Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
File:                     FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft (raw, json)
Hash identifier:          Tn1KZ8W3W+hQo+TiAYjNJvOX2RTty8c9ItWOHuwhwMc=
Subject key identifier:   5B:8F:D8:BA:2A:3B:D9:6D:4D:2E:46:79:06:82:EB:24:A0:DE:78:27
Authority key identifier: 14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A
Certificate issuer:       /CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
Certificate serial:       0199FBEB422DAE9A0F9D3E2BF941C7A87BEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
Manifest number:          0A03
Signing time:             Sun 19 Oct 2025 10:02:03 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:03 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:03 +0000
Files and hashes:         1: FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl (hash: I4Zb5yELjaHcj1dyMdLGuWI6Q1L6wvlsMO4CQ9yKc+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:42:2d:ae:9a:0f:9d:3e:2b:f9:41:c7:a8:7b:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
        Validity
            Not Before: Oct 19 10:02:03 2025 GMT
            Not After : Oct 20 10:02:03 2025 GMT
        Subject: CN=5b8fd8ba2a3bd96d4d2e46790682eb24a0de7827
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:73:1b:f5:77:5e:fe:80:cf:48:58:8b:3b:ac:
                    d3:3a:e2:cc:1c:5a:12:69:fc:87:63:e3:f9:bb:d5:
                    28:43:3d:ce:46:6c:2c:fc:ef:5d:25:99:e0:8a:2e:
                    9a:5a:69:7c:24:21:c2:b8:d6:62:50:44:3f:02:c0:
                    cf:ab:ee:0a:48:02:55:41:01:35:01:9c:88:2b:ba:
                    bf:56:4b:42:ed:be:15:b9:c3:4a:72:39:ec:dc:d9:
                    80:cc:a9:31:aa:7a:b9:48:b6:8e:f6:55:8d:7b:3b:
                    d9:14:8c:fa:c8:6c:84:fd:9d:9f:d3:12:b5:8e:97:
                    0b:b8:72:21:be:f9:ff:e5:b0:92:3c:1a:fd:d7:e3:
                    c7:60:16:4d:c6:84:ac:8f:35:04:58:f6:5f:57:e5:
                    03:16:db:4a:4a:9e:54:d5:ba:69:44:4a:e8:40:a8:
                    06:f9:93:d5:fd:62:2b:e7:ab:a2:b7:8c:b0:59:32:
                    09:4b:a7:b3:99:b7:42:cf:84:9e:60:ed:d4:b2:8a:
                    0d:ac:a1:e2:a6:29:0f:e2:0f:dd:cc:47:05:d4:31:
                    e2:5b:ba:fe:cb:f1:10:b6:42:34:57:4d:ca:32:b4:
                    c9:a9:be:01:50:c9:87:fa:4f:54:12:57:10:06:78:
                    78:30:71:30:17:ce:25:7b:9e:ec:af:87:9a:2e:13:
                    e8:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:8F:D8:BA:2A:3B:D9:6D:4D:2E:46:79:06:82:EB:24:A0:DE:78:27
            X509v3 Authority Key Identifier:
                keyid:14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:ba:a6:47:13:10:0c:e6:fb:e5:89:96:ea:43:24:29:4b:0c:
         51:25:11:0e:71:7a:33:11:20:e4:05:36:01:3d:58:29:7e:c1:
         52:4a:e5:47:9c:22:e4:2d:c9:d5:19:74:f5:c9:6b:df:a7:37:
         f9:eb:38:06:2a:93:64:f5:2a:d0:ea:cb:b5:21:d2:f3:4a:74:
         a3:e2:ac:d0:7d:99:c7:41:d8:36:f5:67:42:51:ae:cc:3d:51:
         09:ba:06:23:32:87:fe:bd:b4:18:dd:ee:ee:99:ca:20:e2:36:
         68:17:0e:ad:b5:72:5e:7c:7e:54:74:a5:f3:67:1d:db:1f:fc:
         7f:dc:af:38:e4:d5:e4:20:98:c6:e6:38:97:6a:6f:97:d4:db:
         84:6f:64:43:f4:b5:d3:83:1c:c6:82:af:6e:ad:7f:5b:ab:f5:
         2b:70:39:01:3d:c1:ad:29:4c:da:69:03:f5:15:b9:d3:eb:5d:
         43:f7:9e:e8:19:de:4b:43:cd:40:b0:60:9c:7e:b6:9f:4e:09:
         a2:23:e9:9c:b5:63:50:d9:24:29:0a:88:ac:b5:85:b8:fc:f6:
         96:fe:f1:fb:3e:16:fb:2f:09:bd:b3:cc:e4:84:6b:c9:ea:79:
         a5:f8:3d:0a:c5:27:2b:bc:99:27:bc:91:32:6c:aa:be:d1:e3:
         84:73:56:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn760ItrpoPnT4r+UHHqHvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzczNTI1OWZkYjdiODNmMjc3YWRmMTJkMDhjYzk4YjVh
NjEwMGEwHhcNMjUxMDE5MTAwMjAzWhcNMjUxMDIwMTAwMjAzWjAzMTEwLwYDVQQD
Eyg1YjhmZDhiYTJhM2JkOTZkNGQyZTQ2NzkwNjgyZWIyNGEwZGU3ODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHMb9Xde/oDPSFiLO6zTOuLMHFoS
afyHY+P5u9UoQz3ORmws/O9dJZngii6aWml8JCHCuNZiUEQ/AsDPq+4KSAJVQQE1
AZyIK7q/VktC7b4VucNKcjns3NmAzKkxqnq5SLaO9lWNezvZFIz6yGyE/Z2f0xK1
jpcLuHIhvvn/5bCSPBr91+PHYBZNxoSsjzUEWPZfV+UDFttKSp5U1bppREroQKgG
+ZPV/WIr56uit4ywWTIJS6ezmbdCz4SeYO3UsooNrKHipikP4g/dzEcF1DHiW7r+
y/EQtkI0V03KMrTJqb4BUMmH+k9UElcQBnh4MHEwF84le57sr4eaLhPomQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFuP2LoqO9ltTS5GeQaC6ySg3ngnMB8GA1UdIwQY
MBaAFBTHNSWf23uD8net8S0IzJi1phAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWIt
ZGJlYWY3ODQ4MTdhLzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWItZGJlYWY3ODQ4MTdh
LzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaLqmRxMQ
DOb75YmW6kMkKUsMUSURDnF6MxEg5AU2AT1YKX7BUkrlR5wi5C3J1Rl09clr36c3
+es4BiqTZPUq0OrLtSHS80p0o+Ks0H2Zx0HYNvVnQlGuzD1RCboGIzKH/r20GN3u
7pnKIOI2aBcOrbVyXnx+VHSl82cd2x/8f9yvOOTV5CCYxuY4l2pvl9TbhG9kQ/S1
04McxoKvbq1/W6v1K3A5AT3BrSlM2mkD9RW50+tdQ/ee6BneS0PNQLBgnH62n04J
oiPpnLVjUNkkKQqIrLWFuPz2lv7x+z4W+y8JvbPM5IRryep5pfg9CsUnK7yZJ7yR
MmyqvtHjhHNWMQ==
-----END CERTIFICATE-----