Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
File:                     dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft (raw, json)
Hash identifier:          tEIV4zu//MT6NB+OrxgjEPPGDgshHr+HpLkoH+IYCGo=
Subject key identifier:   62:F5:75:96:47:87:A3:5F:4E:1B:EC:31:02:A7:8F:5F:DF:2E:47:19
Authority key identifier: 74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C
Certificate issuer:       /CN=74f675a1679816793d5b30ad2f253f56c8e2445c
Certificate serial:       0199FD34319BE68B17D5D49EFF99DE027D8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 16:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:20 +0000
Files and hashes:         1: dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl (hash: iNnkh0S/76ZQzUlvhHFAOX8POjD1R57zvfIiih6mJTE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:31:9b:e6:8b:17:d5:d4:9e:ff:99:de:02:7d:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74f675a1679816793d5b30ad2f253f56c8e2445c
        Validity
            Not Before: Oct 19 16:01:20 2025 GMT
            Not After : Oct 20 16:01:20 2025 GMT
        Subject: CN=62f575964787a35f4e1bec3102a78f5fdf2e4719
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:95:d4:8e:bb:77:1d:32:b8:8d:29:ec:89:4d:
                    00:e5:ec:fa:85:4f:2a:98:2b:72:ca:93:b0:f8:73:
                    c5:79:b6:03:2d:c5:a7:a2:49:66:5e:a1:8d:e4:5d:
                    08:90:af:64:20:83:dc:77:e4:b2:c2:ea:8a:6b:16:
                    cb:10:90:0a:9e:de:a8:4d:d1:9c:32:14:10:3c:66:
                    6d:e4:f3:db:be:86:71:b5:bf:76:3c:de:61:bf:b0:
                    71:2d:d1:07:68:bb:f6:70:a6:22:2b:87:cb:70:38:
                    73:75:a6:86:d1:42:90:1e:af:27:09:24:39:c9:36:
                    7a:91:da:c5:53:0c:a9:11:85:30:c0:13:07:e3:67:
                    ff:04:94:18:df:54:ad:84:dc:9b:2f:bc:f9:6f:90:
                    39:d8:4a:1a:f2:1d:a8:be:a7:20:6f:d8:de:41:92:
                    28:e7:c9:4b:e1:b5:af:12:4f:7f:ee:4a:7d:b2:86:
                    fe:b6:25:47:28:fd:4b:a9:3b:1c:f9:90:82:ff:ed:
                    e7:2e:c0:f7:36:24:c9:a5:07:88:ed:cd:c6:cc:e2:
                    0e:de:b4:6b:60:d1:66:b8:10:1b:cb:55:ab:77:38:
                    d9:00:5c:5f:1b:c7:f2:6d:83:05:65:ec:1e:df:dc:
                    ec:48:68:65:22:ac:1a:82:12:fd:b3:57:b4:53:66:
                    6a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:F5:75:96:47:87:A3:5F:4E:1B:EC:31:02:A7:8F:5F:DF:2E:47:19
            X509v3 Authority Key Identifier:
                keyid:74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:fe:3a:94:d3:d0:6a:6a:ee:e0:f1:67:a8:5a:70:a4:f4:3f:
         dc:86:72:37:ce:94:42:35:68:7b:7c:f0:51:55:55:e0:33:7f:
         61:4b:41:f8:d5:02:d8:25:1f:ec:4c:69:71:b3:28:21:d8:a7:
         59:1e:f4:68:c6:3c:ab:4e:90:5d:a3:b7:9e:a2:1b:9d:32:d5:
         cc:b2:ed:64:6d:28:44:b9:85:da:e5:3a:c3:91:b0:ec:2e:cc:
         93:15:b3:e5:25:54:c6:53:13:26:9a:33:34:d6:f0:86:e2:a0:
         15:d1:99:5b:32:6d:76:a9:67:00:97:7d:66:67:be:3a:eb:a8:
         ce:cf:00:5b:5a:dc:99:17:c4:0a:9a:7f:7c:41:a1:f9:2a:4e:
         d5:64:aa:1d:09:28:bc:72:0a:c2:a4:c7:1c:71:c5:47:96:d1:
         16:04:1a:0d:b3:a0:6d:81:f7:b6:68:dd:f1:f6:48:e1:7c:22:
         65:c6:81:1f:2f:05:f5:4c:73:d2:e5:88:9d:bd:eb:58:65:f7:
         58:73:cc:64:a8:4b:5f:7f:da:e5:44:90:a5:be:73:0b:33:b7:
         a3:22:63:6b:77:de:a1:ce:d6:c2:0a:1e:a4:bf:68:dc:2e:20:
         bf:b0:67:70:22:2c:2c:47:46:c3:74:22:4e:02:7e:e0:ce:10:
         0a:be:09:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NDGb5osX1dSe/5neAn2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjY3NWExNjc5ODE2NzkzZDViMzBhZDJmMjUzZjU2Yzhl
MjQ0NWMwHhcNMjUxMDE5MTYwMTIwWhcNMjUxMDIwMTYwMTIwWjAzMTEwLwYDVQQD
Eyg2MmY1NzU5NjQ3ODdhMzVmNGUxYmVjMzEwMmE3OGY1ZmRmMmU0NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pXUjrt3HTK4jSnsiU0A5ez6hU8q
mCtyypOw+HPFebYDLcWnoklmXqGN5F0IkK9kIIPcd+SywuqKaxbLEJAKnt6oTdGc
MhQQPGZt5PPbvoZxtb92PN5hv7BxLdEHaLv2cKYiK4fLcDhzdaaG0UKQHq8nCSQ5
yTZ6kdrFUwypEYUwwBMH42f/BJQY31SthNybL7z5b5A52Eoa8h2ovqcgb9jeQZIo
58lL4bWvEk9/7kp9sob+tiVHKP1LqTsc+ZCC/+3nLsD3NiTJpQeI7c3GzOIO3rRr
YNFmuBAby1WrdzjZAFxfG8fybYMFZewe39zsSGhlIqwaghL9s1e0U2ZqkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGL1dZZHh6NfThvsMQKnj1/fLkcZMB8GA1UdIwQY
MBaAFHT2daFnmBZ5PVswrS8lP1bI4kRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTIt
MzM2MjkzNzM0NTA3LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTItMzM2MjkzNzM0NTA3
LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUf46lNPQ
amru4PFnqFpwpPQ/3IZyN86UQjVoe3zwUVVV4DN/YUtB+NUC2CUf7ExpcbMoIdin
WR70aMY8q06QXaO3nqIbnTLVzLLtZG0oRLmF2uU6w5Gw7C7MkxWz5SVUxlMTJpoz
NNbwhuKgFdGZWzJtdqlnAJd9Zme+Ouuozs8AW1rcmRfECpp/fEGh+SpO1WSqHQko
vHIKwqTHHHHFR5bRFgQaDbOgbYH3tmjd8fZI4XwiZcaBHy8F9Uxz0uWInb3rWGX3
WHPMZKhLX3/a5USQpb5zCzO3oyJja3feoc7WwgoepL9o3C4gv7BncCIsLEdGw3Qi
TgJ+4M4QCr4J8g==
-----END CERTIFICATE-----