Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.mft
File:                     1peKb6yHM4CG9TacW0AhsIBhHlc.mft (raw, json)
Hash identifier:          VieJZor4jZvXS/4YcSoOZt+/bwXUayc8XkDWIva037Y=
Subject key identifier:   FF:C4:5C:13:1C:D1:A9:DE:35:FA:2E:A6:4F:20:0A:D8:50:CB:E0:7E
Authority key identifier: D6:97:8A:6F:AC:87:33:80:86:F5:36:9C:5B:40:21:B0:80:61:1E:57
Certificate issuer:       /CN=d6978a6fac87338086f5369c5b4021b080611e57
Certificate serial:       0199FC8F523914B48B50D38DE6C5F2928CC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1peKb6yHM4CG9TacW0AhsIBhHlc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.mft
Manifest number:          031A
Signing time:             Sun 19 Oct 2025 13:01:15 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:15 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:15 +0000
Files and hashes:         1: 1peKb6yHM4CG9TacW0AhsIBhHlc.crl (hash: LipxcDICR33Im8jCgMU+EbXeW3G6oj03GwIAJb9KDgs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1peKb6yHM4CG9TacW0AhsIBhHlc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:52:39:14:b4:8b:50:d3:8d:e6:c5:f2:92:8c:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d6978a6fac87338086f5369c5b4021b080611e57
        Validity
            Not Before: Oct 19 13:01:15 2025 GMT
            Not After : Oct 20 13:01:15 2025 GMT
        Subject: CN=ffc45c131cd1a9de35fa2ea64f200ad850cbe07e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ed:4c:86:9a:21:a5:e7:51:b7:c4:15:8b:e9:
                    da:8c:cf:f9:56:17:5c:74:3f:a7:7a:1b:27:fe:be:
                    74:09:3d:57:5c:c5:0a:23:de:0a:68:3b:34:71:fd:
                    dc:22:ed:87:24:5d:88:f2:8b:be:07:22:7f:de:d3:
                    9a:8e:0a:06:35:c7:8c:7c:57:77:a2:5d:2e:2f:10:
                    fc:e2:59:ec:51:cd:2f:17:71:04:a3:80:09:72:a1:
                    3e:bd:2f:ad:3d:0b:41:ea:37:26:85:5d:52:db:4d:
                    ee:ac:90:8e:13:a7:0d:ea:38:31:4b:0b:72:bb:81:
                    d4:d0:66:72:5a:64:2d:49:ff:58:4b:fd:17:34:f2:
                    4b:25:e1:a5:f6:cf:69:f1:a3:4f:94:71:3e:3a:04:
                    f6:c7:46:2a:52:91:18:9e:79:68:d2:9d:18:e3:a3:
                    4d:6d:4f:6c:c5:33:86:79:96:8c:99:17:74:54:f6:
                    0e:16:0c:24:4a:ca:c6:a7:b0:5d:ed:6d:9b:4b:73:
                    67:55:05:a7:00:80:f0:14:53:82:1c:fd:ad:cd:a5:
                    5b:65:ff:4a:a0:0f:40:c1:3a:54:d6:d4:e6:6f:d1:
                    db:e8:e3:2d:02:96:76:54:8f:d1:00:4a:4a:86:ca:
                    62:f0:e6:44:e3:bd:b4:91:f2:04:ee:93:d6:86:ac:
                    13:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:C4:5C:13:1C:D1:A9:DE:35:FA:2E:A6:4F:20:0A:D8:50:CB:E0:7E
            X509v3 Authority Key Identifier:
