Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft
File:                     SmO14kps7e29L-j2bXl6s9jqpMk.mft (raw, json)
Hash identifier:          I2W4PlaFQfb6/Rzb6g7rEWpRB201NOf/Q06GkJBKZH0=
Subject key identifier:   7A:D7:3E:B2:3A:1C:9B:F9:B2:4A:18:A8:C4:7F:01:7D:39:AC:44:DF
Authority key identifier: 4A:63:B5:E2:4A:6C:ED:ED:BD:2F:E8:F6:6D:79:7A:B3:D8:EA:A4:C9
Certificate issuer:       /CN=4a63b5e24a6cededbd2fe8f66d797ab3d8eaa4c9
Certificate serial:       0199FBEB27903969DB3FFE508CDE7C749D8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SmO14kps7e29L-j2bXl6s9jqpMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft
Manifest number:          16DC
Signing time:             Sun 19 Oct 2025 10:01:56 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:56 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:56 +0000
Files and hashes:         1: SmO14kps7e29L-j2bXl6s9jqpMk.crl (hash: dOKxt8H6R3/7LNihHlTmJwYd6FhymZp8QvOv2kKcAqk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SmO14kps7e29L-j2bXl6s9jqpMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:27:90:39:69:db:3f:fe:50:8c:de:7c:74:9d:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a63b5e24a6cededbd2fe8f66d797ab3d8eaa4c9
        Validity
            Not Before: Oct 19 10:01:56 2025 GMT
            Not After : Oct 20 10:01:56 2025 GMT
        Subject: CN=7ad73eb23a1c9bf9b24a18a8c47f017d39ac44df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a2:d8:7a:9a:85:5e:9e:4c:a4:e6:3e:91:34:
                    5c:ba:7c:2b:ea:1a:98:62:bd:d0:72:88:45:db:8b:
                    77:98:80:0c:19:95:bf:05:5e:4a:70:2d:13:69:49:
                    ac:f2:6e:d1:7b:8f:e4:b0:9c:4c:01:d8:d4:88:39:
                    09:7b:87:62:21:cf:52:bb:5f:7d:ec:5e:43:a7:a5:
                    29:2f:40:ef:88:45:16:a9:96:52:1b:61:26:47:9f:
                    ab:a1:ad:0d:73:19:a5:63:c3:76:59:0f:0a:86:fc:
                    b4:48:88:b7:36:44:47:84:99:1c:1b:bb:d3:9d:47:
                    68:f2:36:af:80:61:3b:12:03:fa:40:5c:e4:ff:ea:
                    32:41:89:2c:09:e4:ca:00:00:90:25:22:ef:5b:3a:
                    5f:cb:0b:b0:f0:37:15:2b:9d:16:7c:99:8d:0c:cd:
                    0d:a3:8f:d4:71:69:d0:30:15:ff:87:4e:6d:67:f1:
                    65:b7:00:3d:ac:66:37:bb:73:7b:1e:9f:d5:44:2c:
                    41:36:dc:06:b1:d7:bf:a3:a5:f1:99:8b:5f:2b:d9:
                    48:75:4b:8c:28:2f:20:d2:7b:69:b4:86:19:0a:66:
                    9f:78:fd:9d:62:54:20:f6:99:ee:43:6f:81:2c:62:
                    0b:80:da:15:b9:22:41:ab:fc:92:88:59:e2:4b:1a:
                    c6:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:D7:3E:B2:3A:1C:9B:F9:B2:4A:18:A8:C4:7F:01:7D:39:AC:44:DF
            X509v3 Authority Key Identifier:
