Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
File:                     l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json)
Hash identifier:          7tvKY2BsJHlWM/BKWaAGKYdbjd/0S6TzL+D/TsJY5y8=
Subject key identifier:   13:83:66:09:CF:B6:04:88:08:BC:D8:8F:D3:6B:D3:6F:20:CC:51:57
Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8
Certificate issuer:       /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
Certificate serial:       0199FC58CBD67B2EB976A483FFCA3CDC7092
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
Manifest number:          16DD
Signing time:             Sun 19 Oct 2025 12:01:41 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:41 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:41 +0000
Files and hashes:         1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: Ppngyv0y3iKsmQM7wBh7nvkcckB0W7reJR7u9qsAj74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:cb:d6:7b:2e:b9:76:a4:83:ff:ca:3c:dc:70:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
        Validity
            Not Before: Oct 19 12:01:41 2025 GMT
            Not After : Oct 20 12:01:41 2025 GMT
        Subject: CN=13836609cfb6048808bcd88fd36bd36f20cc5157
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:3b:9f:27:f2:f4:a8:69:e4:f4:40:ed:af:1b:
                    a9:20:d4:12:83:30:ce:40:d0:ca:d9:1e:54:99:41:
                    8d:8f:d7:28:20:ae:21:c1:fb:16:cf:9a:31:08:2d:
                    16:1a:18:e4:85:0f:5a:64:0c:c8:30:97:e7:d5:b9:
                    be:e3:7e:af:2d:dd:29:b6:75:f1:a1:a0:89:e4:e3:
                    5d:f7:62:66:37:67:cb:db:f4:37:64:60:69:08:0f:
                    3f:ee:1d:3d:11:24:67:01:e0:f7:c9:77:5e:d1:65:
                    7a:81:7b:d6:55:bd:8e:51:56:11:bf:41:3b:bd:e9:
                    71:17:4c:a4:f4:0a:c8:5b:e3:68:97:cf:b3:cf:78:
                    0c:b3:c3:58:68:ff:d0:24:f6:78:56:8b:5d:bc:9b:
                    53:65:06:4d:06:ef:80:43:20:26:b0:17:be:34:19:
                    95:ff:25:ce:b2:ae:29:59:56:0a:38:73:c5:fb:3c:
                    65:57:8d:1e:ee:f0:b2:aa:ed:d6:80:af:93:4b:ac:
                    e7:19:2a:fb:b4:7c:d5:b0:0e:b2:0b:1a:d5:bf:27:
                    86:86:7a:95:fc:da:24:19:33:fb:17:d6:c4:5d:cf:
                    e4:a8:87:d7:72:cf:3e:ad:52:79:5d:13:05:dd:a3:
                    23:a0:5e:9b:c9:3f:6f:10:e9:0a:b5:5d:95:da:f4:
                    3d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:83:66:09:CF:B6:04:88:08:BC:D8:8F:D3:6B:D3:6F:20:CC:51:57
            X509v3 Authority Key Identifier:
                keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:60:ca:aa:18:d2:50:06:b9:4e:4d:6b:88:52:99:a2:a1:60:
         35:dd:49:87:53:67:91:d0:80:25:b4:31:8b:7b:3f:99:37:92:
         6e:89:e4:74:ff:7a:e8:ca:46:e9:37:6a:71:3e:fe:e5:5c:c2:
         4e:27:68:4b:3a:ed:3e:af:cb:59:71:53:4d:04:6a:64:aa:be:
         4d:23:40:f6:52:cb:f6:93:5e:ad:9e:48:23:e3:7e:0b:57:5f:
         ab:3e:73:a7:81:c0:d3:24:b2:cc:c0:c9:15:f5:f1:67:5c:8e:
         73:5f:04:5e:c8:11:84:be:63:3e:de:29:aa:ba:02:2a:c6:ca:
         6b:04:33:dc:7a:61:c9:6f:cc:ec:67:eb:56:2f:a8:b3:48:7d:
         6c:4b:ab:c0:ec:8d:3e:1e:46:36:62:f3:31:15:4b:8b:03:51:
         c5:84:aa:e2:50:bd:00:66:fb:ba:eb:0c:9b:c5:b2:25:e5:35:
         5a:ec:87:1a:6e:26:a4:83:10:e6:b9:a6:9d:f9:31:cb:ab:64:
         3a:26:2f:9c:b8:3f:4b:34:4c:b4:2b:84:78:18:37:fe:1b:41:
         67:b0:9d:86:ff:bb:bc:37:58:0d:f5:9e:e5:06:b9:96:9e:d3:
         7d:fb:66:84:3d:92:78:96:ce:dc:cf:0e:c2:41:83:1f:67:ad:
         d5:a7:99:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WMvWey65dqSD/8o83HCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5
OTQ5YjgwHhcNMjUxMDE5MTIwMTQxWhcNMjUxMDIwMTIwMTQxWjAzMTEwLwYDVQQD
EygxMzgzNjYwOWNmYjYwNDg4MDhiY2Q4OGZkMzZiZDM2ZjIwY2M1MTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzufJ/L0qGnk9EDtrxupINQSgzDO
QNDK2R5UmUGNj9coIK4hwfsWz5oxCC0WGhjkhQ9aZAzIMJfn1bm+436vLd0ptnXx
oaCJ5ONd92JmN2fL2/Q3ZGBpCA8/7h09ESRnAeD3yXde0WV6gXvWVb2OUVYRv0E7
velxF0yk9ArIW+Nol8+zz3gMs8NYaP/QJPZ4VotdvJtTZQZNBu+AQyAmsBe+NBmV
/yXOsq4pWVYKOHPF+zxlV40e7vCyqu3WgK+TS6znGSr7tHzVsA6yCxrVvyeGhnqV
/NokGTP7F9bEXc/kqIfXcs8+rVJ5XRMF3aMjoF6byT9vEOkKtV2V2vQ9QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBODZgnPtgSICLzYj9Nr028gzFFXMB8GA1UdIwQY
MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt
YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw
LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn2DKqhjS
UAa5Tk1riFKZoqFgNd1Jh1NnkdCAJbQxi3s/mTeSbonkdP966MpG6TdqcT7+5VzC
TidoSzrtPq/LWXFTTQRqZKq+TSNA9lLL9pNerZ5II+N+C1dfqz5zp4HA0ySyzMDJ
FfXxZ1yOc18EXsgRhL5jPt4pqroCKsbKawQz3HphyW/M7GfrVi+os0h9bEurwOyN
Ph5GNmLzMRVLiwNRxYSq4lC9AGb7uusMm8WyJeU1WuyHGm4mpIMQ5rmmnfkxy6tk
OiYvnLg/SzRMtCuEeBg3/htBZ7Cdhv+7vDdYDfWe5Qa5lp7TfftmhD2SeJbO3M8O
wkGDH2et1aeZlQ==
-----END CERTIFICATE-----