Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
File:                     kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft (raw, json)
Hash identifier:          H7g8EqHpJIGeei1ikeU8w3w9trTPb97XpoO/IP30WdY=
Subject key identifier:   51:B8:CC:29:A9:E4:23:E0:7E:54:CC:90:8E:99:1F:E8:0F:95:86:8D
Authority key identifier: 93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44
Certificate issuer:       /CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44
Certificate serial:       0199FE4753309B207D6DDF4201FF9CAFB3B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
Manifest number:          1673
Signing time:             Sun 19 Oct 2025 21:01:51 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:51 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:51 +0000
Files and hashes:         1: kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl (hash: /BFJjIHlXgh/ZklInnyV+n6g+XWpVPCwXpu/mb32PaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:53:30:9b:20:7d:6d:df:42:01:ff:9c:af:b3:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44
        Validity
            Not Before: Oct 19 21:01:51 2025 GMT
            Not After : Oct 20 21:01:51 2025 GMT
        Subject: CN=51b8cc29a9e423e07e54cc908e991fe80f95868d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:14:42:e7:4e:b8:63:45:67:7e:89:5c:f4:37:
                    6a:a3:51:27:de:85:d8:14:41:ad:39:5b:df:bd:91:
                    db:d1:4e:ed:4c:90:92:9e:dd:be:5e:3e:77:7d:6d:
                    f5:d1:15:ab:c9:16:88:3b:1d:7c:4f:83:fa:af:90:
                    9f:0f:3e:c3:cf:41:64:46:5f:19:20:3a:cb:e9:2c:
                    7f:5d:bd:73:ab:f2:9a:c9:2c:98:05:49:4a:db:77:
                    24:9b:bb:4c:5e:57:6c:00:8c:f1:e4:8f:c3:83:75:
                    bf:88:af:24:a1:80:f5:93:80:2d:96:63:70:3a:1f:
                    3e:7f:bf:50:fe:66:00:cd:56:46:0f:5e:05:bc:cb:
                    61:6b:c2:e7:59:1f:18:ed:1f:09:29:62:24:d4:1e:
                    96:f6:94:6a:2b:8c:0c:f7:de:4e:50:9b:ad:c9:c4:
                    ee:eb:8c:fa:61:f8:ef:c7:bf:df:3d:18:83:f3:bb:
                    15:78:53:5b:53:ad:ab:01:ed:a7:f0:d9:42:bf:2c:
                    a9:d9:7b:44:ae:a8:03:ac:a1:09:8a:55:41:32:65:
                    ec:49:e3:db:15:ba:dd:5c:10:52:64:7b:0a:39:69:
                    dc:f3:c1:de:ae:9e:a6:36:28:97:f6:c0:f3:78:9d:
                    e5:e9:67:f5:e2:cd:72:5f:6b:8b:41:08:4f:f5:ff:
                    ec:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:B8:CC:29:A9:E4:23:E0:7E:54:CC:90:8E:99:1F:E8:0F:95:86:8D
            X509v3 Authority Key Identifier:
                keyid:93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:7c:ed:2e:0b:c9:3c:b5:7a:2c:ab:4b:0d:aa:5a:19:e6:a6:
         99:4f:f5:44:e6:0a:43:0e:c0:62:d6:a6:01:d6:31:d1:34:de:
         b7:cb:5c:cf:7b:fb:2f:06:64:c0:82:bb:e2:f8:53:65:44:0e:
         5c:ab:61:df:74:ae:bb:9e:96:eb:7a:39:95:73:e4:86:7c:b6:
         6f:70:4a:b1:d3:af:3d:a6:d3:45:4d:d9:b3:87:34:7b:ec:a8:
         1c:6c:4f:7b:f6:32:43:c1:bd:fb:5d:cf:f4:a8:e2:60:64:1d:
         1b:aa:54:d9:52:b2:3c:6c:98:fd:32:ed:30:88:37:3c:73:4f:
         a8:d3:d2:18:66:16:51:9d:f7:00:bd:e9:5d:6c:6d:f3:1d:4c:
         60:b9:a9:29:7c:f5:eb:dd:ef:b1:5a:0d:4b:67:de:a2:99:c2:
         e0:c7:9f:03:b6:e4:2e:f5:bc:d0:31:de:2d:90:30:a1:e4:ac:
         f8:dd:9e:70:28:d5:e5:f8:ea:6c:50:0f:8a:99:e6:ae:14:84:
         29:72:38:e8:02:94:28:10:26:3a:db:1c:e1:7e:5c:59:e2:7b:
         9f:9d:2d:00:d1:41:35:1d:3a:88:5b:9e:80:c7:31:27:f8:d7:
         d6:20:ca:39:e9:98:6d:4b:8d:4f:db:69:1f:f1:5f:52:3f:68:
         4e:0b:9b:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+R1MwmyB9bd9CAf+cr7OyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzIwZThiZTdjNzRjYTY1NWM3YzNlOTc4YmMxYWE2MGZk
OGRiNDQwHhcNMjUxMDE5MjEwMTUxWhcNMjUxMDIwMjEwMTUxWjAzMTEwLwYDVQQD
Eyg1MWI4Y2MyOWE5ZTQyM2UwN2U1NGNjOTA4ZTk5MWZlODBmOTU4NjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRRC5064Y0Vnfolc9Ddqo1En3oXY
FEGtOVvfvZHb0U7tTJCSnt2+Xj53fW310RWryRaIOx18T4P6r5CfDz7Dz0FkRl8Z
IDrL6Sx/Xb1zq/KaySyYBUlK23ckm7tMXldsAIzx5I/Dg3W/iK8koYD1k4AtlmNw
Oh8+f79Q/mYAzVZGD14FvMtha8LnWR8Y7R8JKWIk1B6W9pRqK4wM995OUJutycTu
64z6Yfjvx7/fPRiD87sVeFNbU62rAe2n8NlCvyyp2XtErqgDrKEJilVBMmXsSePb
FbrdXBBSZHsKOWnc88Herp6mNiiX9sDzeJ3l6Wf14s1yX2uLQQhP9f/sGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFG4zCmp5CPgflTMkI6ZH+gPlYaNMB8GA1UdIwQY
MBaAFJMyDovnx0ymVcfD6Xi8GqYP2NtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYt
ZmE5MWM3NWZiOWRjLzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYtZmE5MWM3NWZiOWRj
LzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdnztLgvJ
PLV6LKtLDapaGeammU/1ROYKQw7AYtamAdYx0TTet8tcz3v7LwZkwIK74vhTZUQO
XKth33Suu56W63o5lXPkhny2b3BKsdOvPabTRU3Zs4c0e+yoHGxPe/YyQ8G9+13P
9KjiYGQdG6pU2VKyPGyY/TLtMIg3PHNPqNPSGGYWUZ33AL3pXWxt8x1MYLmpKXz1
693vsVoNS2feopnC4MefA7bkLvW80DHeLZAwoeSs+N2ecCjV5fjqbFAPipnmrhSE
KXI46AKUKBAmOtsc4X5cWeJ7n50tANFBNR06iFuegMcxJ/jX1iDKOemYbUuNT9tp
H/FfUj9oTgub5A==
-----END CERTIFICATE-----