Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/395b1c-a7da-4469-a4c5-e304facd1f7a/1/X0BiguwU-gvH1lEe_Lxq6fHgWz0.mft
File:                     X0BiguwU-gvH1lEe_Lxq6fHgWz0.mft (raw, json)
Hash identifier:          wZzzzxjztb4a3awxk1wifGzSJtpFlpF9H0VzHlcuVic=
Subject key identifier:   1F:D8:21:F4:CD:EB:38:8D:3A:8E:12:19:35:D1:B1:93:80:6D:46:04
Authority key identifier: 5F:40:62:82:EC:14:FA:0B:C7:D6:51:1E:FC:BC:6A:E9:F1:E0:5B:3D
Certificate issuer:       /CN=5f406282ec14fa0bc7d6511efcbc6ae9f1e05b3d
Certificate serial:       0199FCC6362794ECB145A31210F26BA24FD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X0BiguwU-gvH1lEe_Lxq6fHgWz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/395b1c-a7da-4469-a4c5-e304facd1f7a/1/X0BiguwU-gvH1lEe_Lxq6fHgWz0.mft
Manifest number:          0190
Signing time:             Sun 19 Oct 2025 14:01:12 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:12 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:12 +0000
Files and hashes:         1: X0BiguwU-gvH1lEe_Lxq6fHgWz0.crl (hash: wfWNz7s703EkD1DcQXFqd7aUzTNuQCBLYwEqwtb5aT0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/395b1c-a7da-4469-a4c5-e304facd1f7a/1/X0BiguwU-gvH1lEe_Lxq6fHgWz0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/395b1c-a7da-4469-a4c5-e304facd1f7a/1/X0BiguwU-gvH1lEe_Lxq6fHgWz0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X0BiguwU-gvH1lEe_Lxq6fHgWz0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:36:27:94:ec:b1:45:a3:12:10:f2:6b:a2:4f:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f406282ec14fa0bc7d6511efcbc6ae9f1e05b3d
        Validity
            Not Before: Oct 19 14:01:12 2025 GMT
            Not After : Oct 20 14:01:12 2025 GMT
        Subject: CN=1fd821f4cdeb388d3a8e121935d1b193806d4604
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:39:71:89:5f:97:8b:76:d1:2f:ef:69:01:72:
                    b7:f3:54:b5:01:74:70:c7:30:2f:de:95:90:f3:9c:
                    d1:cf:61:4a:8f:77:3a:df:e5:64:ed:94:7d:e5:2f:
                    5b:48:6f:64:5d:1b:be:b7:f8:10:7f:6e:ac:0f:0e:
                    49:bf:b8:ad:18:e4:c2:05:a4:f1:a4:c0:7e:d3:40:
                    9e:86:aa:e9:c5:58:38:85:45:dc:e4:b6:20:67:c5:
                    bd:14:d6:5a:34:7a:53:6b:cc:f7:3e:68:98:b9:4c:
                    46:c3:98:98:cc:f7:00:6a:75:66:e0:2d:b1:46:6d:
                    11:66:b2:37:e4:95:65:b2:1f:8f:07:5a:97:97:90:
                    db:b5:d5:c2:84:21:98:c7:bb:fd:95:1a:09:f2:fe:
                    56:92:5f:b5:dc:e6:b2:e5:ef:be:e2:dc:75:d4:33:
                    e8:f3:7e:63:6b:1e:04:87:91:de:dd:dd:d7:37:80:
                    51:a4:a4:7d:d4:9b:f8:ef:2f:4d:93:e6:5b:4d:a7:
                    c5:d1:8e:6f:67:1b:cd:ef:a9:b5:f3:ad:25:1a:80:
                    a0:c8:c3:e6:34:65:78:c9:b3:61:df:65:22:1c:01:
                    f2:b3:b1:52:87:73:86:f7:06:d7:97:40:5e:9d:26:
                    9f:6b:95:df:f5:5d:d3:ab:e8:05:17:2a:a0:fd:8b:
                    cb:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:D8:21:F4:CD:EB:38:8D:3A:8E:12:19:35:D1:B1:93:80:6D:46:04
