Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          W/XwzJwLvWcc3GikYvrl2j756rqOYph/oSDsjiZz4/k=
Subject key identifier:   16:F4:1C:68:9E:A9:3D:A4:C0:72:85:99:FE:EE:A3:29:C1:3D:03:FC
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       0199FD34249A5229025D27FC9A9C3D2CB707
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 16:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:16 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: wSuN43CefiKHRrYioHmsUObQ8cT0vFFoqZYK0riaOaU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 16:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:24:9a:52:29:02:5d:27:fc:9a:9c:3d:2c:b7:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Oct 19 16:01:16 2025 GMT
            Not After : Oct 20 16:01:16 2025 GMT
        Subject: CN=16f41c689ea93da4c0728599feeea329c13d03fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:7a:97:25:73:81:5c:09:fd:39:06:13:69:4d:
                    21:91:82:90:a1:dd:34:97:e7:f6:d9:64:e7:4a:a1:
                    d4:90:a3:dc:9e:22:09:3b:8b:9e:08:f6:b1:7c:75:
                    2d:c7:53:e0:f3:09:7f:1c:40:12:21:a0:93:ea:b3:
                    70:9e:32:95:25:95:47:d1:63:2e:25:4c:73:6a:96:
                    c7:53:e1:a0:44:32:6b:eb:6a:fd:16:b2:26:fc:6d:
                    1c:db:d5:86:60:24:03:cf:ff:75:b0:d8:8c:d0:ee:
                    ab:92:b4:e8:72:9c:15:74:5d:30:ba:7d:db:ab:e1:
                    52:9f:b6:92:83:d8:9b:5f:52:6e:a5:00:f4:0f:11:
                    94:ef:a0:9e:1c:57:17:e7:9e:4a:c6:fc:a0:f8:45:
                    56:4a:c3:e6:34:d1:d2:fa:4f:4d:62:a0:c3:e8:eb:
                    50:01:5d:e0:76:1b:8f:ad:58:71:16:c0:9b:f8:0c:
                    8d:bc:43:c5:1e:17:0b:c7:a8:a0:8f:f8:97:91:c6:
                    c6:fd:f9:56:b0:3c:c4:2d:53:80:e0:7e:90:84:68:
                    32:43:c6:94:23:42:3d:7c:3e:16:a4:b7:ca:1e:76:
                    4b:ff:64:e1:5a:d2:eb:3c:b4:5c:e8:bb:27:3f:89:
                    e7:41:ba:bf:7d:de:1a:8d:d7:3b:99:31:2c:de:06:
                    11:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:F4:1C:68:9E:A9:3D:A4:C0:72:85:99:FE:EE:A3:29:C1:3D:03:FC
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:af:d5:47:7d:e3:f1:c5:d7:6b:b6:2f:b7:26:0f:f4:0c:fe:
         32:34:cc:9f:9f:b3:58:e0:ee:ce:2c:67:c4:9b:be:6c:8d:82:
         8d:af:a1:b5:46:29:da:21:d1:0d:d8:d2:c0:7c:f2:d6:6a:41:
         66:a0:2c:37:51:b3:d7:ec:4d:62:03:07:d6:15:ca:01:1e:f2:
         fd:04:c3:22:49:ce:f1:f5:27:ea:e5:fc:bd:75:7a:0f:4f:bb:
         6d:dd:44:2a:f8:4b:0d:ad:e1:0a:77:96:6f:1e:52:48:7d:70:
         94:a2:25:1d:92:15:6c:f5:c8:fe:1b:dc:93:e3:f7:eb:58:2d:
         72:05:8e:bb:f2:d1:77:67:2a:4a:f4:c1:0a:16:48:ab:cf:0d:
         15:9f:32:c9:85:d5:0c:2b:b8:47:ed:f5:d5:93:f5:40:e8:62:
         2e:9a:0e:c3:39:38:76:96:09:45:31:bc:a3:03:43:e3:f8:9e:
         47:b0:60:b2:8d:8d:c2:bc:e2:6b:d4:6c:9c:7a:85:c8:b3:88:
         31:39:4b:21:d0:61:ad:4f:c7:ba:76:d7:64:fe:91:5f:8c:17:
         37:cd:ba:7a:7f:0e:41:78:71:99:a8:f5:2e:a1:88:d6:63:44:
         4a:2d:0e:fa:80:19:1f:9a:51:7c:ae:3d:37:1f:4a:e5:1a:ca:
         01:f7:0c:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NCSaUikCXSf8mpw9LLcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjUxMDE5MTYwMTE2WhcNMjUxMDIwMTYwMTE2WjAzMTEwLwYDVQQD
EygxNmY0MWM2ODllYTkzZGE0YzA3Mjg1OTlmZWVlYTMyOWMxM2QwM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXqXJXOBXAn9OQYTaU0hkYKQod00
l+f22WTnSqHUkKPcniIJO4ueCPaxfHUtx1Pg8wl/HEASIaCT6rNwnjKVJZVH0WMu
JUxzapbHU+GgRDJr62r9FrIm/G0c29WGYCQDz/91sNiM0O6rkrTocpwVdF0wun3b
q+FSn7aSg9ibX1JupQD0DxGU76CeHFcX555Kxvyg+EVWSsPmNNHS+k9NYqDD6OtQ
AV3gdhuPrVhxFsCb+AyNvEPFHhcLx6igj/iXkcbG/flWsDzELVOA4H6QhGgyQ8aU
I0I9fD4WpLfKHnZL/2ThWtLrPLRc6LsnP4nnQbq/fd4ajdc7mTEs3gYR3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBb0HGieqT2kwHKFmf7uoynBPQP8MB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj6/VR33j
8cXXa7YvtyYP9Az+MjTMn5+zWODuzixnxJu+bI2Cja+htUYp2iHRDdjSwHzy1mpB
ZqAsN1Gz1+xNYgMH1hXKAR7y/QTDIknO8fUn6uX8vXV6D0+7bd1EKvhLDa3hCneW
bx5SSH1wlKIlHZIVbPXI/hvck+P361gtcgWOu/LRd2cqSvTBChZIq88NFZ8yyYXV
DCu4R+311ZP1QOhiLpoOwzk4dpYJRTG8owND4/ieR7Bgso2Nwrzia9RsnHqFyLOI
MTlLIdBhrU/HunbXZP6RX4wXN826en8OQXhxmaj1LqGI1mNESi0O+oAZH5pRfK49
Nx9K5RrKAfcM9g==
-----END CERTIFICATE-----