Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
File:                     cfxj7vZnTya1A6gwpd-pU9L_qr4.mft (raw, json)
Hash identifier:          tPRnfeuTRrLomqnTBAEd8vfMHNtA6ZzAY2AHqKfPWPM=
Subject key identifier:   24:DF:3F:DE:03:35:BF:95:F9:84:18:54:AF:2B:AE:57:60:40:74:79
Authority key identifier: 71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE
Certificate issuer:       /CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
Certificate serial:       0199FC215456B942AD0FDC37F6ADA94B5713
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
Manifest number:          154A
Signing time:             Sun 19 Oct 2025 11:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:06 +0000
Files and hashes:         1: cfxj7vZnTya1A6gwpd-pU9L_qr4.crl (hash: YHqv4qph4WQYoLU+b2fI8YE1n61N4WzN40lVmvo6uPY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:54:56:b9:42:ad:0f:dc:37:f6:ad:a9:4b:57:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
        Validity
            Not Before: Oct 19 11:01:06 2025 GMT
            Not After : Oct 20 11:01:06 2025 GMT
        Subject: CN=24df3fde0335bf95f9841854af2bae5760407479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:45:bf:ae:01:9a:e9:51:1c:e9:2f:32:63:51:
                    17:e8:c7:12:69:c6:b9:74:55:3a:1c:ad:86:31:42:
                    98:ed:1a:2a:44:9c:56:ef:8e:78:64:06:59:fe:c4:
                    bf:29:af:b8:b6:30:5e:22:56:e8:6a:6c:d3:d1:c1:
                    a2:79:f0:6e:a6:42:79:d3:cb:f3:09:a7:e0:56:1f:
                    9f:ff:70:89:aa:74:17:0f:f3:ca:a7:44:43:e8:c7:
                    b8:6d:44:62:a4:29:f9:26:b4:21:18:90:f7:b4:33:
                    56:ac:8e:eb:f7:ea:32:21:10:45:1a:d2:03:fe:85:
                    34:5e:11:4d:6a:ac:20:b2:bb:19:ca:7a:d8:1f:0d:
                    8d:c6:e2:97:9c:4a:7a:29:ae:82:0f:b0:20:1b:f1:
                    86:ce:5d:30:b5:95:1a:f2:be:a2:55:50:67:ba:e3:
                    e9:23:86:2e:5d:6e:cb:ae:fa:2d:56:d4:f9:59:8d:
                    c6:dc:3a:96:73:0a:10:af:63:de:e0:87:06:25:5a:
                    27:06:92:64:99:c8:5b:ae:5b:8f:fb:16:6b:4a:45:
                    e4:12:da:2c:d7:c3:19:a8:d4:90:21:3b:4f:e0:f2:
                    d1:38:97:99:fd:d2:85:16:19:ed:22:5b:15:df:fd:
                    bf:05:b0:15:29:ef:62:26:02:ad:2b:3a:63:2f:6d:
                    02:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:DF:3F:DE:03:35:BF:95:F9:84:18:54:AF:2B:AE:57:60:40:74:79
            X509v3 Authority Key Identifier:
                keyid:71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:d2:a1:d1:c7:6c:fc:dd:95:bd:c4:4f:a4:67:16:80:ea:d3:
         b1:72:d0:e3:06:56:73:d2:c5:9c:c9:b8:55:ce:36:f7:6d:e9:
         73:d3:20:b2:b5:34:63:d7:06:b2:7f:cf:56:67:e8:ba:03:1b:
         7e:ba:44:c8:6a:9b:40:80:ad:a0:26:41:33:89:a2:ef:82:7c:
         d4:af:71:12:cb:ae:f3:7b:54:d0:8e:37:10:82:f3:8c:de:86:
         52:01:63:79:83:74:0b:9b:15:14:7c:f1:14:fa:5b:26:f3:40:
         e1:8a:25:ae:96:c2:84:11:bd:66:30:18:e0:5c:4b:bd:00:fe:
         18:c3:1d:01:24:d5:28:8b:b1:b9:11:3e:5c:8a:0c:ef:a7:06:
         e4:ee:25:c9:60:82:94:4c:68:e8:bc:fe:21:7f:be:c1:85:15:
         33:29:d5:b8:23:14:44:4e:bf:16:45:d6:b0:3d:55:60:d5:c1:
         15:dd:d8:93:65:d5:9b:e7:71:b6:82:f6:cc:24:71:6d:f8:00:
         ab:b3:a5:ad:58:84:b2:c0:4e:6e:07:32:e6:27:21:4f:66:b9:
         81:c4:e9:6c:ac:d8:e3:41:8f:f7:bd:7b:36:59:96:4b:90:b0:
         4d:f9:c4:b9:d3:d0:13:78:dc:5d:2c:81:cb:a5:22:28:1d:65:
         80:9b:a8:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IVRWuUKtD9w39q2pS1cTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZmM2M2VlZjY2NzRmMjZiNTAzYTgzMGE1ZGZhOTUzZDJm
ZmFhYmUwHhcNMjUxMDE5MTEwMTA2WhcNMjUxMDIwMTEwMTA2WjAzMTEwLwYDVQQD
EygyNGRmM2ZkZTAzMzViZjk1Zjk4NDE4NTRhZjJiYWU1NzYwNDA3NDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEW/rgGa6VEc6S8yY1EX6McSaca5
dFU6HK2GMUKY7RoqRJxW7454ZAZZ/sS/Ka+4tjBeIlboamzT0cGiefBupkJ508vz
CafgVh+f/3CJqnQXD/PKp0RD6Me4bURipCn5JrQhGJD3tDNWrI7r9+oyIRBFGtID
/oU0XhFNaqwgsrsZynrYHw2NxuKXnEp6Ka6CD7AgG/GGzl0wtZUa8r6iVVBnuuPp
I4YuXW7LrvotVtT5WY3G3DqWcwoQr2Pe4IcGJVonBpJkmchbrluP+xZrSkXkEtos
18MZqNSQITtP4PLROJeZ/dKFFhntIlsV3/2/BbAVKe9iJgKtKzpjL20CqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTfP94DNb+V+YQYVK8rrldgQHR5MB8GA1UdIwQY
MBaAFHH8Y+72Z08mtQOoMKXfqVPS/6q+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTct
ZDQxODI0OGU1NzI4LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTctZDQxODI0OGU1NzI4
LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdNKh0cds
/N2VvcRPpGcWgOrTsXLQ4wZWc9LFnMm4Vc42923pc9MgsrU0Y9cGsn/PVmfougMb
frpEyGqbQICtoCZBM4mi74J81K9xEsuu83tU0I43EILzjN6GUgFjeYN0C5sVFHzx
FPpbJvNA4YolrpbChBG9ZjAY4FxLvQD+GMMdASTVKIuxuRE+XIoM76cG5O4lyWCC
lExo6Lz+IX++wYUVMynVuCMURE6/FkXWsD1VYNXBFd3Yk2XVm+dxtoL2zCRxbfgA
q7OlrViEssBObgcy5ichT2a5gcTpbKzY40GP9717NlmWS5CwTfnEudPQE3jcXSyB
y6UiKB1lgJuokw==
-----END CERTIFICATE-----