Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          TM1KJZ7Sw0iLTEqAmNz7SQy16DA8Vbw6fnyJUGu7DBQ=
Subject key identifier:   1B:52:38:88:6A:89:F0:03:32:EB:98:53:A8:9B:0E:56:A8:6B:F0:31
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       0199FBEAD75CAD9B5B7A5ED8B8C2FCF6257E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 10:01:35 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:35 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:35 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: UOsavo1NG/kyQNqjZEboWbSeUjad0kZ+GKGoSQf8++8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:d7:5c:ad:9b:5b:7a:5e:d8:b8:c2:fc:f6:25:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Oct 19 10:01:35 2025 GMT
            Not After : Oct 20 10:01:35 2025 GMT
        Subject: CN=1b5238886a89f00332eb9853a89b0e56a86bf031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:e2:a3:d5:83:2c:2a:ef:4a:27:b7:d1:07:4c:
                    49:62:78:65:b9:bc:06:26:0e:e8:a0:65:cb:31:a2:
                    6e:84:4b:e2:6c:82:9c:14:92:fb:e6:49:43:47:7a:
                    de:13:15:f4:5b:95:b3:66:d9:0b:af:2d:a2:19:fa:
                    34:a7:49:9e:c5:97:de:ef:6c:0c:93:83:3d:88:e6:
                    ed:23:fe:59:3d:d1:1e:00:bb:38:5b:56:9d:6c:b1:
                    58:6f:f1:e2:18:85:91:71:01:03:31:bc:bc:45:94:
                    2c:8e:85:4c:a3:a9:18:10:e2:89:44:c8:7f:b8:6a:
                    9d:0a:46:bb:06:9f:f7:ed:3f:fc:bf:eb:f6:8d:c8:
                    48:7c:e3:f1:e4:5c:d5:ab:0d:ba:89:7f:45:9e:c5:
                    28:36:e0:ec:58:26:97:b1:fb:36:aa:dc:d8:61:b5:
                    8d:45:36:53:cb:b0:38:65:63:e9:47:7d:f6:ac:55:
                    c8:d7:b9:4a:c1:ce:47:29:43:8a:ff:ee:d3:c2:f3:
                    9f:6b:1e:6b:4c:01:b3:9e:bd:b6:93:1d:b4:d0:52:
                    5b:43:c8:50:f7:11:16:2a:25:0d:2a:e9:58:12:ff:
                    c3:c1:a3:fb:09:2c:9b:3e:c6:0d:07:b7:1b:5d:c6:
                    04:2a:a3:da:c3:dd:6a:1c:64:1b:2d:5e:d2:b9:93:
                    13:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:52:38:88:6A:89:F0:03:32:EB:98:53:A8:9B:0E:56:A8:6B:F0:31
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:a7:6c:d8:21:a2:03:72:27:a2:db:d6:76:5e:b4:34:58:d0:
         19:b7:6a:98:8f:2e:c6:45:a1:f8:64:3e:34:ba:6f:82:e3:26:
         7d:e1:95:1b:9c:e4:de:cc:a7:44:ca:cf:a2:0a:6d:a0:70:c1:
         9c:88:18:18:be:ab:38:71:99:5c:25:27:09:e8:3d:f3:c3:5d:
         82:85:fd:d3:d2:4d:93:b0:07:ec:f3:2d:05:c2:73:f8:08:d6:
         c9:b9:1b:85:c3:8c:5f:10:71:06:8b:d9:3e:8f:15:d1:2b:66:
         24:16:33:5f:43:be:6c:e1:c5:e7:8b:7a:0b:7b:39:15:cc:3a:
         ec:f2:9c:1b:b7:4c:bf:43:52:f1:53:57:1d:a3:c2:29:48:a2:
         60:64:d2:9c:d6:b0:6e:e4:bc:47:ba:5d:86:30:a7:ad:43:c0:
         1b:96:3f:85:53:26:5c:50:60:60:69:bb:41:de:50:80:ab:a2:
         d5:47:e6:34:90:a1:b9:51:be:20:1c:7d:9c:ca:eb:83:77:52:
         d7:30:33:8d:92:bf:32:6e:86:31:fc:22:65:69:e5:5a:dd:7f:
         7e:a9:04:1e:be:36:18:3a:4a:e1:a8:12:c5:da:ae:19:a7:54:
         48:f4:92:51:cf:d8:9b:7a:69:a6:64:13:81:f0:b9:2e:99:27:
         c1:ca:57:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76tdcrZtbel7YuML89iV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjUxMDE5MTAwMTM1WhcNMjUxMDIwMTAwMTM1WjAzMTEwLwYDVQQD
EygxYjUyMzg4ODZhODlmMDAzMzJlYjk4NTNhODliMGU1NmE4NmJmMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OKj1YMsKu9KJ7fRB0xJYnhlubwG
Jg7ooGXLMaJuhEvibIKcFJL75klDR3reExX0W5WzZtkLry2iGfo0p0mexZfe72wM
k4M9iObtI/5ZPdEeALs4W1adbLFYb/HiGIWRcQEDMby8RZQsjoVMo6kYEOKJRMh/
uGqdCka7Bp/37T/8v+v2jchIfOPx5FzVqw26iX9FnsUoNuDsWCaXsfs2qtzYYbWN
RTZTy7A4ZWPpR332rFXI17lKwc5HKUOK/+7TwvOfax5rTAGznr22kx200FJbQ8hQ
9xEWKiUNKulYEv/DwaP7CSybPsYNB7cbXcYEKqPaw91qHGQbLV7SuZMTrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtSOIhqifADMuuYU6ibDlaoa/AxMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYads2CGi
A3InotvWdl60NFjQGbdqmI8uxkWh+GQ+NLpvguMmfeGVG5zk3synRMrPogptoHDB
nIgYGL6rOHGZXCUnCeg988NdgoX909JNk7AH7PMtBcJz+AjWybkbhcOMXxBxBovZ
Po8V0StmJBYzX0O+bOHF54t6C3s5Fcw67PKcG7dMv0NS8VNXHaPCKUiiYGTSnNaw
buS8R7pdhjCnrUPAG5Y/hVMmXFBgYGm7Qd5QgKui1UfmNJChuVG+IBx9nMrrg3dS
1zAzjZK/Mm6GMfwiZWnlWt1/fqkEHr42GDpK4agSxdquGadUSPSSUc/Ym3pppmQT
gfC5LpknwcpXEA==
-----END CERTIFICATE-----