Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.mft
File:                     moI9HNrrg3dfH7vV-frkGsXfFxk.mft (raw, json)
Hash identifier:          VX4D82z2QhLrJ3f12RykvqsIby2rGxxWagDAftXT5uQ=
Subject key identifier:   E4:FA:D8:C1:E2:A4:28:2C:7E:62:6C:FB:A2:88:E3:AA:D0:9F:84:16
Authority key identifier: 9A:82:3D:1C:DA:EB:83:77:5F:1F:BB:D5:F9:FA:E4:1A:C5:DF:17:19
Certificate issuer:       /CN=9a823d1cdaeb83775f1fbbd5f9fae41ac5df1719
Certificate serial:       0199FC5868311E1DE78F5886CEE10F939D55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/moI9HNrrg3dfH7vV-frkGsXfFxk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.mft
Manifest number:          071A
Signing time:             Sun 19 Oct 2025 12:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:16 +0000
Files and hashes:         1: moI9HNrrg3dfH7vV-frkGsXfFxk.crl (hash: MysPpgyp/+y5n2e9c/0PSxv3OdcURta5XPAR9+eFJlA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/moI9HNrrg3dfH7vV-frkGsXfFxk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:68:31:1e:1d:e7:8f:58:86:ce:e1:0f:93:9d:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a823d1cdaeb83775f1fbbd5f9fae41ac5df1719
        Validity
            Not Before: Oct 19 12:01:16 2025 GMT
            Not After : Oct 20 12:01:16 2025 GMT
        Subject: CN=e4fad8c1e2a4282c7e626cfba288e3aad09f8416
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c9:7e:80:81:5f:e4:3d:6b:d9:20:b4:8e:b5:
                    08:89:a0:55:47:b8:24:fe:0f:ac:fc:de:a2:8a:11:
                    26:9b:0f:27:e7:04:f2:a5:1c:e5:c7:e2:ce:da:48:
                    d9:85:c1:95:67:7a:03:df:27:e9:d7:0b:e2:8e:55:
                    25:b5:31:a5:36:5a:70:9d:c0:a1:1d:f5:9d:04:0b:
                    26:53:d0:f9:c7:4e:62:62:f8:ce:c6:96:95:02:06:
                    d9:93:48:79:40:e3:48:fb:44:fe:57:4a:e8:62:b5:
                    51:ea:46:7a:66:a2:be:b0:b6:8a:79:51:41:96:be:
                    73:23:ed:50:ee:62:6d:68:18:33:b3:9e:90:d7:08:
                    17:0f:4c:e2:c5:30:f0:36:ac:cd:52:5d:9f:ee:cd:
                    fd:79:fa:dc:4f:4d:b4:b8:38:e4:44:ff:6f:e6:39:
                    cf:b8:1a:1a:20:a8:b9:7d:65:4f:54:b4:fb:6d:66:
                    78:0c:db:5b:31:a9:74:55:70:87:66:0e:25:ba:21:
                    47:27:64:f7:35:18:ad:e0:99:5c:0a:bd:12:0f:7a:
                    27:bf:b5:50:73:53:96:97:1f:b9:9e:12:88:c1:ba:
                    f5:ba:2b:ed:e8:63:59:82:d6:57:62:3e:4d:1e:0a:
                    45:cc:9b:9c:58:01:8e:5d:9c:d6:97:4f:e4:00:38:
                    7a:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:FA:D8:C1:E2:A4:28:2C:7E:62:6C:FB:A2:88:E3:AA:D0:9F:84:16
            X509v3 Authority Key Identifier:
