Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/1a8cef-bc09-42b8-b76d-79f32fd4e33d/1/83MAhqFPMbJWQMFC7f0XvJMyDFo.mft
File:                     83MAhqFPMbJWQMFC7f0XvJMyDFo.mft (raw, json)
Hash identifier:          8+SAWZ7rYsUVdjYNfuDpOb4fEUhrV5oePbdtRyn8oS0=
Subject key identifier:   23:9F:80:38:49:5F:5D:45:E7:40:FD:58:45:1B:F6:1E:2F:44:90:E4
Authority key identifier: F3:73:00:86:A1:4F:31:B2:56:40:C1:42:ED:FD:17:BC:93:32:0C:5A
Certificate issuer:       /CN=f3730086a14f31b25640c142edfd17bc93320c5a
Certificate serial:       019A0290B6C88655F03DE3EBB7BF4F0A7B54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/83MAhqFPMbJWQMFC7f0XvJMyDFo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/1a8cef-bc09-42b8-b76d-79f32fd4e33d/1/83MAhqFPMbJWQMFC7f0XvJMyDFo.mft
Manifest number:          0F8C
Signing time:             Mon 20 Oct 2025 17:00:29 +0000
Manifest this update:     Mon 20 Oct 2025 17:00:29 +0000
Manifest next update:     Tue 21 Oct 2025 17:00:29 +0000
Files and hashes:         1: 83MAhqFPMbJWQMFC7f0XvJMyDFo.crl (hash: J+LyyOhaWeR3ktBEV0kG98gHFjXwdEKQMM3DTvGY/Zg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/1a8cef-bc09-42b8-b76d-79f32fd4e33d/1/83MAhqFPMbJWQMFC7f0XvJMyDFo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/1a8cef-bc09-42b8-b76d-79f32fd4e33d/1/83MAhqFPMbJWQMFC7f0XvJMyDFo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/83MAhqFPMbJWQMFC7f0XvJMyDFo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:90:b6:c8:86:55:f0:3d:e3:eb:b7:bf:4f:0a:7b:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3730086a14f31b25640c142edfd17bc93320c5a
        Validity
            Not Before: Oct 20 17:00:29 2025 GMT
            Not After : Oct 21 17:00:29 2025 GMT
        Subject: CN=239f8038495f5d45e740fd58451bf61e2f4490e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:3b:43:91:7d:77:73:5f:46:87:47:4e:b6:d4:
                    d9:84:26:60:f1:8d:da:80:36:4b:dd:13:aa:d1:2b:
                    2f:96:0b:b0:dd:97:f0:ab:6d:6f:10:a9:ca:bb:0a:
                    55:62:5a:5a:31:5a:4e:33:2d:00:ba:b0:6f:e9:da:
                    b7:68:d2:0d:cd:f5:99:67:12:f2:1d:ab:16:a7:11:
                    f7:53:d6:86:ed:87:44:7a:c0:44:0c:0a:fb:bf:ed:
                    fa:8b:c9:73:0f:ea:ef:58:e3:e8:4b:53:fa:e6:03:
                    54:41:e7:1e:fb:c1:e4:bb:62:de:d3:c0:83:2a:f5:
                    d9:3a:e1:b1:71:ed:40:e8:1c:e7:df:4d:3e:20:fb:
                    70:1b:5c:05:24:87:cb:9d:5f:e4:49:9f:d0:03:dc:
                    67:e8:81:22:6c:e2:8d:45:f2:31:ca:a6:07:37:eb:
                    bc:4a:a6:4a:f2:80:84:52:d3:9c:19:e0:3a:6b:91:
                    52:5c:50:12:1e:3d:72:b1:91:4d:ce:2a:22:7a:25:
                    f7:89:e5:41:a3:8a:4f:3c:f1:d4:10:72:89:7e:65:
                    9d:31:f3:c3:c7:f9:64:20:d5:73:01:ca:08:56:82:
                    47:45:c7:1c:9b:4c:b9:60:0e:7c:97:5a:89:a3:4a:
                    ac:86:4e:0c:35:c9:57:6c:26:0a:65:0c:32:7d:64:
                    2a:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:9F:80:38:49:5F:5D:45:E7:40:FD:58:45:1B:F6:1E:2F:44:90:E4
