Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
File:                     XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json)
Hash identifier:          7UDZwmUSN0HbYVeCsAUvr0o5gPynqUpASV8nXvu6hQU=
Subject key identifier:   F7:66:85:F4:BC:EF:1F:6E:D9:39:5E:96:D0:4D:A2:27:DB:90:90:61
Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46
Certificate issuer:       /CN=5f3a03eafa04c83923bd86932461850df5f78146
Certificate serial:       0199FD33F1E1D08ACEFBF6337A417DB0B8B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
Manifest number:          133D
Signing time:             Sun 19 Oct 2025 16:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:03 +0000
Files and hashes:         1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: CSQdDlQIiY4jY4v9KsFebn8esZFPeh3UDIJEfOQlSIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:33:f1:e1:d0:8a:ce:fb:f6:33:7a:41:7d:b0:b8:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146
        Validity
            Not Before: Oct 19 16:01:03 2025 GMT
            Not After : Oct 20 16:01:03 2025 GMT
        Subject: CN=f76685f4bcef1f6ed9395e96d04da227db909061
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:2d:f3:df:59:7a:da:e7:f0:18:84:ed:8c:b4:
                    54:68:c8:97:be:27:d8:fa:f4:c9:bc:c7:46:c0:14:
                    49:ec:3f:6c:70:b1:d3:17:20:48:8f:87:5c:98:d7:
                    e9:cb:c8:2f:f3:59:d0:8e:d4:69:48:60:ba:77:9e:
                    9c:7d:ab:85:03:b5:80:44:46:ea:d9:d1:6a:7c:fb:
                    6d:6b:24:c5:a1:1e:2f:f3:c5:b4:4f:28:ba:17:e0:
                    c0:3f:c2:a5:30:46:6f:0e:3b:55:19:11:16:25:47:
                    ef:18:55:3f:4b:61:ea:11:ea:35:cd:65:f3:4c:2f:
                    66:ec:a9:e8:34:ff:39:67:9e:03:40:63:7a:ae:08:
                    a9:78:27:17:14:85:c0:a7:d3:20:71:4e:1e:1c:a1:
                    0f:be:b4:41:b3:3c:39:b4:b0:7e:4b:3f:9f:3d:72:
                    e8:91:33:a2:f6:21:3a:d2:06:f0:55:61:90:59:f4:
                    62:78:4f:32:a8:5a:9a:2f:80:0d:34:21:e1:12:cf:
                    98:e0:80:ad:ee:66:1c:97:0a:03:d6:3f:f6:b8:a0:
                    f1:08:69:98:65:ae:3a:4e:7c:06:6e:a9:40:19:d0:
                    88:c1:f6:dc:b9:dc:02:a8:76:3c:8f:b7:34:f2:d5:
                    1b:6e:aa:79:17:99:db:eb:1b:c8:86:4f:4a:0e:1b:
                    6c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:66:85:F4:BC:EF:1F:6E:D9:39:5E:96:D0:4D:A2:27:DB:90:90:61
            X509v3 Authority Key Identifier:
                keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:9e:b5:f2:9c:bc:b3:e7:b6:cf:89:ff:1a:e9:06:5b:89:da:
         93:2e:21:a3:eb:53:31:6c:e3:4f:66:0a:1b:6a:1c:c7:27:4e:
         ca:cb:11:b0:3a:86:22:c3:f1:47:3b:a9:bf:bb:ab:59:3b:b7:
         58:27:f3:cc:05:90:82:e6:17:a9:2d:17:a6:9e:b6:29:1f:68:
         0e:57:4e:a4:43:f9:27:77:3a:b6:15:7c:47:8e:24:65:f6:1c:
         4d:34:c6:9b:41:97:0b:5e:cb:09:08:04:14:80:b7:51:1a:7e:
         9e:bb:37:cd:43:e5:78:9d:f6:38:4b:4c:c5:b8:86:22:4a:f1:
         b9:5d:95:8c:41:c3:41:a4:47:db:5c:4c:70:41:d5:2e:b4:4f:
         49:f5:09:18:b1:56:40:55:dc:3c:19:36:89:3c:5a:05:fe:e7:
         b6:18:98:07:7b:3f:8e:d3:5d:a6:05:98:d6:3a:7b:a9:6b:98:
         24:02:bd:ba:4c:7a:60:60:85:37:80:a8:ef:9c:59:bb:6a:3c:
         f3:9d:c8:17:6b:19:b5:0e:73:94:69:2b:8d:d0:a4:39:1f:88:
         0e:dc:de:e5:ce:8a:41:95:64:10:81:03:d8:e8:63:a1:03:92:
         68:ad:b9:e7:2c:9a:14:6a:1c:11:3e:96:ae:5f:91:4c:34:7d:
         39:ea:d2:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9M/Hh0IrO+/YzekF9sLizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm
NzgxNDYwHhcNMjUxMDE5MTYwMTAzWhcNMjUxMDIwMTYwMTAzWjAzMTEwLwYDVQQD
EyhmNzY2ODVmNGJjZWYxZjZlZDkzOTVlOTZkMDRkYTIyN2RiOTA5MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty3z31l62ufwGITtjLRUaMiXvifY
+vTJvMdGwBRJ7D9scLHTFyBIj4dcmNfpy8gv81nQjtRpSGC6d56cfauFA7WAREbq
2dFqfPttayTFoR4v88W0Tyi6F+DAP8KlMEZvDjtVGREWJUfvGFU/S2HqEeo1zWXz
TC9m7KnoNP85Z54DQGN6rgipeCcXFIXAp9MgcU4eHKEPvrRBszw5tLB+Sz+fPXLo
kTOi9iE60gbwVWGQWfRieE8yqFqaL4ANNCHhEs+Y4ICt7mYclwoD1j/2uKDxCGmY
Za46TnwGbqlAGdCIwfbcudwCqHY8j7c08tUbbqp5F5nb6xvIhk9KDhtsEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdmhfS87x9u2TleltBNoifbkJBhMB8GA1UdIwQY
MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt
ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk
LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnp618py8
s+e2z4n/GukGW4naky4ho+tTMWzjT2YKG2ocxydOyssRsDqGIsPxRzupv7urWTu3
WCfzzAWQguYXqS0Xpp62KR9oDldOpEP5J3c6thV8R44kZfYcTTTGm0GXC17LCQgE
FIC3URp+nrs3zUPleJ32OEtMxbiGIkrxuV2VjEHDQaRH21xMcEHVLrRPSfUJGLFW
QFXcPBk2iTxaBf7nthiYB3s/jtNdpgWY1jp7qWuYJAK9ukx6YGCFN4Co75xZu2o8
853IF2sZtQ5zlGkrjdCkOR+IDtze5c6KQZVkEIED2OhjoQOSaK255yyaFGocET6W
rl+RTDR9OerSrQ==
-----END CERTIFICATE-----