Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.mft
File:                     FK5SmozFunaS25UmkqCLVCJLvzY.mft (raw, json)
Hash identifier:          1/S2gDnwhGQ3rU4/ROva2cgSnLX8OmnrZIJym38h3Ok=
Subject key identifier:   BB:FC:60:39:2E:26:75:DD:FB:3D:B3:BD:60:9E:56:A2:F7:19:C7:21
Authority key identifier: 14:AE:52:9A:8C:C5:BA:76:92:DB:95:26:92:A0:8B:54:22:4B:BF:36
Certificate issuer:       /CN=14ae529a8cc5ba7692db952692a08b54224bbf36
Certificate serial:       0199FFFE5BBD65048892FE3E9A542ABD0020
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FK5SmozFunaS25UmkqCLVCJLvzY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.mft
Manifest number:          16E0
Signing time:             Mon 20 Oct 2025 05:01:23 +0000
Manifest this update:     Mon 20 Oct 2025 05:01:23 +0000
Manifest next update:     Tue 21 Oct 2025 05:01:23 +0000
Files and hashes:         1: FK5SmozFunaS25UmkqCLVCJLvzY.crl (hash: VKZU20Hd0fLExZhiDxorMttFWoAWpxfTJawCwEgWHlU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FK5SmozFunaS25UmkqCLVCJLvzY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 05:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:fe:5b:bd:65:04:88:92:fe:3e:9a:54:2a:bd:00:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14ae529a8cc5ba7692db952692a08b54224bbf36
        Validity
            Not Before: Oct 20 05:01:23 2025 GMT
            Not After : Oct 21 05:01:23 2025 GMT
        Subject: CN=bbfc60392e2675ddfb3db3bd609e56a2f719c721
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cc:52:f4:34:05:7d:40:64:24:4e:a1:83:69:
                    05:5e:b9:1c:79:fd:59:c7:8d:7d:7f:d5:97:cc:e4:
                    b2:4c:b1:d5:ed:5d:2e:70:1f:d9:02:ff:06:67:69:
                    1b:74:c8:b9:d2:41:bd:db:1c:6e:7e:ea:52:ca:7f:
                    9b:7a:e3:cf:32:c9:64:de:49:6f:8a:e5:c9:07:45:
                    86:ed:8d:fd:82:fd:a2:8e:fb:a6:42:31:96:f1:90:
                    e4:7c:2d:59:78:f0:4a:8c:6d:5b:d4:06:f8:94:4b:
                    fe:eb:1a:eb:c1:95:cf:a6:5a:51:85:5c:26:96:dd:
                    b1:b5:f4:2c:10:59:66:57:67:b5:28:05:62:04:16:
                    b5:50:8e:9b:c4:54:27:08:ac:31:a1:9b:04:e8:6d:
                    bd:d0:79:9e:eb:93:da:1d:9c:5e:1d:42:6b:87:e3:
                    97:63:47:06:5e:11:e1:de:2b:a8:83:af:31:3e:68:
                    3d:72:13:32:2f:eb:60:67:11:3e:4b:38:00:5e:7c:
                    59:c9:59:8a:f3:d2:e3:ce:12:62:60:ba:e5:28:00:
                    f3:e0:79:d1:40:12:62:c0:88:b3:a3:9c:77:67:85:
                    26:6d:3d:08:a2:6c:1c:00:83:98:ba:83:be:7b:55:
                    a4:7d:4f:79:db:cf:d8:f6:2d:19:b7:0b:c5:8e:53:
                    71:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:FC:60:39:2E:26:75:DD:FB:3D:B3:BD:60:9E:56:A2:F7:19:C7:21