            X509v3 Authority Key Identifier:
                keyid:F3:73:00:86:A1:4F:31:B2:56:40:C1:42:ED:FD:17:BC:93:32:0C:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83MAhqFPMbJWQMFC7f0XvJMyDFo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1a8cef-bc09-42b8-b76d-79f32fd4e33d/1/83MAhqFPMbJWQMFC7f0XvJMyDFo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1a8cef-bc09-42b8-b76d-79f32fd4e33d/1/83MAhqFPMbJWQMFC7f0XvJMyDFo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:fe:fc:5f:5c:fc:3b:78:01:7c:ef:3d:2b:05:8d:4b:c4:a2:
         ce:34:9e:67:cf:6d:7b:bc:37:c4:32:19:50:94:99:23:d7:f0:
         cb:ad:30:96:05:7e:ee:4d:17:45:49:01:f6:4b:e1:c9:6f:e8:
         5f:3f:cd:12:d8:01:a3:12:5b:21:b5:88:75:f4:3f:5e:b6:27:
         6e:38:c0:78:7c:e8:a5:3a:cd:be:ce:94:f0:82:78:c4:5a:1c:
         13:a8:e2:90:bb:cf:94:53:d8:a5:da:29:ba:2a:89:2f:cb:82:
         d2:10:5e:5e:ed:02:77:41:e8:25:85:a1:eb:6e:06:00:b8:e3:
         c4:a5:9d:3d:ef:8a:90:f1:92:a4:5a:2f:e5:43:80:a0:54:68:
         04:35:cf:b1:33:0f:08:7b:62:e7:1c:7c:64:2d:c6:31:05:c6:
         12:8a:5a:1e:bc:d6:eb:1e:13:63:67:38:a5:f3:76:13:69:27:
         6d:9a:9a:2f:de:b1:63:69:0d:4c:98:81:3f:c1:5f:5c:e3:8c:
         24:c9:d7:ce:0b:a8:35:20:fd:7d:9f:01:c8:c9:a6:90:e2:44:
         58:aa:a1:d9:4e:ff:dd:79:5b:fd:82:b0:c6:a2:17:38:d5:cd:
         c0:c3:c8:87:12:1f:6c:d4:d4:da:22:ab:34:ff:64:ef:42:ba:
         d4:4e:71:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCkLbIhlXwPePrt79PCntUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzMwMDg2YTE0ZjMxYjI1NjQwYzE0MmVkZmQxN2JjOTMz
MjBjNWEwHhcNMjUxMDIwMTcwMDI5WhcNMjUxMDIxMTcwMDI5WjAzMTEwLwYDVQQD
EygyMzlmODAzODQ5NWY1ZDQ1ZTc0MGZkNTg0NTFiZjYxZTJmNDQ5MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjtDkX13c19Gh0dOttTZhCZg8Y3a
gDZL3ROq0Ssvlguw3Zfwq21vEKnKuwpVYlpaMVpOMy0AurBv6dq3aNINzfWZZxLy
HasWpxH3U9aG7YdEesBEDAr7v+36i8lzD+rvWOPoS1P65gNUQece+8Hku2Le08CD
KvXZOuGxce1A6Bzn300+IPtwG1wFJIfLnV/kSZ/QA9xn6IEibOKNRfIxyqYHN+u8
SqZK8oCEUtOcGeA6a5FSXFASHj1ysZFNzioieiX3ieVBo4pPPPHUEHKJfmWdMfPD
x/lkINVzAcoIVoJHRcccm0y5YA58l1qJo0qshk4MNclXbCYKZQwyfWQq+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOfgDhJX11F50D9WEUb9h4vRJDkMB8GA1UdIwQY
MBaAFPNzAIahTzGyVkDBQu39F7yTMgxaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNNQWhxRlBNYkpXUU1GQzdmMFh2Sk15REZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xYThjZWYtYmMwOS00MmI4LWI3NmQt
NzlmMzJmZDRlMzNkLzEvODNNQWhxRlBNYkpXUU1GQzdmMFh2Sk15REZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xYThjZWYtYmMwOS00MmI4LWI3NmQtNzlmMzJmZDRlMzNk
LzEvODNNQWhxRlBNYkpXUU1GQzdmMFh2Sk15REZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR/78X1z8
O3gBfO89KwWNS8SizjSeZ89te7w3xDIZUJSZI9fwy60wlgV+7k0XRUkB9kvhyW/o
Xz/NEtgBoxJbIbWIdfQ/XrYnbjjAeHzopTrNvs6U8IJ4xFocE6jikLvPlFPYpdop
uiqJL8uC0hBeXu0Cd0HoJYWh624GALjjxKWdPe+KkPGSpFov5UOAoFRoBDXPsTMP
CHti5xx8ZC3GMQXGEopaHrzW6x4TY2c4pfN2E2knbZqaL96xY2kNTJiBP8FfXOOM
JMnXzguoNSD9fZ8ByMmmkOJEWKqh2U7/3Xlb/YKwxqIXONXNwMPIhxIfbNTU2iKr
NP9k70K61E5xuA==
-----END CERTIFICATE-----