Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          W61fTdfOwOE+nEUW6YeHP4gPLH4r/U0HFZC3bmWZLqA=
Subject key identifier:   E9:F1:EB:D4:90:DF:01:11:3E:21:07:BC:BF:AA:79:E8:75:47:FC:DD
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       0199FC58B241E5BF44AAD38F58F1D4E73753
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          09B9
Signing time:             Sun 19 Oct 2025 12:01:35 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:35 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:35 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: +KVfesWTjtDqjMYzbljSrGU3rr0pYA3da5Y66gAWnFQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:b2:41:e5:bf:44:aa:d3:8f:58:f1:d4:e7:37:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Oct 19 12:01:35 2025 GMT
            Not After : Oct 20 12:01:35 2025 GMT
        Subject: CN=e9f1ebd490df01113e2107bcbfaa79e87547fcdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:a9:93:f3:6d:ac:40:8a:43:b6:57:86:e4:d8:
                    fc:57:4c:4c:fc:b6:ed:10:31:6b:a9:79:bf:4b:82:
                    46:35:f2:8c:32:dd:24:10:48:94:0a:03:a7:a2:23:
                    12:9e:99:a3:75:07:2a:12:3e:e0:28:1d:9c:f6:f3:
                    3b:c4:2d:cd:a3:75:fc:1f:65:48:21:20:7d:60:30:
                    bc:3f:11:2b:8b:f8:f4:30:74:a0:49:00:02:97:61:
                    d3:d7:56:7a:5b:a2:3d:eb:2e:c1:c3:b6:3d:c6:db:
                    09:e8:a3:6c:db:fd:d4:aa:d9:97:27:ef:cb:65:cf:
                    95:6b:6a:cf:ea:a1:15:94:5f:dc:4f:d1:70:95:66:
                    23:8a:5d:6a:df:fd:8a:6b:f1:7b:98:5c:f8:30:05:
                    2f:fe:d2:42:05:d2:11:ab:74:69:7a:93:72:07:49:
                    01:9c:1d:cd:25:04:73:47:ac:39:73:56:60:7e:94:
                    84:d3:42:7f:27:47:19:f8:ea:ba:94:2f:46:5d:75:
                    43:b3:cf:54:53:43:68:6a:01:e8:db:b0:35:d3:8a:
                    e5:6c:f5:83:e2:e0:6f:c6:31:52:98:91:a9:b6:3c:
                    92:ce:f1:e8:86:a7:03:47:99:63:f4:69:17:01:bd:
                    12:83:e6:82:8f:3b:82:6f:09:ac:0f:57:24:0e:68:
                    35:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:F1:EB:D4:90:DF:01:11:3E:21:07:BC:BF:AA:79:E8:75:47:FC:DD
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:0b:88:8e:96:32:ba:46:45:65:07:aa:78:9b:f6:79:4b:91:
         f3:b6:59:a4:01:d8:53:73:ce:9b:f2:5d:7b:d0:a1:85:b4:3e:
         16:73:e6:9c:2f:ee:a8:77:9a:f8:24:4f:8c:bf:69:fc:2f:c5:
         2c:54:d6:9b:61:f4:cf:2a:a4:1c:75:b6:52:72:18:13:92:f7:
         2e:60:43:b1:c7:c5:de:fc:92:5a:fe:16:34:c4:54:e5:ac:bc:
         06:49:7e:b5:b3:1d:1c:7c:80:40:9a:58:6e:c9:c0:db:10:ed:
         b9:36:97:f8:57:0e:f7:d8:8d:07:c7:9a:59:da:6c:11:45:c4:
         88:cb:fa:5b:89:13:08:55:d9:88:09:1b:ab:9b:1a:44:eb:bd:
         a3:a7:b6:ac:4a:c2:6b:d1:42:8c:a9:e5:ed:61:1d:4f:a6:80:
         21:cd:d9:4f:1e:22:f5:8f:c1:ea:c2:04:79:58:dd:95:c1:01:
         dc:f7:47:1f:e5:df:f1:6d:05:3f:66:ec:e4:06:df:60:b0:d5:
         62:ac:52:68:4f:0a:a3:eb:5e:a8:f2:5a:e0:5b:6a:8b:75:c4:
         de:83:1e:33:7e:aa:6e:96:a3:ba:d9:93:3c:c8:2e:61:3a:eb:
         9a:17:0b:13:a8:65:0f:a9:fd:9f:b6:1f:99:c3:e1:60:7f:40:
         93:b5:22:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WLJB5b9EqtOPWPHU5zdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjUxMDE5MTIwMTM1WhcNMjUxMDIwMTIwMTM1WjAzMTEwLwYDVQQD
EyhlOWYxZWJkNDkwZGYwMTExM2UyMTA3YmNiZmFhNzllODc1NDdmY2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqmT822sQIpDtleG5Nj8V0xM/Lbt
EDFrqXm/S4JGNfKMMt0kEEiUCgOnoiMSnpmjdQcqEj7gKB2c9vM7xC3No3X8H2VI
ISB9YDC8PxEri/j0MHSgSQACl2HT11Z6W6I96y7Bw7Y9xtsJ6KNs2/3UqtmXJ+/L
Zc+Va2rP6qEVlF/cT9FwlWYjil1q3/2Ka/F7mFz4MAUv/tJCBdIRq3RpepNyB0kB
nB3NJQRzR6w5c1ZgfpSE00J/J0cZ+Oq6lC9GXXVDs89UU0NoagHo27A104rlbPWD
4uBvxjFSmJGptjySzvHohqcDR5lj9GkXAb0Sg+aCjzuCbwmsD1ckDmg19QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnx69SQ3wERPiEHvL+qeeh1R/zdMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACQuIjpYy
ukZFZQeqeJv2eUuR87ZZpAHYU3POm/Jde9ChhbQ+FnPmnC/uqHea+CRPjL9p/C/F
LFTWm2H0zyqkHHW2UnIYE5L3LmBDscfF3vySWv4WNMRU5ay8Bkl+tbMdHHyAQJpY
bsnA2xDtuTaX+FcO99iNB8eaWdpsEUXEiMv6W4kTCFXZiAkbq5saROu9o6e2rErC
a9FCjKnl7WEdT6aAIc3ZTx4i9Y/B6sIEeVjdlcEB3PdHH+Xf8W0FP2bs5AbfYLDV
YqxSaE8Ko+teqPJa4Ftqi3XE3oMeM36qbpajutmTPMguYTrrmhcLE6hlD6n9n7Yf
mcPhYH9Ak7Ui6A==
-----END CERTIFICATE-----