Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
File:                     cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json)
Hash identifier:          BungXXOwgwzxCnWYrVUO+tXFF5PKnlGvafSZ7+MSFb0=
Subject key identifier:   FB:1C:B4:0F:E7:FB:02:5C:34:5A:4D:9B:BD:CF:B8:7F:9C:F1:ED:A1
Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4
Certificate issuer:       /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
Certificate serial:       0199FC59134957F0BF99AC8B935D2172EF6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 12:01:59 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:59 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:59 +0000
Files and hashes:         1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: +LpUlvRRHWkaqvhcfZhT6nnv8HihzQkVYpwr8p/FxKs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:59:13:49:57:f0:bf:99:ac:8b:93:5d:21:72:ef:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
        Validity
            Not Before: Oct 19 12:01:59 2025 GMT
            Not After : Oct 20 12:01:59 2025 GMT
        Subject: CN=fb1cb40fe7fb025c345a4d9bbdcfb87f9cf1eda1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:4e:ee:1b:b9:8f:f9:8c:aa:6c:34:65:92:f0:
                    46:11:3a:6f:18:8f:da:71:a8:e0:7f:10:a0:02:a4:
                    13:de:3f:e1:67:10:5e:05:25:68:ee:91:83:83:41:
                    0e:bd:16:03:f6:20:a8:ac:bd:a0:58:01:ad:5b:a1:
                    f0:f7:89:b6:20:c0:73:7f:c0:02:0a:af:5c:18:c0:
                    dd:09:e0:da:dd:2e:91:ff:b9:ba:8c:6b:50:53:42:
                    04:c3:fc:de:a2:35:26:c1:b5:6a:64:c7:28:e3:16:
                    7c:0c:8f:14:ca:ac:c9:23:1c:2c:16:c6:48:38:f3:
                    92:9c:f5:63:40:f8:69:74:85:95:0e:76:5e:c8:6a:
                    58:9d:6d:5f:c0:9a:75:cf:4f:6e:e5:a9:4a:7d:ca:
                    bd:ff:5c:e4:77:b4:63:d8:5e:e3:dd:de:4b:8d:95:
                    f0:93:41:00:8c:66:76:b6:1d:48:26:23:af:94:d7:
                    55:12:77:d7:1c:87:9a:d7:93:b8:ca:71:a3:a5:54:
                    e5:63:b7:74:5c:7e:8e:39:bb:2e:b1:c4:d9:93:98:
                    36:b4:78:12:2d:41:1c:06:b1:cf:92:6e:e0:7f:7e:
                    89:e7:e5:29:1e:15:b5:5d:31:55:dd:38:89:14:93:
                    b8:63:13:64:6d:07:c9:43:ef:73:ce:ac:7b:41:d7:
                    c5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:1C:B4:0F:E7:FB:02:5C:34:5A:4D:9B:BD:CF:B8:7F:9C:F1:ED:A1
            X509v3 Authority Key Identifier:
                keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:0a:d3:a6:3f:e5:9c:fc:e6:85:0b:c3:9b:f4:34:c5:a6:87:
         6f:41:51:38:71:e5:1c:d9:a7:ce:05:55:fc:c8:a2:4c:f4:e5:
         67:69:3c:ef:fb:89:0a:f4:10:97:d0:43:16:d4:ce:39:22:a4:
         18:3c:21:71:cf:f9:e4:6d:7c:07:59:1a:73:67:92:68:2b:84:
         81:e7:c0:15:36:06:13:09:d7:6b:7a:92:e9:28:fb:50:72:93:
         c7:c2:b8:a7:ed:6f:83:10:3e:96:ce:a1:4a:71:40:16:f2:6f:
         f0:10:fe:5c:71:87:5b:2e:8c:75:8f:fe:43:57:18:6b:be:22:
         72:6b:b6:99:70:85:72:eb:9c:98:10:25:25:93:79:08:89:e9:
         93:13:28:b8:e1:13:c4:dc:06:70:06:32:4c:8c:10:a6:a4:31:
         b1:7e:82:2c:2b:de:4c:6f:e2:4d:3f:40:14:ec:ea:ff:50:76:
         ce:e1:0b:77:11:ac:7e:41:e0:a2:35:0a:ab:d2:b7:21:77:c8:
         2a:7c:da:bf:e6:a8:c8:62:ef:e4:44:9f:29:0d:75:5f:d2:fb:
         3a:c6:5b:f2:b4:3b:c2:b9:35:19:79:86:b6:72:e7:0c:48:89:
         30:dd:82:e8:34:bc:05:e9:2f:de:d5:89:30:41:99:c4:79:88:
         40:71:5c:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WRNJV/C/mayLk10hcu9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1
ZWEyZjQwHhcNMjUxMDE5MTIwMTU5WhcNMjUxMDIwMTIwMTU5WjAzMTEwLwYDVQQD
EyhmYjFjYjQwZmU3ZmIwMjVjMzQ1YTRkOWJiZGNmYjg3ZjljZjFlZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk7uG7mP+YyqbDRlkvBGETpvGI/a
cajgfxCgAqQT3j/hZxBeBSVo7pGDg0EOvRYD9iCorL2gWAGtW6Hw94m2IMBzf8AC
Cq9cGMDdCeDa3S6R/7m6jGtQU0IEw/zeojUmwbVqZMco4xZ8DI8UyqzJIxwsFsZI
OPOSnPVjQPhpdIWVDnZeyGpYnW1fwJp1z09u5alKfcq9/1zkd7Rj2F7j3d5LjZXw
k0EAjGZ2th1IJiOvlNdVEnfXHIea15O4ynGjpVTlY7d0XH6OObsuscTZk5g2tHgS
LUEcBrHPkm7gf36J5+UpHhW1XTFV3TiJFJO4YxNkbQfJQ+9zzqx7QdfFAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsctA/n+wJcNFpNm73PuH+c8e2hMB8GA1UdIwQY
MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et
YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh
LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQrTpj/l
nPzmhQvDm/Q0xaaHb0FROHHlHNmnzgVV/MiiTPTlZ2k87/uJCvQQl9BDFtTOOSKk
GDwhcc/55G18B1kac2eSaCuEgefAFTYGEwnXa3qS6Sj7UHKTx8K4p+1vgxA+ls6h
SnFAFvJv8BD+XHGHWy6MdY/+Q1cYa74icmu2mXCFcuucmBAlJZN5CInpkxMouOET
xNwGcAYyTIwQpqQxsX6CLCveTG/iTT9AFOzq/1B2zuELdxGsfkHgojUKq9K3IXfI
Knzav+aoyGLv5ESfKQ11X9L7OsZb8rQ7wrk1GXmGtnLnDEiJMN2C6DS8Bekv3tWJ
MEGZxHmIQHFcrQ==
-----END CERTIFICATE-----