Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          wBx0z9SFCauoeYwFzgIVbBmcbknvyYd7c9k1sWCR3Eo=
Subject key identifier:   F1:82:8F:00:D8:EB:84:F9:AE:0D:71:6C:92:77:68:89:21:EB:A6:D0
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       0199FBEB601BD1B58AA53E1A652AF27D4F9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:10 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:10 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:10 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: knGat4xuYWzVpnrfxOQ0s5d7kAOyttjFYtNvFZZveGg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:60:1b:d1:b5:8a:a5:3e:1a:65:2a:f2:7d:4f:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: Oct 19 10:02:10 2025 GMT
            Not After : Oct 20 10:02:10 2025 GMT
        Subject: CN=f1828f00d8eb84f9ae0d716c9277688921eba6d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:d0:27:5c:dc:fc:62:ff:5a:d5:7c:a9:53:69:
                    98:af:16:de:0c:af:9f:a8:42:dc:d7:83:fd:44:c1:
                    80:e3:52:54:59:e8:51:5c:b6:66:5e:7a:0e:9e:18:
                    5b:a4:14:61:b4:50:1b:8c:ab:eb:e8:af:25:71:fa:
                    d1:58:c7:90:d2:04:23:07:9a:2d:f6:49:6d:7c:c5:
                    58:b7:46:e6:e7:0d:1a:63:bd:6a:a1:0b:62:3b:7d:
                    d4:e5:2f:1c:27:63:e4:ce:30:bf:dd:bf:d3:7e:da:
                    59:8b:6d:8e:0e:ed:c2:8e:e5:84:28:c6:a4:68:89:
                    b2:0c:2f:9c:47:52:49:0a:7a:21:23:2f:a5:fd:63:
                    cd:d5:e2:9a:53:7e:fa:38:89:d5:7e:24:ee:9c:9e:
                    fa:f9:51:3e:5f:2e:a0:53:27:5a:1b:bb:95:03:62:
                    d2:02:2e:10:31:ec:c7:11:98:4c:8c:9b:ab:e4:f8:
                    26:1a:41:5a:3e:c0:59:96:33:a3:24:b1:98:01:9b:
                    e8:10:57:2f:6d:dd:60:ca:3e:cc:eb:e8:64:22:19:
                    91:10:9b:cf:81:77:c4:7c:7b:43:34:de:0a:77:71:
                    bf:f1:b4:02:f6:71:94:a7:a7:22:b3:21:50:73:2b:
                    bf:04:bc:13:01:82:f7:5a:11:4e:a3:72:10:1e:35:
                    b4:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:82:8F:00:D8:EB:84:F9:AE:0D:71:6C:92:77:68:89:21:EB:A6:D0
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:6b:b7:61:8a:6a:4c:e8:f2:d2:c2:7e:90:7c:6a:04:12:48:
         b4:e8:9c:82:af:d4:03:52:2f:36:f3:b7:bb:d4:96:15:28:54:
         96:76:48:b3:eb:66:18:ed:c6:27:32:42:26:a7:00:ad:42:05:
         5e:8f:d5:93:6b:1c:8a:1d:cb:6c:c1:66:28:ec:35:e2:b6:f9:
         c1:da:23:e7:cd:bb:4a:e7:f0:5a:b0:b6:49:75:3a:37:66:ef:
         8e:d3:b4:76:4a:12:5d:af:78:a4:81:b4:0e:9e:06:64:e4:ad:
         2f:75:3b:07:62:db:d4:36:bc:6e:81:d2:21:32:45:96:a2:b0:
         fa:b7:bc:14:a0:a0:9f:ef:ea:b2:dd:8b:36:e7:6b:4a:15:f1:
         27:a0:a3:b7:72:20:60:59:53:9b:f0:e4:01:d6:bd:bf:7c:d3:
         6f:d3:09:ae:46:31:ea:29:5c:d1:80:1f:1b:42:c3:4e:cb:0d:
         fb:66:f7:eb:37:dd:9a:97:4f:46:f1:43:b2:7f:d9:c0:41:c0:
         97:69:f4:e9:c3:ce:8f:89:53:7d:54:1f:58:ac:89:d0:47:42:
         49:c8:06:cd:22:f7:5d:83:b8:c8:3e:e9:d7:3d:70:aa:e2:97:
         f4:af:4c:c7:02:b5:e3:9e:f4:59:08:5d:82:75:a7:a8:2d:5f:
         f1:77:91:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn762Ab0bWKpT4aZSryfU+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjUxMDE5MTAwMjEwWhcNMjUxMDIwMTAwMjEwWjAzMTEwLwYDVQQD
EyhmMTgyOGYwMGQ4ZWI4NGY5YWUwZDcxNmM5Mjc3Njg4OTIxZWJhNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+9AnXNz8Yv9a1XypU2mYrxbeDK+f
qELc14P9RMGA41JUWehRXLZmXnoOnhhbpBRhtFAbjKvr6K8lcfrRWMeQ0gQjB5ot
9kltfMVYt0bm5w0aY71qoQtiO33U5S8cJ2PkzjC/3b/TftpZi22ODu3CjuWEKMak
aImyDC+cR1JJCnohIy+l/WPN1eKaU376OInVfiTunJ76+VE+Xy6gUydaG7uVA2LS
Ai4QMezHEZhMjJur5PgmGkFaPsBZljOjJLGYAZvoEFcvbd1gyj7M6+hkIhmREJvP
gXfEfHtDNN4Kd3G/8bQC9nGUp6cisyFQcyu/BLwTAYL3WhFOo3IQHjW0xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGCjwDY64T5rg1xbJJ3aIkh66bQMB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF2u3YYpq
TOjy0sJ+kHxqBBJItOicgq/UA1IvNvO3u9SWFShUlnZIs+tmGO3GJzJCJqcArUIF
Xo/Vk2scih3LbMFmKOw14rb5wdoj5827SufwWrC2SXU6N2bvjtO0dkoSXa94pIG0
Dp4GZOStL3U7B2Lb1Da8boHSITJFlqKw+re8FKCgn+/qst2LNudrShXxJ6Cjt3Ig
YFlTm/DkAda9v3zTb9MJrkYx6ilc0YAfG0LDTssN+2b36zfdmpdPRvFDsn/ZwEHA
l2n06cPOj4lTfVQfWKyJ0EdCScgGzSL3XYO4yD7p1z1wquKX9K9MxwK14570WQhd
gnWnqC1f8XeRuw==
-----END CERTIFICATE-----