Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
File:                     G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft (raw, json)
Hash identifier:          aAbIOp3OrZqRkzpvdqf3Es8i1SdVpJuIwgxxLt9g6rU=
Subject key identifier:   33:99:E1:2C:41:E7:36:50:6E:D6:79:3C:CE:F6:DB:44:A2:2D:F3:AF
Authority key identifier: 1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6
Certificate issuer:       /CN=1b934577cb49d8d231b74c550726f3387e026cf6
Certificate serial:       0199FDD95F17D983E554B553C95E6939C310
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 19:01:45 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:45 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:45 +0000
Files and hashes:         1: G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl (hash: lHSzXakU/5b6nA6u2L2iGZ1PzbigE4y30oGwW90S2rw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:5f:17:d9:83:e5:54:b5:53:c9:5e:69:39:c3:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b934577cb49d8d231b74c550726f3387e026cf6
        Validity
            Not Before: Oct 19 19:01:45 2025 GMT
            Not After : Oct 20 19:01:45 2025 GMT
        Subject: CN=3399e12c41e736506ed6793ccef6db44a22df3af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:49:e8:e2:1e:ee:42:d5:02:e5:b0:b9:84:9e:
                    92:d1:2f:18:af:20:c9:ef:72:b1:37:8a:6b:19:11:
                    48:b5:02:82:ab:82:f2:f1:40:e0:b8:f6:7a:ed:fe:
                    21:ab:24:b9:73:02:8d:7b:f6:fa:f4:59:c2:c6:d3:
                    dd:f9:27:13:1f:58:1b:7f:3b:b1:aa:e8:24:73:34:
                    ef:36:d8:67:9d:ab:e9:64:9d:81:ca:99:88:5d:04:
                    a5:aa:40:0c:65:0d:e4:fe:59:51:a8:58:0d:7c:0b:
                    ac:56:3a:5d:a4:61:07:4e:c4:07:6b:24:f3:5f:8b:
                    0d:65:89:a8:7d:ec:e9:45:a9:4b:9b:40:ff:f6:8b:
                    0d:fb:6d:22:e5:c5:2b:d5:92:55:d3:27:59:64:09:
                    36:b1:b9:09:22:fd:e5:8d:ec:af:b5:3a:ac:7c:59:
                    0b:a6:28:4f:26:22:37:51:92:7c:04:e1:0d:3f:92:
                    46:28:c1:19:25:22:36:b7:63:42:d2:84:7e:28:1c:
                    a3:c2:d6:fb:2e:b0:0b:0e:21:7f:5c:25:a4:b8:6c:
                    90:70:0b:c1:0e:ca:5d:f6:1d:f2:5e:df:90:c8:55:
                    0a:5d:77:67:99:5c:f8:8e:04:5d:79:8d:b0:ef:0a:
                    e9:b3:d0:41:ab:9d:03:03:95:04:38:03:f3:2a:45:
                    e5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:99:E1:2C:41:E7:36:50:6E:D6:79:3C:CE:F6:DB:44:A2:2D:F3:AF
            X509v3 Authority Key Identifier:
                keyid:1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:18:e2:db:27:13:ff:93:5e:c3:30:83:50:4b:a0:07:b8:60:
         f2:1f:84:59:15:02:64:27:a4:9f:d4:1d:95:31:6e:d4:04:b0:
         a2:67:08:f2:0b:57:cd:e4:49:4f:51:f1:79:09:55:88:84:4d:
         a8:a3:4c:54:bc:34:93:4e:04:1d:4d:62:97:bc:ef:aa:11:5c:
         32:6b:8d:e6:58:cc:c2:e8:76:e2:ae:47:e6:eb:2b:4d:27:ed:
         ce:af:be:2d:a7:79:6d:e0:22:db:7c:e7:6a:46:4d:02:a3:68:
         23:f9:52:ce:66:99:df:78:6d:45:b0:6f:73:01:b7:da:b9:64:
         0e:99:83:b4:b4:1b:99:81:86:fb:2f:6c:43:78:1d:3a:3e:61:
         16:b7:e7:6d:94:9c:84:ae:9b:59:03:5f:e2:84:dd:24:61:46:
         6a:60:10:11:56:89:1c:55:58:a7:c7:b0:c5:33:2b:85:b3:e8:
         2f:2c:81:8f:a1:2c:f7:f5:28:ee:f8:2c:92:46:06:d0:44:f8:
         40:ca:7d:a5:4d:1d:2f:e6:20:a9:41:e4:d1:62:0c:28:44:fd:
         a2:f8:93:72:f3:09:dd:76:3a:60:90:b5:78:19:df:20:01:a0:
         8b:d3:4f:e5:c8:24:92:19:e6:24:cb:84:f6:60:60:d3:9e:6e:
         9e:cd:45:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92V8X2YPlVLVTyV5pOcMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOTM0NTc3Y2I0OWQ4ZDIzMWI3NGM1NTA3MjZmMzM4N2Uw
MjZjZjYwHhcNMjUxMDE5MTkwMTQ1WhcNMjUxMDIwMTkwMTQ1WjAzMTEwLwYDVQQD
EygzMzk5ZTEyYzQxZTczNjUwNmVkNjc5M2NjZWY2ZGI0NGEyMmRmM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEno4h7uQtUC5bC5hJ6S0S8YryDJ
73KxN4prGRFItQKCq4Ly8UDguPZ67f4hqyS5cwKNe/b69FnCxtPd+ScTH1gbfzux
qugkczTvNthnnavpZJ2BypmIXQSlqkAMZQ3k/llRqFgNfAusVjpdpGEHTsQHayTz
X4sNZYmofezpRalLm0D/9osN+20i5cUr1ZJV0ydZZAk2sbkJIv3ljeyvtTqsfFkL
pihPJiI3UZJ8BOENP5JGKMEZJSI2t2NC0oR+KByjwtb7LrALDiF/XCWkuGyQcAvB
Dspd9h3yXt+QyFUKXXdnmVz4jgRdeY2w7wrps9BBq50DA5UEOAPzKkXlCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOZ4SxB5zZQbtZ5PM7220SiLfOvMB8GA1UdIwQY
MBaAFBuTRXfLSdjSMbdMVQcm8zh+Amz2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEt
MGUyOTg1OGM2MzdhLzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEtMGUyOTg1OGM2Mzdh
LzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQxji2ycT
/5NewzCDUEugB7hg8h+EWRUCZCekn9QdlTFu1ASwomcI8gtXzeRJT1HxeQlViIRN
qKNMVLw0k04EHU1il7zvqhFcMmuN5ljMwuh24q5H5usrTSftzq++Lad5beAi23zn
akZNAqNoI/lSzmaZ33htRbBvcwG32rlkDpmDtLQbmYGG+y9sQ3gdOj5hFrfnbZSc
hK6bWQNf4oTdJGFGamAQEVaJHFVYp8ewxTMrhbPoLyyBj6Es9/Uo7vgskkYG0ET4
QMp9pU0dL+YgqUHk0WIMKET9oviTcvMJ3XY6YJC1eBnfIAGgi9NP5cgkkhnmJMuE
9mBg055uns1FIg==
-----END CERTIFICATE-----