:42:f7:20:00:bc:25:60:87:
                    3d:e1:69:75:87:22:9d:0d:30:8c:b1:de:93:ec:72:
                    18:d1:4d:52:a0:f0:4b:07:0b:d7:cc:e5:d5:65:8b:
                    c6:53:21:76:f4:31:f7:a4:a1:a2:09:90:6a:f9:fb:
                    25:e1:59:1c:78:f9:cc:6c:e7:0c:41:a4:c7:ef:d1:
                    e4:78:b6:0d:a8:ca:7b:c9:23:2f:04:5a:99:b9:c1:
                    94:e7:b2:39:36:96:f0:64:1c:d3:88:3e:59:9b:e9:
                    be:75:15:a2:52:f2:9c:83:42:c4:0d:6c:0a:f4:5b:
                    0f:4f:b7:b2:d7:ce:80:f9:ac:52:24:5a:42:96:03:
                    6e:cb:c0:52:b2:c7:e8:ec:1a:a9:61:a5:7a:58:20:
                    a1:23:1d:e6:4f:e4:e0:cf:7f:c8:43:64:c5:e3:a0:
                    b6:5c:6e:4d:7a:0f:1f:3d:a9:b7:53:7c:5b:a8:92:
                    a7:b4:be:ae:13:96:61:b0:c5:9d:d4:d2:cd:a2:04:
                    86:cf:35:51:c1:95:63:30:cb:de:a1:5b:01:e4:47:
                    b5:70:b5:7f:96:57:9b:3e:1e:22:85:ab:b0:eb:1c:
                    f5:d6:3c:00:b3:d5:e5:65:dc:6a:18:d2:c1:47:5d:
                    83:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:76:44:D5:36:17:50:E6:DF:A8:6F:A8:51:E9:1E:56:E4:D3:BE:6A
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:4f:ca:6e:aa:c5:9d:81:46:55:77:a4:9a:02:7d:b7:d6:b4:
         00:89:de:f2:53:88:77:63:94:c7:9a:0d:a8:c0:9b:c9:b7:f4:
         89:57:3b:be:26:b6:dd:e0:1d:c8:e1:05:b7:12:19:18:5c:4c:
         1c:3c:23:9b:1c:7d:e9:10:5d:1c:da:34:36:87:d5:24:00:34:
         eb:9f:9a:e8:fd:c3:ed:5e:f1:6a:1c:d3:35:32:1f:1d:80:38:
         2a:08:8e:32:71:94:de:16:5a:ab:a2:23:9f:f2:90:0e:b7:38:
         84:c7:34:4b:72:ab:98:ae:8a:ad:c3:79:1b:77:45:c5:70:c9:
         f3:c5:08:68:3c:fb:ba:1e:65:7b:4f:ca:2b:ed:15:f5:c7:42:
         8c:f9:5b:ba:7a:3f:ee:41:d4:ba:8e:07:61:50:f7:a2:71:83:
         ae:d7:a1:10:26:52:a6:86:7d:07:a0:2f:66:f6:44:a3:9f:fd:
         06:f6:b1:58:96:0d:32:3d:4b:84:de:8a:ee:b2:59:a2:f6:02:
         d1:a0:79:af:25:33:84:8c:71:bd:5b:93:28:45:69:62:1b:6a:
         69:f2:b2:78:25:3c:c5:30:f0:1b:d9:ea:ec:22:24:7f:5d:c7:
         43:cb:66:9c:72:97:92:7e:2c:93:f4:2f:ef:56:ce:23:b2:e6:
         1a:a0:28:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IXsxyx2DVdKh087v2PqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjUxMDE5MTEwMTE2WhcNMjUxMDIwMTEwMTE2WjAzMTEwLwYDVQQD
EygzYTc2NDRkNTM2MTc1MGU2ZGZhODZmYTg1MWU5MWU1NmU0ZDNiZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8fE2Rs9HfuK7rPutux4LBfeo6NJ
QvcgALwlYIc94Wl1hyKdDTCMsd6T7HIY0U1SoPBLBwvXzOXVZYvGUyF29DH3pKGi
CZBq+fsl4VkcePnMbOcMQaTH79HkeLYNqMp7ySMvBFqZucGU57I5NpbwZBzTiD5Z
m+m+dRWiUvKcg0LEDWwK9FsPT7ey186A+axSJFpClgNuy8BSssfo7BqpYaV6WCCh
Ix3mT+Tgz3/IQ2TF46C2XG5Neg8fPam3U3xbqJKntL6uE5ZhsMWd1NLNogSGzzVR
wZVjMMveoVsB5Ee1cLV/llebPh4ihauw6xz11jwAs9XlZdxqGNLBR12DUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDp2RNU2F1Dm36hvqFHpHlbk075qMB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAik/KbqrF
nYFGVXekmgJ9t9a0AIne8lOId2OUx5oNqMCbybf0iVc7via23eAdyOEFtxIZGFxM
HDwjmxx96RBdHNo0NofVJAA065+a6P3D7V7xahzTNTIfHYA4KgiOMnGU3hZaq6Ij
n/KQDrc4hMc0S3KrmK6KrcN5G3dFxXDJ88UIaDz7uh5le0/KK+0V9cdCjPlbuno/
7kHUuo4HYVD3onGDrtehECZSpoZ9B6AvZvZEo5/9BvaxWJYNMj1LhN6K7rJZovYC
0aB5ryUzhIxxvVuTKEVpYhtqafKyeCU8xTDwG9nq7CIkf13HQ8tmnHKXkn4sk/Qv
71bOI7LmGqAouw==
-----END CERTIFICATE-----