Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
File:                     Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft (raw, json)
Hash identifier:          Xdpq3RmXkiyp+vV931fomex3i88ZqtA5PnlKxuCkLsA=
Subject key identifier:   FE:52:97:B0:DB:D2:AA:C6:D2:FC:41:25:9C:05:A5:0A:0F:13:67:A2
Authority key identifier: 4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14
Certificate issuer:       /CN=4b177c450d2035067baa26920b8a4bd36c7b3314
Certificate serial:       0199FFC8A5CFAD66C2F374E904CFC24376BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
Manifest number:          0DF6
Signing time:             Mon 20 Oct 2025 04:02:43 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:43 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:43 +0000
Files and hashes:         1: Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl (hash: a2CJNqKi9tZnDVdwgpX1a1dGRpUUOGcXhnRPNyjPd3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:a5:cf:ad:66:c2:f3:74:e9:04:cf:c2:43:76:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b177c450d2035067baa26920b8a4bd36c7b3314
        Validity
            Not Before: Oct 20 04:02:43 2025 GMT
            Not After : Oct 21 04:02:43 2025 GMT
        Subject: CN=fe5297b0dbd2aac6d2fc41259c05a50a0f1367a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:f8:37:9b:f7:1e:db:e3:4c:9d:a5:89:d1:f3:
                    bc:b9:c7:3b:68:73:9d:2f:32:df:5c:5d:8e:8e:66:
                    fd:66:e7:06:89:7c:f6:5b:60:45:e7:79:44:36:3c:
                    15:2e:2a:9a:12:48:c2:b1:75:9b:7c:6d:5f:eb:b0:
                    d4:fa:a0:90:ff:66:e4:8d:03:51:42:5b:65:32:f7:
                    55:a9:70:43:59:cd:7b:52:94:ee:8e:25:b7:93:1c:
                    34:d9:51:45:87:57:9f:0d:59:1f:a0:31:e9:67:4c:
                    f2:6b:13:d4:7b:05:e4:99:00:95:96:a2:9b:d5:3c:
                    d9:e4:69:2d:31:f9:d5:9b:09:f7:a2:55:06:0b:c6:
                    07:4a:c6:e2:22:e7:5d:00:c9:ef:69:a5:ca:6a:e2:
                    51:09:00:24:f6:b3:09:81:b8:1b:3a:ca:70:5c:03:
                    65:12:85:0e:bf:ff:25:a2:29:f8:e1:40:f2:8f:23:
                    25:53:e8:d1:15:43:fe:a1:68:e6:80:ce:63:1d:ee:
                    09:75:19:2e:e7:6c:d2:01:43:6a:46:d3:60:39:45:
                    10:3a:71:84:9b:82:84:34:b3:83:1f:84:2d:86:fb:
                    5a:90:b8:c0:a6:61:8d:a6:d9:9c:4a:e0:64:68:2c:
                    f0:fd:f2:57:cc:9d:43:b4:f3:79:f8:79:af:f3:75:
                    16:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:52:97:B0:DB:D2:AA:C6:D2:FC:41:25:9C:05:A5:0A:0F:13:67:A2
            X509v3 Authority Key Identifier:
                keyid:4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:6e:55:9a:fa:fa:09:14:de:24:49:b0:13:e4:11:3c:fb:c7:
         02:96:2d:e0:6a:36:f1:0b:91:1e:c2:93:4c:12:0b:1b:6a:36:
         2e:0d:38:82:31:e7:7d:d7:c4:9e:c7:58:60:0c:f7:03:0b:3c:
         31:30:5a:d5:3a:96:4a:30:cc:00:d5:76:0b:61:ac:16:15:a4:
         0f:aa:fc:6b:d8:eb:5b:2c:ad:b7:8d:9b:37:81:bf:dc:90:e0:
         a0:03:8e:7a:0d:69:10:50:6b:b5:47:e3:a1:ac:40:0b:27:a2:
         c2:3d:7f:28:07:8c:8f:f2:f5:ca:82:6f:4f:c7:cf:12:d5:4b:
         e0:ed:85:fd:f5:3c:8b:26:1a:5d:78:1b:4b:07:32:15:ca:51:
         6e:65:57:6b:7e:e8:2e:d2:bc:6a:7d:f1:15:b2:ea:6f:a4:16:
         e6:23:5d:f2:ba:47:b4:3c:10:4f:11:79:df:f7:ac:77:d9:0c:
         dc:57:9b:7f:22:03:42:2d:df:e9:0b:eb:c2:9e:35:18:e9:00:
         99:8f:36:21:ef:97:80:c1:65:73:73:23:cf:17:ec:1c:49:6d:
         52:f9:01:8a:4b:6e:04:2c:2d:e0:18:29:88:e2:d9:29:00:6c:
         eb:f1:a4:80:b2:44:27:f1:8a:8b:02:21:50:bd:74:1c:14:92:
         cf:2c:16:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yKXPrWbC83TpBM/CQ3a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMTc3YzQ1MGQyMDM1MDY3YmFhMjY5MjBiOGE0YmQzNmM3
YjMzMTQwHhcNMjUxMDIwMDQwMjQzWhcNMjUxMDIxMDQwMjQzWjAzMTEwLwYDVQQD
EyhmZTUyOTdiMGRiZDJhYWM2ZDJmYzQxMjU5YzA1YTUwYTBmMTM2N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPg3m/ce2+NMnaWJ0fO8ucc7aHOd
LzLfXF2Ojmb9ZucGiXz2W2BF53lENjwVLiqaEkjCsXWbfG1f67DU+qCQ/2bkjQNR
QltlMvdVqXBDWc17UpTujiW3kxw02VFFh1efDVkfoDHpZ0zyaxPUewXkmQCVlqKb
1TzZ5GktMfnVmwn3olUGC8YHSsbiIuddAMnvaaXKauJRCQAk9rMJgbgbOspwXANl
EoUOv/8loin44UDyjyMlU+jRFUP+oWjmgM5jHe4JdRku52zSAUNqRtNgOUUQOnGE
m4KENLODH4QthvtakLjApmGNptmcSuBkaCzw/fJXzJ1DtPN5+Hmv83UWDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5Sl7Db0qrG0vxBJZwFpQoPE2eiMB8GA1UdIwQY
MBaAFEsXfEUNIDUGe6omkguKS9NsezMUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUt
OGQ3YjczNmE2OTVjLzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUtOGQ3YjczNmE2OTVj
LzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIW5Vmvr6
CRTeJEmwE+QRPPvHApYt4Go28QuRHsKTTBILG2o2Lg04gjHnfdfEnsdYYAz3Aws8
MTBa1TqWSjDMANV2C2GsFhWkD6r8a9jrWyytt42bN4G/3JDgoAOOeg1pEFBrtUfj
oaxACyeiwj1/KAeMj/L1yoJvT8fPEtVL4O2F/fU8iyYaXXgbSwcyFcpRbmVXa37o
LtK8an3xFbLqb6QW5iNd8rpHtDwQTxF53/esd9kM3FebfyIDQi3f6Qvrwp41GOkA
mY82Ie+XgMFlc3MjzxfsHEltUvkBiktuBCwt4BgpiOLZKQBs6/GkgLJEJ/GKiwIh
UL10HBSSzywWRA==
-----END CERTIFICATE-----