Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
File:                     iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft (raw, json)
Hash identifier:          t4HVDjyVRTISIz49pYbvZcRVT7WeYTiXnWsfiOPgxJI=
Subject key identifier:   0F:89:F8:F6:91:8A:E3:CD:C6:A5:1C:01:7D:11:51:B0:68:D4:D0:76
Authority key identifier: 89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0
Certificate issuer:       /CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
Certificate serial:       0199FDD8ED17BE1F7B24605A937BE08E0726
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
Manifest number:          1328
Signing time:             Sun 19 Oct 2025 19:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:16 +0000
Files and hashes:         1: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl (hash: D+d12saJsG69G4LPbwI3dBbc4IB7wivucfL2C84b90M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:ed:17:be:1f:7b:24:60:5a:93:7b:e0:8e:07:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
        Validity
            Not Before: Oct 19 19:01:16 2025 GMT
            Not After : Oct 20 19:01:16 2025 GMT
        Subject: CN=0f89f8f6918ae3cdc6a51c017d1151b068d4d076
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ba:c3:c3:5d:a3:7d:77:d4:40:fe:27:4f:a9:
                    e2:94:26:b7:df:8b:bb:4b:b6:00:9e:c2:8b:8d:47:
                    ab:9a:42:49:30:63:94:e3:00:2f:3f:5f:de:f9:f1:
                    d2:fe:e8:29:91:16:d7:b9:80:b2:c4:54:90:12:77:
                    dd:63:b0:a5:42:e5:fd:8f:37:a9:56:d3:16:43:dc:
                    49:69:1e:a5:aa:24:33:fb:a3:de:84:3e:9a:e1:55:
                    66:99:0d:60:ba:1b:f9:48:0b:16:e9:50:9f:2b:23:
                    9a:bd:7e:b4:e8:f2:03:81:50:71:11:03:bc:e0:7c:
                    6c:83:f6:f8:b6:b0:0a:e9:af:f8:49:54:f4:35:93:
                    34:31:cf:cf:da:f0:70:b6:26:82:1e:f3:94:51:be:
                    eb:c0:72:a1:31:dd:e9:ee:69:40:86:14:93:25:f0:
                    49:70:3e:1d:aa:de:7e:8e:94:76:b8:3e:f1:b9:62:
                    fe:21:ad:04:9a:44:cd:a0:45:69:b9:75:79:1b:c2:
                    51:7e:66:e9:0a:14:f0:3d:c9:ef:57:aa:6d:11:9b:
                    72:ee:c8:85:e0:2a:7f:b1:89:4e:38:59:3a:6e:2c:
                    45:42:d2:f6:ca:c7:fe:fe:7e:02:60:9f:5c:7b:ba:
                    13:7d:5a:e4:36:fc:2e:96:5c:d4:4e:3c:ab:7c:8f:
                    73:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:89:F8:F6:91:8A:E3:CD:C6:A5:1C:01:7D:11:51:B0:68:D4:D0:76
            X509v3 Authority Key Identifier:
                keyid:89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:e4:75:0c:53:25:97:8c:2d:f0:c0:70:fa:7f:74:27:2b:9f:
         41:78:ae:9a:76:7a:99:5c:be:b9:d0:1a:8b:ec:3f:c1:b5:bb:
         da:cd:23:33:39:e2:b1:95:1e:2e:0a:f3:65:9d:ef:a9:44:e8:
         04:9a:39:83:56:db:45:7a:4f:79:f2:44:28:32:53:79:4a:e8:
         99:41:07:38:f8:7f:1f:84:d8:8e:6f:8e:29:04:54:bc:61:29:
         a8:82:32:ec:69:ae:64:97:26:71:e8:aa:f7:4e:46:26:59:53:
         18:8a:ff:eb:2b:c1:26:80:30:19:64:06:f9:34:0e:37:34:26:
         f3:8c:fa:6a:b1:1a:fc:6e:a1:7e:14:c7:38:f3:e1:47:0f:13:
         0d:37:e8:32:1e:d0:c6:69:b4:da:cb:ac:0d:c4:6b:7a:22:f2:
         5a:9f:30:ac:ec:1a:fc:3d:1d:c2:0a:24:99:91:b3:bd:3f:6d:
         e6:d7:9b:79:32:ae:66:b5:9b:14:15:a9:76:d6:9c:0c:69:af:
         8d:2e:d4:5b:37:bd:00:63:78:66:05:2b:1c:bf:68:b5:52:0f:
         48:49:8e:d7:7f:3a:49:a3:4e:0c:e6:7c:1c:e7:59:69:90:12:
         86:c1:8c:9a:a5:8d:c6:8b:c4:09:31:a8:44:eb:89:21:80:78:
         0e:80:f0:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92O0Xvh97JGBak3vgjgcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MzZkZjRhYzJmNDY3ZWE2NmMxMTk3YTg2MjlkM2Y2NGJi
NTYzZjAwHhcNMjUxMDE5MTkwMTE2WhcNMjUxMDIwMTkwMTE2WjAzMTEwLwYDVQQD
EygwZjg5ZjhmNjkxOGFlM2NkYzZhNTFjMDE3ZDExNTFiMDY4ZDRkMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrrDw12jfXfUQP4nT6nilCa334u7
S7YAnsKLjUermkJJMGOU4wAvP1/e+fHS/ugpkRbXuYCyxFSQEnfdY7ClQuX9jzep
VtMWQ9xJaR6lqiQz+6PehD6a4VVmmQ1guhv5SAsW6VCfKyOavX606PIDgVBxEQO8
4Hxsg/b4trAK6a/4SVT0NZM0Mc/P2vBwtiaCHvOUUb7rwHKhMd3p7mlAhhSTJfBJ
cD4dqt5+jpR2uD7xuWL+Ia0EmkTNoEVpuXV5G8JRfmbpChTwPcnvV6ptEZty7siF
4Cp/sYlOOFk6bixFQtL2ysf+/n4CYJ9ce7oTfVrkNvwullzUTjyrfI9z9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+J+PaRiuPNxqUcAX0RUbBo1NB2MB8GA1UdIwQY
MBaAFIk230rC9GfqZsEZeoYp0/ZLtWPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQt
NGUyNzhkZDQ4YTNmLzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQtNGUyNzhkZDQ4YTNm
LzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgOR1DFMl
l4wt8MBw+n90JyufQXiumnZ6mVy+udAai+w/wbW72s0jMznisZUeLgrzZZ3vqUTo
BJo5g1bbRXpPefJEKDJTeUromUEHOPh/H4TYjm+OKQRUvGEpqIIy7GmuZJcmceiq
905GJllTGIr/6yvBJoAwGWQG+TQONzQm84z6arEa/G6hfhTHOPPhRw8TDTfoMh7Q
xmm02susDcRreiLyWp8wrOwa/D0dwgokmZGzvT9t5tebeTKuZrWbFBWpdtacDGmv
jS7UWze9AGN4ZgUrHL9otVIPSEmO1386SaNODOZ8HOdZaZAShsGMmqWNxovECTGo
ROuJIYB4DoDwqQ==
-----END CERTIFICATE-----