Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          BAqAdHEie6d94eFm7XGMTk399wBGtKQjxPXmtu0coE0=
Subject key identifier:   03:D2:DE:83:31:0F:CE:C0:33:27:0B:37:15:41:DC:78:85:FC:73:93
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       0199FDD8B1BA271091089057FC7EB2E70BA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 19:01:00 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:00 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:00 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: QaqP2/hIuLZCGiFNTcQXnff9kEPc6UoLepVMiOdIzyY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:b1:ba:27:10:91:08:90:57:fc:7e:b2:e7:0b:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: Oct 19 19:01:00 2025 GMT
            Not After : Oct 20 19:01:00 2025 GMT
        Subject: CN=03d2de83310fcec033270b371541dc7885fc7393
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:15:1e:cc:19:c9:4a:9f:32:78:e1:31:c7:d4:
                    f4:4b:4d:9c:76:04:ef:04:51:1a:a7:05:3d:6a:09:
                    ef:a9:32:f2:0d:d4:b7:d0:e0:ea:d5:14:92:b4:dc:
                    e9:33:a1:3f:b9:8d:56:b2:d2:95:92:ad:25:b7:0c:
                    5f:66:20:ed:c0:79:59:72:24:2d:8d:59:48:a3:ec:
                    85:4a:99:8d:4a:d7:c3:08:19:bd:90:c5:c9:0f:34:
                    7e:39:3c:19:e2:24:83:12:ec:7c:90:d2:64:c8:42:
                    6d:43:95:42:15:7f:d0:54:dc:4d:15:23:ae:6e:04:
                    c0:40:3d:a9:35:b2:dd:6d:2c:51:1f:98:c5:38:56:
                    2a:bc:8a:eb:37:9d:71:81:5e:e1:bb:dc:6c:63:81:
                    2b:01:13:2b:6b:7d:a2:af:93:3e:54:20:35:4f:7f:
                    38:8d:b8:15:3b:93:fc:36:c2:dc:29:9e:23:99:25:
                    72:33:07:d8:63:72:de:d6:94:e2:08:ac:a8:82:7a:
                    ce:fa:1b:cc:70:a6:46:66:10:79:dc:f7:4c:82:65:
                    9f:35:d0:c1:cd:c9:60:ec:9f:53:b0:cf:65:ab:78:
                    41:bf:00:b5:32:24:47:b5:b4:e3:ea:70:06:2b:3d:
                    0b:24:22:fb:8f:e3:b8:c9:6b:42:52:85:7e:71:b5:
                    39:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:D2:DE:83:31:0F:CE:C0:33:27:0B:37:15:41:DC:78:85:FC:73:93
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:74:17:9d:70:3f:49:17:69:c3:a2:56:b0:09:80:8f:ae:93:
         02:a3:bb:05:94:c0:5b:03:45:bf:76:d7:60:ea:16:22:96:99:
         c0:7b:3d:c0:16:0c:cc:e6:0c:d4:c2:49:14:16:94:e1:e8:74:
         21:4e:f9:6a:4e:29:c5:f1:b9:33:dd:3f:0b:7d:e6:84:25:c4:
         18:f5:08:9f:10:94:95:9a:48:97:38:38:58:16:82:1f:72:75:
         c7:a9:0e:24:8d:cb:61:93:b3:a4:d1:c6:d1:6e:3f:07:0c:df:
         4b:e0:ab:5c:46:f7:a0:3f:38:7c:2f:f0:03:02:05:f6:99:9c:
         d4:4b:50:e1:ab:93:74:c8:70:c0:db:2a:44:10:b3:77:24:ef:
         c9:b5:21:c7:48:40:4a:11:ad:ef:91:07:6c:13:7d:17:bc:26:
         cc:df:b6:e5:d5:66:88:5e:13:93:c3:27:fa:8c:4c:8d:aa:d1:
         16:52:b0:99:7e:85:d0:f6:65:75:4a:bd:8a:8a:1f:5e:78:2b:
         fb:5c:3b:bf:fe:c2:f3:ac:9c:9f:45:4c:b7:2f:8e:08:c1:6f:
         eb:36:69:d5:be:6e:e6:b5:54:16:70:98:f0:2d:9e:83:90:01:
         51:f8:01:c8:58:30:d3:9e:d7:aa:cf:b2:dc:ae:14:6e:4c:8b:
         78:78:cf:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92LG6JxCRCJBX/H6y5wugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjUxMDE5MTkwMTAwWhcNMjUxMDIwMTkwMTAwWjAzMTEwLwYDVQQD
EygwM2QyZGU4MzMxMGZjZWMwMzMyNzBiMzcxNTQxZGM3ODg1ZmM3MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBUezBnJSp8yeOExx9T0S02cdgTv
BFEapwU9agnvqTLyDdS30ODq1RSStNzpM6E/uY1WstKVkq0ltwxfZiDtwHlZciQt
jVlIo+yFSpmNStfDCBm9kMXJDzR+OTwZ4iSDEux8kNJkyEJtQ5VCFX/QVNxNFSOu
bgTAQD2pNbLdbSxRH5jFOFYqvIrrN51xgV7hu9xsY4ErARMra32ir5M+VCA1T384
jbgVO5P8NsLcKZ4jmSVyMwfYY3Le1pTiCKyognrO+hvMcKZGZhB53PdMgmWfNdDB
zclg7J9TsM9lq3hBvwC1MiRHtbTj6nAGKz0LJCL7j+O4yWtCUoV+cbU5JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPS3oMxD87AMycLNxVB3HiF/HOTMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKHQXnXA/
SRdpw6JWsAmAj66TAqO7BZTAWwNFv3bXYOoWIpaZwHs9wBYMzOYM1MJJFBaU4eh0
IU75ak4pxfG5M90/C33mhCXEGPUInxCUlZpIlzg4WBaCH3J1x6kOJI3LYZOzpNHG
0W4/BwzfS+CrXEb3oD84fC/wAwIF9pmc1EtQ4auTdMhwwNsqRBCzdyTvybUhx0hA
ShGt75EHbBN9F7wmzN+25dVmiF4Tk8Mn+oxMjarRFlKwmX6F0PZldUq9ioofXngr
+1w7v/7C86ycn0VMty+OCMFv6zZp1b5u5rVUFnCY8C2eg5ABUfgByFgw057Xqs+y
3K4UbkyLeHjPBg==
-----END CERTIFICATE-----