                keyid:4A:63:B5:E2:4A:6C:ED:ED:BD:2F:E8:F6:6D:79:7A:B3:D8:EA:A4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmO14kps7e29L-j2bXl6s9jqpMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:89:be:14:6d:35:53:d4:95:8c:50:f1:cd:ae:ef:5d:e5:6e:
         32:ca:17:70:75:88:bc:c9:4a:49:bb:91:57:da:e8:f4:b9:6c:
         c9:a3:9f:f5:3e:f9:b5:6d:f8:e3:42:48:73:f7:ff:e2:f6:70:
         b4:51:a0:b0:88:cd:5b:7a:22:90:7c:5c:4f:35:e5:d9:ad:cf:
         fa:a8:4a:6d:65:2f:61:aa:06:84:df:d5:cf:e5:f5:d3:9c:2b:
         25:a3:b7:84:67:b8:53:bb:0a:a8:df:62:71:e6:9c:2c:5e:d2:
         c4:0e:58:2b:49:10:19:36:d6:40:93:0d:17:93:2d:3f:02:0f:
         bb:8c:6f:d0:17:b0:d8:3f:57:cc:e5:6e:23:b2:d6:f2:16:b7:
         1a:28:5e:15:c4:80:4b:07:e2:25:83:e0:c0:fe:f1:8b:51:aa:
         d6:19:c5:30:9b:d4:a3:a4:c8:6b:84:b0:22:5f:02:ed:e8:f2:
         55:e8:35:93:8d:d9:b3:2a:ea:46:32:ad:d9:af:87:eb:c4:20:
         76:30:83:16:25:33:a3:4f:d3:67:16:e0:e7:20:6f:e0:e5:ad:
         16:98:ab:03:37:68:d4:c3:96:4a:2b:fb:a8:f9:5c:21:dc:73:
         89:6e:f1:a7:7f:0c:7c:6b:fe:5e:71:d5:1f:81:97:06:da:54:
         b3:e4:62:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76yeQOWnbP/5QjN58dJ2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjNiNWUyNGE2Y2VkZWRiZDJmZThmNjZkNzk3YWIzZDhl
YWE0YzkwHhcNMjUxMDE5MTAwMTU2WhcNMjUxMDIwMTAwMTU2WjAzMTEwLwYDVQQD
Eyg3YWQ3M2ViMjNhMWM5YmY5YjI0YTE4YThjNDdmMDE3ZDM5YWM0NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KLYepqFXp5MpOY+kTRcunwr6hqY
Yr3QcohF24t3mIAMGZW/BV5KcC0TaUms8m7Re4/ksJxMAdjUiDkJe4diIc9Su199
7F5Dp6UpL0DviEUWqZZSG2EmR5+roa0NcxmlY8N2WQ8Khvy0SIi3NkRHhJkcG7vT
nUdo8javgGE7EgP6QFzk/+oyQYksCeTKAACQJSLvWzpfywuw8DcVK50WfJmNDM0N
o4/UcWnQMBX/h05tZ/FltwA9rGY3u3N7Hp/VRCxBNtwGsde/o6XxmYtfK9lIdUuM
KC8g0ntptIYZCmafeP2dYlQg9pnuQ2+BLGILgNoVuSJBq/ySiFniSxrGkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrXPrI6HJv5skoYqMR/AX05rETfMB8GA1UdIwQY
MBaAFEpjteJKbO3tvS/o9m15erPY6qTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21PMTRrcHM3ZTI5TC1qMmJYbDZzOWpxcE1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82NGRhYmMtNjU2NC00Y2EwLTgwMmYt
Y2E5NzkwMDgwNzE2LzEvU21PMTRrcHM3ZTI5TC1qMmJYbDZzOWpxcE1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82NGRhYmMtNjU2NC00Y2EwLTgwMmYtY2E5NzkwMDgwNzE2
LzEvU21PMTRrcHM3ZTI5TC1qMmJYbDZzOWpxcE1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJYm+FG01
U9SVjFDxza7vXeVuMsoXcHWIvMlKSbuRV9ro9LlsyaOf9T75tW3440JIc/f/4vZw
tFGgsIjNW3oikHxcTzXl2a3P+qhKbWUvYaoGhN/Vz+X105wrJaO3hGe4U7sKqN9i
ceacLF7SxA5YK0kQGTbWQJMNF5MtPwIPu4xv0Bew2D9XzOVuI7LW8ha3GiheFcSA
SwfiJYPgwP7xi1Gq1hnFMJvUo6TIa4SwIl8C7ejyVeg1k43ZsyrqRjKt2a+H68Qg
djCDFiUzo0/TZxbg5yBv4OWtFpirAzdo1MOWSiv7qPlcIdxziW7xp38MfGv+XnHV
H4GXBtpUs+RiJw==
-----END CERTIFICATE-----