                keyid:9A:82:3D:1C:DA:EB:83:77:5F:1F:BB:D5:F9:FA:E4:1A:C5:DF:17:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/moI9HNrrg3dfH7vV-frkGsXfFxk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:96:34:f6:15:1e:40:95:39:50:a7:ea:8a:e3:8d:2a:c0:68:
         6b:a3:75:ff:cb:89:24:42:9f:98:7e:e4:94:1c:66:e5:e2:94:
         b2:55:f1:d8:bc:a9:87:58:65:4b:86:7e:47:17:85:b3:13:5b:
         60:f1:8d:c3:ea:03:b3:69:85:aa:1d:61:49:9d:e5:ff:51:52:
         0c:af:65:5d:f5:7d:e3:dc:f6:8a:21:b9:06:e6:8d:91:64:f5:
         ac:d4:1f:1f:a3:c8:2e:35:f5:e5:71:17:9c:30:cd:54:53:5f:
         fd:4c:ec:24:9c:a3:a4:8d:3e:c8:2e:77:f4:9f:ac:0c:2f:28:
         70:6e:0d:fe:d1:38:84:0a:66:71:c3:13:82:2d:81:af:44:ba:
         cf:ce:58:0a:2f:bd:33:90:02:06:c0:cb:08:e5:70:29:11:4d:
         a4:2e:32:ac:2e:d3:7e:ef:4b:47:e2:08:a6:bf:7b:00:2e:0e:
         74:f9:e1:00:09:e6:e2:59:6f:bb:38:5e:2c:b1:68:38:df:32:
         8a:8b:63:fd:1e:40:d8:bf:69:51:b9:03:84:fc:24:b3:ca:e5:
         ea:f0:d0:20:cb:e6:13:e4:25:f5:f2:91:31:84:a0:a8:7c:48:
         62:53:ce:5b:e7:15:ca:d7:a7:4e:59:49:7b:28:4b:f2:64:cf:
         57:71:b5:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WGgxHh3nj1iGzuEPk51VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhODIzZDFjZGFlYjgzNzc1ZjFmYmJkNWY5ZmFlNDFhYzVk
ZjE3MTkwHhcNMjUxMDE5MTIwMTE2WhcNMjUxMDIwMTIwMTE2WjAzMTEwLwYDVQQD
EyhlNGZhZDhjMWUyYTQyODJjN2U2MjZjZmJhMjg4ZTNhYWQwOWY4NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcl+gIFf5D1r2SC0jrUIiaBVR7gk
/g+s/N6iihEmmw8n5wTypRzlx+LO2kjZhcGVZ3oD3yfp1wvijlUltTGlNlpwncCh
HfWdBAsmU9D5x05iYvjOxpaVAgbZk0h5QONI+0T+V0roYrVR6kZ6ZqK+sLaKeVFB
lr5zI+1Q7mJtaBgzs56Q1wgXD0zixTDwNqzNUl2f7s39efrcT020uDjkRP9v5jnP
uBoaIKi5fWVPVLT7bWZ4DNtbMal0VXCHZg4luiFHJ2T3NRit4JlcCr0SD3onv7VQ
c1OWlx+5nhKIwbr1uivt6GNZgtZXYj5NHgpFzJucWAGOXZzWl0/kADh6cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOT62MHipCgsfmJs+6KI46rQn4QWMB8GA1UdIwQY
MBaAFJqCPRza64N3Xx+71fn65BrF3xcZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW9JOUhOcnJnM2RmSDd2Vi1mcmtHc1hmRnhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wYmYzYjItNGRjNC00ZTI1LTliOWIt
MDFmOWE3YjQ5NGRhLzEvbW9JOUhOcnJnM2RmSDd2Vi1mcmtHc1hmRnhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wYmYzYjItNGRjNC00ZTI1LTliOWItMDFmOWE3YjQ5NGRh
LzEvbW9JOUhOcnJnM2RmSDd2Vi1mcmtHc1hmRnhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQpY09hUe
QJU5UKfqiuONKsBoa6N1/8uJJEKfmH7klBxm5eKUslXx2Lyph1hlS4Z+RxeFsxNb
YPGNw+oDs2mFqh1hSZ3l/1FSDK9lXfV949z2iiG5BuaNkWT1rNQfH6PILjX15XEX
nDDNVFNf/UzsJJyjpI0+yC539J+sDC8ocG4N/tE4hApmccMTgi2Br0S6z85YCi+9
M5ACBsDLCOVwKRFNpC4yrC7Tfu9LR+IIpr97AC4OdPnhAAnm4llvuzheLLFoON8y
iotj/R5A2L9pUbkDhPwks8rl6vDQIMvmE+Ql9fKRMYSgqHxIYlPOW+cVytenTllJ
eyhL8mTPV3G1FQ==
-----END CERTIFICATE-----