Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.mft
File:                     Wy17v8Kblv03I3vOZ4bFO604D70.mft (raw, json)
Hash identifier:          +Falc22i/NG6RdGLsYfCgr61vm0e0md0TfvnrXPas18=
Subject key identifier:   98:87:A0:D2:BC:55:BC:CC:21:AB:16:64:82:03:00:FD:12:45:AA:C9
Authority key identifier: 5B:2D:7B:BF:C2:9B:96:FD:37:23:7B:CE:67:86:C5:3B:AD:38:0F:BD
Certificate issuer:       /CN=5b2d7bbfc29b96fd37237bce6786c53bad380fbd
Certificate serial:       0199FCC6C770E14CFAF4997B111DE821C47F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Wy17v8Kblv03I3vOZ4bFO604D70.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.mft
Manifest number:          02B4
Signing time:             Sun 19 Oct 2025 14:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:49 +0000
Files and hashes:         1: Wy17v8Kblv03I3vOZ4bFO604D70.crl (hash: wFYtlygUHET20zaETEMw18I59LNTboZOji5+0FiX4aQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Wy17v8Kblv03I3vOZ4bFO604D70.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:c7:70:e1:4c:fa:f4:99:7b:11:1d:e8:21:c4:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b2d7bbfc29b96fd37237bce6786c53bad380fbd
        Validity
            Not Before: Oct 19 14:01:49 2025 GMT
            Not After : Oct 20 14:01:49 2025 GMT
        Subject: CN=9887a0d2bc55bccc21ab1664820300fd1245aac9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:4d:54:f6:52:0c:e9:7e:a7:08:ed:b1:d3:5e:
                    93:30:4c:81:ac:dd:bc:b0:4a:cf:d8:b5:22:cf:4b:
                    a6:36:d5:13:5e:e2:c2:25:07:fe:7c:1f:64:60:5d:
                    76:36:4c:98:41:e3:94:1c:8e:0c:5d:ce:43:36:42:
                    0a:37:c9:fd:13:b2:b0:c2:9b:3b:f8:9e:f2:c9:f4:
                    09:84:cd:91:bc:99:75:ac:42:ac:86:4f:a4:99:43:
                    95:f6:9f:b3:2f:ba:c0:b2:11:7d:b1:03:de:9d:18:
                    de:db:aa:f8:f2:aa:bb:9f:0f:7e:b0:7d:5d:b2:3b:
                    b0:92:47:fa:3a:fa:98:13:f2:cf:9f:59:50:58:d5:
                    99:6b:bf:70:28:e3:f3:27:c1:e9:db:4c:e3:84:3d:
                    92:ef:31:f5:db:fa:0d:d8:e5:48:f2:48:33:3c:78:
                    38:29:4e:83:09:25:37:c0:76:b8:58:d5:a3:34:77:
                    2e:04:42:b1:9d:be:18:bb:d4:10:5c:c5:b1:70:08:
                    b9:15:23:53:65:03:d5:ab:64:55:f0:5d:79:b0:51:
                    35:6d:28:ae:b9:fc:4e:b8:41:47:64:23:6e:62:2b:
                    f7:95:60:b2:85:f4:3c:6c:b2:9a:5e:d2:73:09:00:
                    0a:d8:b7:d7:2e:4c:19:94:82:de:03:d1:13:2f:7f:
                    83:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:87:A0:D2:BC:55:BC:CC:21:AB:16:64:82:03:00:FD:12:45:AA:C9
            X509v3 Authority Key Identifier:
                keyid:5B:2D:7B:BF:C2:9B:96:FD:37:23:7B:CE:67:86:C5:3B:AD:38:0F:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy17v8Kblv03I3vOZ4bFO604D70.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:c1:f6:ae:5f:63:c5:85:e6:1b:dc:8c:b5:42:7a:cc:7b:5e:
         8a:55:2b:db:e6:16:d9:3c:d1:c9:74:88:3e:1d:b6:18:35:7e:
         d1:cb:c3:bc:8b:6a:4b:6b:57:c6:f9:5d:85:30:38:5d:f9:9a:
         c3:5b:a1:fc:fc:b2:bc:1f:53:7b:d2:f2:64:2f:04:ba:6e:a0:
         ee:85:e4:e4:6c:7e:c5:5e:57:c1:4c:0d:b2:0a:d1:8c:c0:b5:
         9a:36:36:e0:0f:85:f4:4a:98:43:fd:f2:9e:96:b2:af:d5:04:
         de:23:99:a5:22:75:47:47:8f:f4:96:b2:2a:b8:60:f9:8e:94:
         87:a3:4d:bf:7c:80:19:97:5a:ee:d5:d9:38:aa:70:86:b2:39:
         ff:96:47:c7:13:95:5c:d5:24:b5:7f:d9:c5:de:c0:a1:a6:0b:
         53:e2:be:d2:37:70:ae:b5:ec:e7:03:fb:11:5e:54:13:4b:7f:
         28:03:7c:e3:0e:13:70:22:54:59:c1:29:39:ca:73:df:28:b3:
         56:94:b2:cc:d7:68:95:e2:9e:fb:f0:e5:8d:a7:c7:2a:a7:64:
         2e:b5:06:c6:54:66:77:49:d5:b4:f8:e8:3d:4d:32:3d:86:d8:
         50:14:1e:c7:22:3d:b6:f1:46:23:7c:0f:8f:ec:c6:f6:ee:6f:
         7d:73:36:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xsdw4Uz69Jl7ER3oIcR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmQ3YmJmYzI5Yjk2ZmQzNzIzN2JjZTY3ODZjNTNiYWQz
ODBmYmQwHhcNMjUxMDE5MTQwMTQ5WhcNMjUxMDIwMTQwMTQ5WjAzMTEwLwYDVQQD
Eyg5ODg3YTBkMmJjNTViY2NjMjFhYjE2NjQ4MjAzMDBmZDEyNDVhYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk1U9lIM6X6nCO2x016TMEyBrN28
sErP2LUiz0umNtUTXuLCJQf+fB9kYF12NkyYQeOUHI4MXc5DNkIKN8n9E7Kwwps7
+J7yyfQJhM2RvJl1rEKshk+kmUOV9p+zL7rAshF9sQPenRje26r48qq7nw9+sH1d
sjuwkkf6OvqYE/LPn1lQWNWZa79wKOPzJ8Hp20zjhD2S7zH12/oN2OVI8kgzPHg4
KU6DCSU3wHa4WNWjNHcuBEKxnb4Yu9QQXMWxcAi5FSNTZQPVq2RV8F15sFE1bSiu
ufxOuEFHZCNuYiv3lWCyhfQ8bLKaXtJzCQAK2LfXLkwZlILeA9ETL3+DlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiHoNK8VbzMIasWZIIDAP0SRarJMB8GA1UdIwQY
MBaAFFste7/Cm5b9NyN7zmeGxTutOA+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kxN3Y4S2JsdjAzSTN2T1o0YkZPNjA0RDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hNTc4MDUtYTk3Zi00NDYyLWFlMzgt
ZDg2MTU2ZTYxYzQ3LzEvV3kxN3Y4S2JsdjAzSTN2T1o0YkZPNjA0RDcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hNTc4MDUtYTk3Zi00NDYyLWFlMzgtZDg2MTU2ZTYxYzQ3
LzEvV3kxN3Y4S2JsdjAzSTN2T1o0YkZPNjA0RDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv8H2rl9j
xYXmG9yMtUJ6zHteilUr2+YW2TzRyXSIPh22GDV+0cvDvItqS2tXxvldhTA4Xfma
w1uh/PyyvB9Te9LyZC8Eum6g7oXk5Gx+xV5XwUwNsgrRjMC1mjY24A+F9EqYQ/3y
npayr9UE3iOZpSJ1R0eP9JayKrhg+Y6Uh6NNv3yAGZda7tXZOKpwhrI5/5ZHxxOV
XNUktX/Zxd7AoaYLU+K+0jdwrrXs5wP7EV5UE0t/KAN84w4TcCJUWcEpOcpz3yiz
VpSyzNdoleKe+/DljafHKqdkLrUGxlRmd0nVtPjoPU0yPYbYUBQexyI9tvFGI3wP
j+zG9u5vfXM2qg==
-----END CERTIFICATE-----