            X509v3 Authority Key Identifier:
                keyid:5F:40:62:82:EC:14:FA:0B:C7:D6:51:1E:FC:BC:6A:E9:F1:E0:5B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X0BiguwU-gvH1lEe_Lxq6fHgWz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/395b1c-a7da-4469-a4c5-e304facd1f7a/1/X0BiguwU-gvH1lEe_Lxq6fHgWz0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/395b1c-a7da-4469-a4c5-e304facd1f7a/1/X0BiguwU-gvH1lEe_Lxq6fHgWz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:62:ce:2f:58:04:60:1d:38:ce:33:bb:81:31:9f:d4:a0:85:
         45:99:ff:51:3f:ab:2d:d5:fb:c4:24:9a:24:71:6d:37:bf:b6:
         0c:1a:f3:b9:51:b1:1a:66:68:2e:ae:e2:a4:41:23:8a:51:c4:
         5b:49:a5:f0:cb:23:b8:2a:e7:85:41:92:d0:b2:67:0d:41:1b:
         e6:48:f8:5a:72:55:dd:ce:45:cf:ba:63:ba:6d:0c:5c:66:fb:
         f1:a3:bb:4c:d2:c4:aa:5c:e1:95:07:43:48:fa:d4:1f:e7:7e:
         1d:5f:25:6b:ef:09:b8:ad:2b:d6:ca:4f:d7:47:6e:ca:9d:9c:
         01:cc:f7:35:eb:12:6d:2b:23:6a:55:e0:89:13:45:c8:e9:51:
         9f:aa:bb:a7:50:90:ec:61:9a:9a:2b:ee:00:1d:a4:85:f2:27:
         01:1e:c5:0f:7c:de:1c:5d:25:96:83:d6:b9:7e:d6:5e:47:9e:
         be:f1:67:0e:97:0c:e7:a6:14:f6:6f:68:3d:7a:c5:2a:89:80:
         53:b0:e4:b9:b7:57:81:8e:de:3f:a6:0f:93:dc:d1:46:7c:90:
         fd:c8:f8:b0:7d:c2:a5:77:ac:92:83:40:50:60:df:fc:50:ef:
         e0:b7:61:0b:d4:08:35:da:ea:44:61:fb:c7:93:4b:1f:a8:bf:
         21:b6:e7:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xjYnlOyxRaMSEPJrok/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNDA2MjgyZWMxNGZhMGJjN2Q2NTExZWZjYmM2YWU5ZjFl
MDViM2QwHhcNMjUxMDE5MTQwMTEyWhcNMjUxMDIwMTQwMTEyWjAzMTEwLwYDVQQD
EygxZmQ4MjFmNGNkZWIzODhkM2E4ZTEyMTkzNWQxYjE5MzgwNmQ0NjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTlxiV+Xi3bRL+9pAXK381S1AXRw
xzAv3pWQ85zRz2FKj3c63+Vk7ZR95S9bSG9kXRu+t/gQf26sDw5Jv7itGOTCBaTx
pMB+00CehqrpxVg4hUXc5LYgZ8W9FNZaNHpTa8z3PmiYuUxGw5iYzPcAanVm4C2x
Rm0RZrI35JVlsh+PB1qXl5DbtdXChCGYx7v9lRoJ8v5Wkl+13Oay5e++4tx11DPo
835jax4Eh5He3d3XN4BRpKR91Jv47y9Nk+ZbTafF0Y5vZxvN76m1860lGoCgyMPm
NGV4ybNh32UiHAHys7FSh3OG9wbXl0BenSafa5Xf9V3Tq+gFFyqg/YvLswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/YIfTN6ziNOo4SGTXRsZOAbUYEMB8GA1UdIwQY
MBaAFF9AYoLsFPoLx9ZRHvy8aunx4Fs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDBCaWd1d1UtZ3ZIMWxFZV9MeHE2ZkhnV3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zOTViMWMtYTdkYS00NDY5LWE0YzUt
ZTMwNGZhY2QxZjdhLzEvWDBCaWd1d1UtZ3ZIMWxFZV9MeHE2ZkhnV3owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zOTViMWMtYTdkYS00NDY5LWE0YzUtZTMwNGZhY2QxZjdh
LzEvWDBCaWd1d1UtZ3ZIMWxFZV9MeHE2ZkhnV3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHmLOL1gE
YB04zjO7gTGf1KCFRZn/UT+rLdX7xCSaJHFtN7+2DBrzuVGxGmZoLq7ipEEjilHE
W0ml8MsjuCrnhUGS0LJnDUEb5kj4WnJV3c5Fz7pjum0MXGb78aO7TNLEqlzhlQdD
SPrUH+d+HV8la+8JuK0r1spP10duyp2cAcz3NesSbSsjalXgiRNFyOlRn6q7p1CQ
7GGamivuAB2khfInAR7FD3zeHF0lloPWuX7WXkeevvFnDpcM56YU9m9oPXrFKomA
U7DkubdXgY7eP6YPk9zRRnyQ/cj4sH3CpXeskoNAUGDf/FDv4LdhC9QINdrqRGH7
x5NLH6i/IbbnRw==
-----END CERTIFICATE-----