Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
File:                     I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft (raw, json)
Hash identifier:          P3t+NzrMbTnMYD0HQHZfvPqTQ4qeAhnlollS9UJl0MM=
Subject key identifier:   92:63:B7:CF:C6:EB:FF:B3:A6:35:FD:99:EB:A8:FB:87:29:01:EA:C7
Authority key identifier: 23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F
Certificate issuer:       /CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
Certificate serial:       0199FBEADA70356A8F621500EBCF1D8D7B28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:01:36 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:36 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:36 +0000
Files and hashes:         1: I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl (hash: 6HT+UZvPQZp3IqCIYyNVU2JHFwNzFj0Y/uB+VKQbu+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:da:70:35:6a:8f:62:15:00:eb:cf:1d:8d:7b:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
        Validity
            Not Before: Oct 19 10:01:36 2025 GMT
            Not After : Oct 20 10:01:36 2025 GMT
        Subject: CN=9263b7cfc6ebffb3a635fd99eba8fb872901eac7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8b:92:f3:6b:9e:c4:81:32:e7:da:da:12:a2:
                    8f:e2:88:81:57:29:f5:f3:82:07:2f:d6:bc:35:bf:
                    40:7d:9a:c2:86:eb:bd:66:25:1e:09:1d:0e:ac:21:
                    f2:96:bf:b7:4e:ef:0b:4d:55:19:87:4d:32:4c:e7:
                    fb:d0:b4:66:a9:c0:96:c9:3d:69:57:26:c3:1a:84:
                    c2:27:9c:8c:d0:85:5e:9d:1c:1e:be:cd:cc:10:a6:
                    f9:37:8b:57:91:6d:f8:7f:99:fe:35:f6:e3:51:6b:
                    e7:ff:0e:2a:8b:df:6b:d9:96:87:a0:eb:50:95:4a:
                    00:59:dc:fa:76:16:3b:c7:89:24:e9:34:fc:61:f0:
                    01:fd:25:df:b5:f7:62:8f:dd:87:0c:b6:72:8b:26:
                    98:ea:6a:93:2b:78:c2:42:4b:88:d1:9a:6e:4e:bc:
                    11:42:e8:8c:c3:54:3a:48:0f:3c:ba:76:fa:c4:58:
                    ec:82:3c:db:d4:d6:ea:1d:7c:5e:8c:da:8a:74:13:
                    08:d9:17:fc:14:fa:0c:b1:8a:4d:1d:43:b6:11:bf:
                    77:f2:89:e4:cd:9e:ee:5c:6d:12:85:ac:57:ee:3f:
                    25:26:0e:7d:0e:d8:49:6e:c5:40:a0:34:b7:91:0c:
                    6d:4d:56:2e:69:13:f8:5a:79:16:c6:6c:55:9d:8c:
                    46:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:63:B7:CF:C6:EB:FF:B3:A6:35:FD:99:EB:A8:FB:87:29:01:EA:C7
            X509v3 Authority Key Identifier:
                keyid:23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:09:13:f4:7c:66:a3:37:4b:13:5e:95:f3:21:07:a1:4b:25:
         2a:4f:1a:65:b3:7a:fc:cf:03:6c:d1:5e:e8:8f:6e:d8:1b:d3:
         07:c6:67:a5:0a:79:16:3d:24:b2:93:23:76:ff:49:25:21:c0:
         3b:b2:fb:62:b7:94:30:f5:d6:95:d3:42:9a:fa:60:fe:87:67:
         bc:08:e3:71:7d:22:f6:09:74:fd:d5:0d:2f:8b:a8:51:80:35:
         20:48:4f:6c:72:0f:64:2d:e7:30:04:f7:09:df:d4:14:90:e6:
         14:56:0e:ec:22:a0:dc:d1:a2:3e:b4:06:25:9a:56:ce:2b:51:
         a7:13:7b:e0:a0:4b:f7:2a:bd:bf:3e:65:24:89:0c:88:94:62:
         61:18:05:f0:53:14:a3:0f:3c:e5:9b:82:f9:73:bc:5c:d3:3b:
         8a:3a:7a:54:22:b2:68:f8:26:f3:2f:73:a6:09:27:0c:cd:61:
         b4:8a:cf:11:61:57:d2:7a:85:50:a5:a4:29:09:58:73:2f:39:
         aa:6c:1e:b1:59:43:9e:45:6a:b5:ee:67:22:0f:db:3f:14:30:
         ec:a5:8a:1f:82:d1:f8:e7:a6:e7:4f:0a:3c:23:cd:cd:72:15:
         1f:fc:49:bc:40:d9:2c:6e:fd:39:0c:f1:d7:77:32:1f:50:ad:
         8c:d6:d7:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76tpwNWqPYhUA688djXsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzQzZmUzMTdjMzI0YmY3OTQzZWE3M2E3ZDRiNzg2Y2Zk
YzFlOWYwHhcNMjUxMDE5MTAwMTM2WhcNMjUxMDIwMTAwMTM2WjAzMTEwLwYDVQQD
Eyg5MjYzYjdjZmM2ZWJmZmIzYTYzNWZkOTllYmE4ZmI4NzI5MDFlYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYuS82uexIEy59raEqKP4oiBVyn1
84IHL9a8Nb9AfZrChuu9ZiUeCR0OrCHylr+3Tu8LTVUZh00yTOf70LRmqcCWyT1p
VybDGoTCJ5yM0IVenRwevs3MEKb5N4tXkW34f5n+NfbjUWvn/w4qi99r2ZaHoOtQ
lUoAWdz6dhY7x4kk6TT8YfAB/SXftfdij92HDLZyiyaY6mqTK3jCQkuI0ZpuTrwR
QuiMw1Q6SA88unb6xFjsgjzb1NbqHXxejNqKdBMI2Rf8FPoMsYpNHUO2Eb938onk
zZ7uXG0ShaxX7j8lJg59DthJbsVAoDS3kQxtTVYuaRP4WnkWxmxVnYxGvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJjt8/G6/+zpjX9meuo+4cpAerHMB8GA1UdIwQY
MBaAFCN0P+MXwyS/eUPqc6fUt4bP3B6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgt
Zjk2MTNkYTA5ZWViLzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgtZjk2MTNkYTA5ZWVi
LzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkwkT9Hxm
ozdLE16V8yEHoUslKk8aZbN6/M8DbNFe6I9u2BvTB8ZnpQp5Fj0kspMjdv9JJSHA
O7L7YreUMPXWldNCmvpg/odnvAjjcX0i9gl0/dUNL4uoUYA1IEhPbHIPZC3nMAT3
Cd/UFJDmFFYO7CKg3NGiPrQGJZpWzitRpxN74KBL9yq9vz5lJIkMiJRiYRgF8FMU
ow885ZuC+XO8XNM7ijp6VCKyaPgm8y9zpgknDM1htIrPEWFX0nqFUKWkKQlYcy85
qmwesVlDnkVqte5nIg/bPxQw7KWKH4LR+Oem508KPCPNzXIVH/xJvEDZLG79OQzx
13cyH1CtjNbXXA==
-----END CERTIFICATE-----