Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
File:                     1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft (raw, json)
Hash identifier:          Egt0wmvqPIgRNd16qTYfQIdLE5RAFmw60BBKvrCscYE=
Subject key identifier:   30:2E:4B:08:72:7D:41:91:7B:C8:E9:67:F0:54:08:A4:DC:9E:BA:75
Authority key identifier: D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4
Certificate issuer:       /CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4
Certificate serial:       0199FF22E8F6E979966A4800809183C9D36D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
Manifest number:          0E2F
Signing time:             Mon 20 Oct 2025 01:01:41 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:41 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:41 +0000
Files and hashes:         1: 1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl (hash: XyPwkz1sZuP8ATjpsS3LQrFM8mm7PDwwdxeRC6jyFcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:e8:f6:e9:79:96:6a:48:00:80:91:83:c9:d3:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4
        Validity
            Not Before: Oct 20 01:01:41 2025 GMT
            Not After : Oct 21 01:01:41 2025 GMT
        Subject: CN=302e4b08727d41917bc8e967f05408a4dc9eba75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:29:98:05:9e:29:b1:6c:e1:2d:4b:30:4b:d0:
                    ec:02:f1:eb:81:00:fe:88:f8:18:5a:86:b0:36:88:
                    06:b7:15:d5:d5:f6:4c:46:f9:cb:09:f0:d5:08:12:
                    ea:a8:72:86:f1:91:41:6c:61:dd:9b:2a:19:b7:6f:
                    5a:46:e1:df:06:84:d4:ea:31:65:87:45:d6:6d:8c:
                    0d:8a:83:d3:e8:0a:ac:6f:58:3b:e2:4e:47:8d:ff:
                    89:03:09:1f:7e:87:63:84:8e:12:a8:38:8a:de:36:
                    fe:d4:42:09:37:d9:72:06:fa:7e:05:db:02:32:8c:
                    b2:a2:d0:fa:1a:76:cf:db:71:1d:24:c5:b6:16:d0:
                    c7:e6:cc:25:52:9e:74:11:f7:e7:07:6e:2a:b7:74:
                    51:22:44:69:ba:83:24:fd:f8:81:64:51:92:bf:02:
                    79:f2:5b:dc:3e:d3:18:89:04:ea:d9:93:0c:4c:9a:
                    4b:b0:ae:19:52:7a:d7:b4:dc:e5:29:e0:67:d4:db:
                    a7:c9:8a:43:79:96:38:73:ce:ab:59:f5:20:af:23:
                    c1:15:86:b4:7a:20:4d:e1:63:91:19:ab:93:1b:3f:
                    bb:77:b1:c6:ed:c8:4c:63:f6:ae:22:b6:f6:1a:3f:
                    84:d3:c4:de:a8:90:46:66:00:fb:ea:8d:b9:67:3c:
                    b5:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:2E:4B:08:72:7D:41:91:7B:C8:E9:67:F0:54:08:A4:DC:9E:BA:75
            X509v3 Authority Key Identifier:
                keyid:D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:91:cb:b9:5b:e3:1a:cc:41:2f:78:24:f5:49:5b:64:19:fa:
         7c:57:62:64:2b:2b:24:0a:77:64:96:78:bd:ce:5f:ba:d4:d2:
         09:7f:e1:fd:f3:60:f4:f4:36:e6:b8:59:21:0e:84:61:09:87:
         8a:17:8e:a3:2c:5f:34:46:51:9d:d8:28:63:01:7e:02:5c:01:
         0a:61:e1:30:c2:ba:68:72:57:cf:cb:b0:92:c4:1e:99:19:5c:
         66:8d:88:35:8d:22:4d:64:4b:6a:37:3f:92:77:43:e9:03:ee:
         78:51:2a:f7:39:dd:7a:79:38:90:d1:5c:42:6b:76:50:3a:3d:
         6d:c2:e2:d0:96:c1:53:89:7a:af:1c:b5:2d:24:27:76:19:af:
         a6:3f:a7:7d:7e:d6:32:9d:96:cb:35:ff:3c:ea:f3:70:67:e1:
         ae:59:37:fd:cb:0d:dc:8b:e3:4b:67:5e:13:e8:b7:1b:9f:e4:
         f7:b7:59:52:5f:22:6d:40:7c:2d:80:f0:ed:99:aa:42:12:74:
         58:19:fa:97:4c:5b:74:ca:65:0d:66:bb:68:66:e0:ce:3b:cd:
         43:49:95:27:f8:2d:82:de:36:1c:ea:0d:7b:70:d2:e2:4c:9b:
         1a:f3:01:fa:a9:e3:42:76:96:fc:9b:f0:1a:d7:04:ff:e3:c7:
         e7:79:04:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/Iuj26XmWakgAgJGDydNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2M2Y4ZTQyZmI4NDQyYTQ4YTdkNDdlZjRjMGI2ZTE0NzUx
NGJmYzQwHhcNMjUxMDIwMDEwMTQxWhcNMjUxMDIxMDEwMTQxWjAzMTEwLwYDVQQD
EygzMDJlNGIwODcyN2Q0MTkxN2JjOGU5NjdmMDU0MDhhNGRjOWViYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxymYBZ4psWzhLUswS9DsAvHrgQD+
iPgYWoawNogGtxXV1fZMRvnLCfDVCBLqqHKG8ZFBbGHdmyoZt29aRuHfBoTU6jFl
h0XWbYwNioPT6Aqsb1g74k5Hjf+JAwkffodjhI4SqDiK3jb+1EIJN9lyBvp+BdsC
MoyyotD6GnbP23EdJMW2FtDH5swlUp50EffnB24qt3RRIkRpuoMk/fiBZFGSvwJ5
8lvcPtMYiQTq2ZMMTJpLsK4ZUnrXtNzlKeBn1NunyYpDeZY4c86rWfUgryPBFYa0
eiBN4WORGauTGz+7d7HG7chMY/auIrb2Gj+E08TeqJBGZgD76o25Zzy1UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDAuSwhyfUGRe8jpZ/BUCKTcnrp1MB8GA1UdIwQY
MBaAFNY/jkL7hEKkin1H70wLbhR1FL/EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODct
MmVkN2E3MTVmOGQ3LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODctMmVkN2E3MTVmOGQ3
LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANZHLuVvj
GsxBL3gk9UlbZBn6fFdiZCsrJAp3ZJZ4vc5futTSCX/h/fNg9PQ25rhZIQ6EYQmH
iheOoyxfNEZRndgoYwF+AlwBCmHhMMK6aHJXz8uwksQemRlcZo2INY0iTWRLajc/
kndD6QPueFEq9zndenk4kNFcQmt2UDo9bcLi0JbBU4l6rxy1LSQndhmvpj+nfX7W
Mp2WyzX/POrzcGfhrlk3/csN3IvjS2deE+i3G5/k97dZUl8ibUB8LYDw7ZmqQhJ0
WBn6l0xbdMplDWa7aGbgzjvNQ0mVJ/gtgt42HOoNe3DS4kybGvMB+qnjQnaW/Jvw
GtcE/+PH53kE5w==
-----END CERTIFICATE-----