            X509v3 Authority Key Identifier:
                keyid:14:AE:52:9A:8C:C5:BA:76:92:DB:95:26:92:A0:8B:54:22:4B:BF:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FK5SmozFunaS25UmkqCLVCJLvzY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:2e:7a:ee:5b:8e:a9:a7:cd:89:73:83:ad:bf:c9:48:03:e6:
         fe:c8:29:44:25:12:b6:f1:98:69:d9:7e:cb:29:7f:96:2a:5f:
         af:24:dc:d7:ef:85:e2:6c:9b:c0:c8:fe:f9:db:4f:c7:7c:7f:
         ff:a6:45:f6:7f:c8:be:8e:0c:e2:39:b0:ca:ae:b6:83:98:3c:
         0f:53:94:0d:27:fc:51:df:7f:c6:41:57:0c:e5:5f:c5:4d:90:
         2a:89:7f:c1:c9:ac:86:36:b4:19:d1:22:ac:74:0d:89:05:64:
         74:19:f8:d1:44:8e:a2:07:d5:f4:98:14:7a:02:ac:56:bf:00:
         8f:70:c3:df:29:e7:2a:f7:f2:32:78:ed:f5:a6:b5:1c:17:c8:
         f3:56:b4:6e:59:aa:c9:5a:99:23:6b:a2:a3:36:1b:ba:f5:3c:
         f6:5c:40:58:69:7e:a0:b2:37:f9:d5:fd:59:24:c6:00:2f:fe:
         25:9a:29:01:c6:06:d3:ee:cf:ea:27:8e:d4:23:72:b5:b5:67:
         c2:af:40:55:a2:1e:33:96:47:df:ca:4e:db:ed:0b:62:a9:75:
         ae:f0:21:f0:92:fe:44:23:b6:7a:cd:8a:97:e5:df:14:14:d0:
         6a:51:e1:98:74:77:13:af:27:ec:0a:30:6f:c5:43:18:3a:a8:
         92:90:6e:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//lu9ZQSIkv4+mlQqvQAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YWU1MjlhOGNjNWJhNzY5MmRiOTUyNjkyYTA4YjU0MjI0
YmJmMzYwHhcNMjUxMDIwMDUwMTIzWhcNMjUxMDIxMDUwMTIzWjAzMTEwLwYDVQQD
EyhiYmZjNjAzOTJlMjY3NWRkZmIzZGIzYmQ2MDllNTZhMmY3MTljNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsxS9DQFfUBkJE6hg2kFXrkcef1Z
x419f9WXzOSyTLHV7V0ucB/ZAv8GZ2kbdMi50kG92xxufupSyn+beuPPMslk3klv
iuXJB0WG7Y39gv2ijvumQjGW8ZDkfC1ZePBKjG1b1Ab4lEv+6xrrwZXPplpRhVwm
lt2xtfQsEFlmV2e1KAViBBa1UI6bxFQnCKwxoZsE6G290Hme65PaHZxeHUJrh+OX
Y0cGXhHh3iuog68xPmg9chMyL+tgZxE+SzgAXnxZyVmK89LjzhJiYLrlKADz4HnR
QBJiwIizo5x3Z4UmbT0IomwcAIOYuoO+e1WkfU9528/Y9i0ZtwvFjlNx+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLv8YDkuJnXd+z2zvWCeVqL3GcchMB8GA1UdIwQY
MBaAFBSuUpqMxbp2ktuVJpKgi1QiS782MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRks1U21vekZ1bmFTMjVVbWtxQ0xWQ0pMdnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83NmVhNzctMTc1Ny00ZGIyLWEwODMt
ZDIxOGZiM2MxMzdiLzEvRks1U21vekZ1bmFTMjVVbWtxQ0xWQ0pMdnpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83NmVhNzctMTc1Ny00ZGIyLWEwODMtZDIxOGZiM2MxMzdi
LzEvRks1U21vekZ1bmFTMjVVbWtxQ0xWQ0pMdnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASy567luO
qafNiXODrb/JSAPm/sgpRCUStvGYadl+yyl/lipfryTc1++F4mybwMj++dtPx3x/
/6ZF9n/Ivo4M4jmwyq62g5g8D1OUDSf8Ud9/xkFXDOVfxU2QKol/wcmshja0GdEi
rHQNiQVkdBn40USOogfV9JgUegKsVr8Aj3DD3ynnKvfyMnjt9aa1HBfI81a0blmq
yVqZI2uiozYbuvU89lxAWGl+oLI3+dX9WSTGAC/+JZopAcYG0+7P6ieO1CNytbVn
wq9AVaIeM5ZH38pO2+0LYql1rvAh8JL+RCO2es2Kl+XfFBTQalHhmHR3E68n7Aow
b8VDGDqokpBuEg==
-----END CERTIFICATE-----