Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          eyW0H3JQx8J5WTUwU+BWYxN6+/MfTsGCnQYMhpvD3Vo=
Subject key identifier:   78:F3:85:0B:38:85:AE:10:D7:0A:E9:0D:4B:4C:C7:5F:D7:70:67:93
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       0199FCC60C4C8E71379CF120A532023F2D01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          0409
Signing time:             Sun 19 Oct 2025 14:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:01 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: 58VGtRK+DzbuEHO4CZDGdSmLmJiIY+w5Jr2GhnElWW8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:0c:4c:8e:71:37:9c:f1:20:a5:32:02:3f:2d:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Oct 19 14:01:01 2025 GMT
            Not After : Oct 20 14:01:01 2025 GMT
        Subject: CN=78f3850b3885ae10d70ae90d4b4cc75fd7706793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:32:f6:54:af:dd:20:60:c4:37:96:24:1b:0c:
                    78:62:c4:5b:fb:da:10:56:71:c4:cf:2e:67:2e:02:
                    37:9b:bc:5e:e9:fb:76:86:f2:24:bf:87:47:5c:d6:
                    dc:99:65:25:4c:a8:fa:bf:66:52:fb:59:65:61:a6:
                    d2:8e:e4:bd:0b:fd:65:d4:c8:e1:0b:3c:62:97:41:
                    f3:b6:80:79:03:0f:5a:ec:8b:f8:00:9d:0e:af:5a:
                    1e:e1:fb:5d:ac:95:3c:34:4f:0c:d5:e0:8f:0b:5a:
                    01:19:ac:b2:b0:29:bb:97:19:31:81:86:c0:eb:df:
                    5b:73:13:57:f7:49:9e:ef:73:0c:b8:25:7e:e9:98:
                    c2:a4:2b:0d:e3:f5:7d:2c:e2:29:54:03:8a:c5:b9:
                    f7:ec:f4:62:b2:c1:95:e2:5d:3d:00:f0:32:19:7b:
                    dd:84:3c:56:bb:b3:0d:67:07:5e:a2:91:0e:93:44:
                    54:aa:02:4b:7a:f8:90:e5:45:24:e8:af:00:57:8a:
                    05:10:87:07:92:28:ef:d3:b4:66:38:69:39:d2:65:
                    72:f9:b4:90:28:c9:9b:f8:c2:1f:c3:2d:22:30:3f:
                    e6:79:fe:e5:cb:4c:8b:4e:37:90:fd:a5:94:7d:a8:
                    72:36:70:94:68:17:db:11:c8:fb:5e:de:b6:e0:9d:
                    bf:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:F3:85:0B:38:85:AE:10:D7:0A:E9:0D:4B:4C:C7:5F:D7:70:67:93
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:c7:b5:85:a9:83:e8:ad:3d:47:7a:b4:55:fd:07:f4:13:33:
         70:77:2f:18:1b:9e:16:3d:d5:7f:c6:b6:c1:85:70:25:95:9a:
         e2:07:cc:a6:d9:1a:5b:36:cf:29:f6:87:26:b7:d7:46:93:8a:
         84:a3:3c:a8:e0:40:7a:4b:af:46:4d:62:68:1e:a2:47:09:a4:
         2f:59:c6:a6:9c:40:f2:8c:db:eb:17:82:3c:4c:f2:37:90:d1:
         66:dd:fb:e4:c8:47:8c:58:a5:79:52:05:49:00:6d:b1:ff:8b:
         a7:3d:3b:22:0e:f5:1b:e4:ec:e6:b3:17:e3:bb:5d:6d:45:84:
         52:ef:1c:fc:87:eb:1e:c5:52:d4:6d:27:19:36:02:43:89:c8:
         5b:d6:a0:17:34:8a:8b:d9:c1:00:7c:c0:66:fe:c9:a5:40:95:
         e2:69:f2:3b:a3:b7:d1:a5:5a:3b:9d:6c:a5:5a:26:88:3f:3d:
         34:2d:18:1b:10:fc:81:22:06:72:66:0d:dc:99:48:92:3f:60:
         5c:d4:6e:c8:e8:5d:aa:b8:47:5c:df:2a:c6:9f:92:e0:37:c5:
         bc:23:6c:70:88:cb:e1:ac:46:74:d1:1c:50:ec:4b:61:26:78:
         0d:da:c5:a6:c6:23:21:44:82:51:ea:6e:c4:a1:cf:6f:0e:d4:
         24:7a:74:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xgxMjnE3nPEgpTICPy0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjUxMDE5MTQwMTAxWhcNMjUxMDIwMTQwMTAxWjAzMTEwLwYDVQQD
Eyg3OGYzODUwYjM4ODVhZTEwZDcwYWU5MGQ0YjRjYzc1ZmQ3NzA2NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTL2VK/dIGDEN5YkGwx4YsRb+9oQ
VnHEzy5nLgI3m7xe6ft2hvIkv4dHXNbcmWUlTKj6v2ZS+1llYabSjuS9C/1l1Mjh
Czxil0HztoB5Aw9a7Iv4AJ0Or1oe4ftdrJU8NE8M1eCPC1oBGayysCm7lxkxgYbA
699bcxNX90me73MMuCV+6ZjCpCsN4/V9LOIpVAOKxbn37PRissGV4l09APAyGXvd
hDxWu7MNZwdeopEOk0RUqgJLeviQ5UUk6K8AV4oFEIcHkijv07RmOGk50mVy+bSQ
KMmb+MIfwy0iMD/mef7ly0yLTjeQ/aWUfahyNnCUaBfbEcj7Xt624J2/vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjzhQs4ha4Q1wrpDUtMx1/XcGeTMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxMe1hamD
6K09R3q0Vf0H9BMzcHcvGBueFj3Vf8a2wYVwJZWa4gfMptkaWzbPKfaHJrfXRpOK
hKM8qOBAekuvRk1iaB6iRwmkL1nGppxA8ozb6xeCPEzyN5DRZt375MhHjFileVIF
SQBtsf+Lpz07Ig71G+Ts5rMX47tdbUWEUu8c/IfrHsVS1G0nGTYCQ4nIW9agFzSK
i9nBAHzAZv7JpUCV4mnyO6O30aVaO51spVomiD89NC0YGxD8gSIGcmYN3JlIkj9g
XNRuyOhdqrhHXN8qxp+S4DfFvCNscIjL4axGdNEcUOxLYSZ4DdrFpsYjIUSCUepu
xKHPbw7UJHp0Ww==
-----END CERTIFICATE-----