                keyid:D6:97:8A:6F:AC:87:33:80:86:F5:36:9C:5B:40:21:B0:80:61:1E:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1peKb6yHM4CG9TacW0AhsIBhHlc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:51:fe:e0:2c:23:92:4e:ce:c5:29:10:36:91:f0:23:07:d4:
         a4:45:e3:57:1b:9c:5f:56:9c:40:a6:ae:0d:3a:51:82:7d:b9:
         9d:ed:b2:ae:35:2b:54:78:65:60:8b:60:3b:76:9e:0f:0a:bf:
         07:17:9a:e2:5e:13:e3:71:d6:7c:c3:6f:54:7b:2d:46:d1:de:
         ec:ae:31:47:d5:1a:61:df:08:3e:12:d5:2e:ce:19:0a:c2:62:
         60:03:37:d3:c7:0c:aa:12:fc:67:5c:23:d7:14:72:4a:ff:8a:
         bd:6d:e9:2c:aa:27:33:35:b1:af:81:9e:36:84:c2:99:41:6a:
         7c:b2:0c:f7:8c:6a:2d:f3:a8:e7:20:e9:20:f3:a1:c0:81:8d:
         af:53:10:fc:00:52:1a:50:f6:2a:2f:f7:0e:f3:8d:fa:0e:06:
         5c:81:cb:48:da:1a:9b:76:3f:6c:3b:fa:1a:90:db:b3:e9:99:
         35:27:1e:0d:3f:db:b4:de:95:88:fb:71:4a:7f:ba:5b:80:1d:
         0a:41:2d:a1:25:b0:09:1c:ec:85:0f:4a:49:d3:69:0c:f2:c1:
         f0:4e:e5:19:14:7c:31:7d:f1:83:78:88:27:88:c8:74:a0:49:
         ae:8b:3d:35:b8:d6:ce:a2:6a:96:c7:37:8c:45:b0:58:4b:fe:
         09:ee:26:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j1I5FLSLUNON5sXykozBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OTc4YTZmYWM4NzMzODA4NmY1MzY5YzViNDAyMWIwODA2
MTFlNTcwHhcNMjUxMDE5MTMwMTE1WhcNMjUxMDIwMTMwMTE1WjAzMTEwLwYDVQQD
EyhmZmM0NWMxMzFjZDFhOWRlMzVmYTJlYTY0ZjIwMGFkODUwY2JlMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne1MhpohpedRt8QVi+najM/5Vhdc
dD+nehsn/r50CT1XXMUKI94KaDs0cf3cIu2HJF2I8ou+ByJ/3tOajgoGNceMfFd3
ol0uLxD84lnsUc0vF3EEo4AJcqE+vS+tPQtB6jcmhV1S203urJCOE6cN6jgxSwty
u4HU0GZyWmQtSf9YS/0XNPJLJeGl9s9p8aNPlHE+OgT2x0YqUpEYnnlo0p0Y46NN
bU9sxTOGeZaMmRd0VPYOFgwkSsrGp7Bd7W2bS3NnVQWnAIDwFFOCHP2tzaVbZf9K
oA9AwTpU1tTmb9Hb6OMtApZ2VI/RAEpKhspi8OZE4720kfIE7pPWhqwTRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/EXBMc0aneNfoupk8gCthQy+B+MB8GA1UdIwQY
MBaAFNaXim+shzOAhvU2nFtAIbCAYR5XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXBlS2I2eUhNNENHOVRhY1cwQWhzSUJoSGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84NzA1OTYtOThhZC00N2I5LWE3ODgt
NDNlNzA5NzdhNzBlLzEvMXBlS2I2eUhNNENHOVRhY1cwQWhzSUJoSGxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84NzA1OTYtOThhZC00N2I5LWE3ODgtNDNlNzA5NzdhNzBl
LzEvMXBlS2I2eUhNNENHOVRhY1cwQWhzSUJoSGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMlH+4Cwj
kk7OxSkQNpHwIwfUpEXjVxucX1acQKauDTpRgn25ne2yrjUrVHhlYItgO3aeDwq/
Bxea4l4T43HWfMNvVHstRtHe7K4xR9UaYd8IPhLVLs4ZCsJiYAM308cMqhL8Z1wj
1xRySv+KvW3pLKonMzWxr4GeNoTCmUFqfLIM94xqLfOo5yDpIPOhwIGNr1MQ/ABS
GlD2Ki/3DvON+g4GXIHLSNoam3Y/bDv6GpDbs+mZNSceDT/btN6ViPtxSn+6W4Ad
CkEtoSWwCRzshQ9KSdNpDPLB8E7lGRR8MX3xg3iIJ4jIdKBJros9NbjWzqJqlsc3
jEWwWEv+Ce4mWw==
-----END CERTIFICATE-----