Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
File:                     MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft (raw, json)
Hash identifier:          OxucEUVGYXuW1h4B7TvzCPVIwyf6wzJZq70Tn8BFod4=
Subject key identifier:   7A:20:35:DE:2D:E9:43:2B:8E:87:C9:BC:D4:A5:7F:80:A6:4D:E5:F7
Authority key identifier: 32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1
Certificate issuer:       /CN=325052b7a678faa097dcbe6547170c9152b46cf1
Certificate serial:       0199FE46E4045AA6F92ACF57FB2EF063ACEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
Manifest number:          1672
Signing time:             Sun 19 Oct 2025 21:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:22 +0000
Files and hashes:         1: MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl (hash: 2Sra1ODGpS/Jd7kt9P005X1ARMpsPwOTmDy4MrHauCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:e4:04:5a:a6:f9:2a:cf:57:fb:2e:f0:63:ac:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=325052b7a678faa097dcbe6547170c9152b46cf1
        Validity
            Not Before: Oct 19 21:01:22 2025 GMT
            Not After : Oct 20 21:01:22 2025 GMT
        Subject: CN=7a2035de2de9432b8e87c9bcd4a57f80a64de5f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:63:1a:8f:a1:2c:93:77:a5:25:ee:17:b4:42:
                    5c:28:c8:57:11:f1:d0:31:5e:73:34:37:d4:16:bb:
                    61:b8:81:58:11:11:9c:fa:9f:fb:ff:4f:71:f6:dd:
                    95:f3:b9:c3:d2:7b:80:4b:8e:59:69:84:dc:b1:69:
                    92:1a:a5:2d:bb:ef:fc:42:85:91:fe:1f:1c:01:61:
                    e2:22:fa:ec:b4:4a:59:0f:40:d5:22:4d:ba:88:a5:
                    ac:29:33:74:d8:93:4a:1f:94:c1:97:74:58:eb:e1:
                    87:e4:29:07:33:e7:83:88:08:da:dc:dd:e7:63:da:
                    22:f1:f8:11:20:54:a0:8c:4a:09:f8:fd:44:b7:71:
                    4b:52:2e:dd:c0:39:af:11:61:04:c3:6a:d0:75:15:
                    b7:ab:38:21:c6:e9:b7:51:af:3b:86:f1:d6:9a:12:
                    db:76:2f:d9:25:f9:40:b7:c8:ff:b7:cc:6f:eb:80:
                    13:46:60:69:a0:ef:d5:ed:f3:9f:cc:c0:57:c5:00:
                    45:5f:c8:9e:d2:8a:d8:d7:aa:ab:09:fc:15:59:4d:
                    3e:fe:48:98:a3:5b:c3:40:f8:2c:ad:d7:10:73:30:
                    48:f7:50:7b:29:4d:08:e8:7c:94:69:c2:6f:5f:c5:
                    98:68:91:65:f1:cc:6f:db:18:47:40:3e:75:c9:30:
                    26:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:20:35:DE:2D:E9:43:2B:8E:87:C9:BC:D4:A5:7F:80:A6:4D:E5:F7
            X509v3 Authority Key Identifier:
                keyid:32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:15:25:d8:32:04:bc:4f:54:c9:f5:00:cc:60:10:a7:d3:89:
         75:db:b3:13:7b:9e:df:70:e8:66:9a:21:ef:5a:0b:eb:1d:f4:
         0b:5f:6b:5b:20:ad:5a:97:67:21:5c:5f:20:ca:cc:ce:51:47:
         a7:0b:d9:b0:96:ff:b4:08:09:07:07:a3:a9:0c:f2:fc:e8:34:
         72:6e:03:76:4f:d6:f5:45:6d:b8:3e:f8:1c:51:d9:08:79:55:
         38:f8:f4:9e:75:ce:f2:45:b8:d0:66:e2:4e:cb:eb:33:6e:ab:
         e8:00:f7:1c:56:fb:94:3b:b8:69:d2:62:9d:3b:63:23:4d:5b:
         a8:6b:1a:f8:c1:d0:d1:58:cb:59:f0:72:5d:c3:fc:e0:e4:4c:
         88:28:e2:b0:e3:37:85:b1:57:38:d8:f4:fc:3e:f8:70:2f:4a:
         50:f4:0c:61:4b:52:28:e1:72:c8:29:e5:1b:cc:12:16:82:33:
         a8:7b:2c:c1:de:75:70:c8:0f:74:12:cc:df:6f:f5:2f:77:c3:
         ca:14:fc:49:93:16:4c:30:77:02:4a:ee:19:f9:d9:59:97:36:
         48:60:cd:6e:31:0f:74:ac:05:84:9b:df:06:00:28:2a:59:1e:
         ae:4a:e5:74:bf:96:13:63:28:b9:9f:36:21:bf:85:c4:12:a5:
         b0:be:97:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RuQEWqb5Ks9X+y7wY6zsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA1MmI3YTY3OGZhYTA5N2RjYmU2NTQ3MTcwYzkxNTJi
NDZjZjEwHhcNMjUxMDE5MjEwMTIyWhcNMjUxMDIwMjEwMTIyWjAzMTEwLwYDVQQD
Eyg3YTIwMzVkZTJkZTk0MzJiOGU4N2M5YmNkNGE1N2Y4MGE2NGRlNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGMaj6Esk3elJe4XtEJcKMhXEfHQ
MV5zNDfUFrthuIFYERGc+p/7/09x9t2V87nD0nuAS45ZaYTcsWmSGqUtu+/8QoWR
/h8cAWHiIvrstEpZD0DVIk26iKWsKTN02JNKH5TBl3RY6+GH5CkHM+eDiAja3N3n
Y9oi8fgRIFSgjEoJ+P1Et3FLUi7dwDmvEWEEw2rQdRW3qzghxum3Ua87hvHWmhLb
di/ZJflAt8j/t8xv64ATRmBpoO/V7fOfzMBXxQBFX8ie0orY16qrCfwVWU0+/kiY
o1vDQPgsrdcQczBI91B7KU0I6HyUacJvX8WYaJFl8cxv2xhHQD51yTAmiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHogNd4t6UMrjofJvNSlf4CmTeX3MB8GA1UdIwQY
MBaAFDJQUremePqgl9y+ZUcXDJFStGzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUt
YmI2OTQ1YTE2ZmU3LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUtYmI2OTQ1YTE2ZmU3
LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANhUl2DIE
vE9UyfUAzGAQp9OJdduzE3ue33DoZpoh71oL6x30C19rWyCtWpdnIVxfIMrMzlFH
pwvZsJb/tAgJBwejqQzy/Og0cm4Ddk/W9UVtuD74HFHZCHlVOPj0nnXO8kW40Gbi
TsvrM26r6AD3HFb7lDu4adJinTtjI01bqGsa+MHQ0VjLWfByXcP84ORMiCjisOM3
hbFXONj0/D74cC9KUPQMYUtSKOFyyCnlG8wSFoIzqHsswd51cMgPdBLM32/1L3fD
yhT8SZMWTDB3AkruGfnZWZc2SGDNbjEPdKwFhJvfBgAoKlkerkrldL+WE2MouZ82
Ib+FxBKlsL6Xfg==
-----END CERTIFICATE-----