Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
File:                     FhQcZCnqr_caNR-yVz32A7uV8nA.mft (raw, json)
Hash identifier:          4rQRUTajPz6S5SweGiTaI5+tWSFbDxKQ7DLxqwA5gMw=
Subject key identifier:   DB:51:DB:2B:72:42:4E:83:FC:3A:EE:54:4B:31:62:7D:8F:20:CB:5F
Authority key identifier: 16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70
Certificate issuer:       /CN=16141c6429eaaff71a351fb2573df603bb95f270
Certificate serial:       0199FBEC0CF50EB34630EE9095A2D9DE7BB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
Manifest number:          0196
Signing time:             Sun 19 Oct 2025 10:02:54 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:54 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:54 +0000
Files and hashes:         1: FhQcZCnqr_caNR-yVz32A7uV8nA.crl (hash: ztHbwazGNMYvH0hthrYGkmvC3PGVgUScCLZTEnc3pU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:0c:f5:0e:b3:46:30:ee:90:95:a2:d9:de:7b:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16141c6429eaaff71a351fb2573df603bb95f270
        Validity
            Not Before: Oct 19 10:02:54 2025 GMT
            Not After : Oct 20 10:02:54 2025 GMT
        Subject: CN=db51db2b72424e83fc3aee544b31627d8f20cb5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a6:64:d5:24:6a:16:e5:54:c7:98:d2:d6:44:
                    c3:d0:10:cf:f3:4d:66:c6:b5:c5:c7:6d:68:7b:b9:
                    51:e8:0d:61:29:45:8f:21:42:36:28:a6:11:38:6d:
                    f0:50:39:07:b3:b2:14:61:27:a4:0a:cd:cf:ef:63:
                    4c:c3:2f:74:75:3c:3d:5c:66:43:1b:b7:90:62:89:
                    62:e0:3c:bf:9a:f6:05:a5:6c:43:76:1d:bc:78:a6:
                    be:76:53:b6:b6:7e:df:27:a4:3b:79:ff:7a:90:63:
                    1b:f0:10:9a:40:a3:16:35:3b:16:3b:03:a3:fe:cf:
                    e1:ef:8d:07:fd:0f:19:ae:2d:68:ba:49:9d:aa:43:
                    24:a4:8e:c5:23:68:47:f8:93:1c:7f:2b:8c:6c:e2:
                    e0:3e:45:8a:5c:36:c4:f2:58:53:62:76:40:04:1d:
                    49:ab:6b:6c:27:3e:b1:6b:e2:89:ab:33:0a:7a:35:
                    ba:5b:f8:f4:c6:26:b5:ae:d1:41:88:eb:0b:37:72:
                    17:d3:d2:4f:dd:8b:43:42:82:97:2f:d4:69:ec:f5:
                    f9:2d:6c:89:e1:ac:fe:d2:ed:cb:f4:f9:b5:6b:d4:
                    de:af:6e:e9:d4:42:b9:1f:8a:b4:ce:c3:d4:36:56:
                    22:47:6a:70:24:a1:08:cc:fd:2a:0d:f1:12:ba:3a:
                    d3:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:51:DB:2B:72:42:4E:83:FC:3A:EE:54:4B:31:62:7D:8F:20:CB:5F
            X509v3 Authority Key Identifier:
                keyid:16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:87:10:49:71:5f:77:c3:40:93:5e:32:45:1a:5e:49:a7:26:
         d2:b0:be:b6:70:e0:de:22:3f:09:f8:dd:8a:18:47:45:01:e2:
         9a:4b:7e:4c:80:e7:69:ae:97:e1:99:42:69:cd:eb:9c:70:4a:
         50:a7:9f:5e:01:d2:f9:1e:f0:3b:f2:bf:92:db:f6:c9:f7:0d:
         36:25:17:6b:05:71:70:ac:92:ed:31:aa:f1:37:22:af:d8:cc:
         d7:fe:33:43:eb:5f:a4:1a:ed:13:a5:77:42:0c:29:16:cb:08:
         18:a7:a3:b1:b4:03:dc:f0:41:16:08:c5:41:28:e4:44:fd:ee:
         52:f3:10:dc:69:4d:27:94:cc:f9:cf:64:49:64:1e:f0:7d:af:
         09:45:b5:2c:94:31:70:99:7f:df:f8:45:c4:65:14:f2:9a:f3:
         3a:9a:d8:c0:7c:09:ce:72:97:f7:82:bb:36:77:8a:c1:95:d1:
         1b:f4:5e:ff:f6:c5:c8:f3:d3:60:b1:ff:02:66:f5:85:55:5f:
         85:46:65:11:7a:33:37:bf:72:b1:e8:54:d7:fc:8f:79:10:c5:
         79:0f:64:db:0a:fa:a2:65:29:d7:11:cf:c3:05:6e:e0:a4:a2:
         48:bd:67:46:d5:8b:5a:c2:57:99:76:a2:00:5c:45:36:84:f4:
         71:61:0e:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77Az1DrNGMO6QlaLZ3nuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MTQxYzY0MjllYWFmZjcxYTM1MWZiMjU3M2RmNjAzYmI5
NWYyNzAwHhcNMjUxMDE5MTAwMjU0WhcNMjUxMDIwMTAwMjU0WjAzMTEwLwYDVQQD
EyhkYjUxZGIyYjcyNDI0ZTgzZmMzYWVlNTQ0YjMxNjI3ZDhmMjBjYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Zk1SRqFuVUx5jS1kTD0BDP801m
xrXFx21oe7lR6A1hKUWPIUI2KKYROG3wUDkHs7IUYSekCs3P72NMwy90dTw9XGZD
G7eQYoli4Dy/mvYFpWxDdh28eKa+dlO2tn7fJ6Q7ef96kGMb8BCaQKMWNTsWOwOj
/s/h740H/Q8Zri1oukmdqkMkpI7FI2hH+JMcfyuMbOLgPkWKXDbE8lhTYnZABB1J
q2tsJz6xa+KJqzMKejW6W/j0xia1rtFBiOsLN3IX09JP3YtDQoKXL9Rp7PX5LWyJ
4az+0u3L9Pm1a9Ter27p1EK5H4q0zsPUNlYiR2pwJKEIzP0qDfESujrT4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtR2ytyQk6D/DruVEsxYn2PIMtfMB8GA1UdIwQY
MBaAFBYUHGQp6q/3GjUfslc99gO7lfJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQt
NWQ4ZmNlMGEwYmIyLzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQtNWQ4ZmNlMGEwYmIy
LzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgIcQSXFf
d8NAk14yRRpeSacm0rC+tnDg3iI/CfjdihhHRQHimkt+TIDnaa6X4ZlCac3rnHBK
UKefXgHS+R7wO/K/ktv2yfcNNiUXawVxcKyS7TGq8Tcir9jM1/4zQ+tfpBrtE6V3
QgwpFssIGKejsbQD3PBBFgjFQSjkRP3uUvMQ3GlNJ5TM+c9kSWQe8H2vCUW1LJQx
cJl/3/hFxGUU8przOprYwHwJznKX94K7NneKwZXRG/Re//bFyPPTYLH/Amb1hVVf
hUZlEXozN79ysehU1/yPeRDFeQ9k2wr6omUp1xHPwwVu4KSiSL1nRtWLWsJXmXai
AFxFNoT0cWEOPg==
-----END CERTIFICATE-----