Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
File:                     G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json)
Hash identifier:          wY6n+lti+a+PzGnvyWZIfcVad+l0rT14s9nOFUz8rOU=
Subject key identifier:   F5:2A:88:D3:CA:84:D7:D5:A8:FE:C1:EE:A8:FE:24:04:5A:BD:EC:21
Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD
Certificate issuer:       /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
Certificate serial:       0199FBEB8164CC671B73B341D192449266F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
Manifest number:          0E7A
Signing time:             Sun 19 Oct 2025 10:02:19 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:19 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:19 +0000
Files and hashes:         1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: aDMCbW4CnoIjCh5Zc1wlpayPwZpwSdi+pwvv7+mbgWE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:81:64:cc:67:1b:73:b3:41:d1:92:44:92:66:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
        Validity
            Not Before: Oct 19 10:02:19 2025 GMT
            Not After : Oct 20 10:02:19 2025 GMT
        Subject: CN=f52a88d3ca84d7d5a8fec1eea8fe24045abdec21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:a3:ab:18:77:dd:3d:25:61:7e:23:69:1e:e3:
                    83:f9:05:d1:6e:30:cb:ff:9c:cb:97:da:1d:a0:27:
                    2a:ae:7c:a1:52:d4:77:6b:38:0c:6d:45:31:d4:94:
                    14:40:7f:fd:39:14:d1:2b:c3:cd:de:a9:0b:bf:c9:
                    8d:db:1a:3d:c9:46:01:c3:f7:7d:07:f8:93:b3:a8:
                    33:6d:06:f3:ea:d5:e8:94:6d:c3:8b:8b:a5:bb:05:
                    5f:f9:40:3f:ea:5c:28:f5:db:36:c6:17:3f:d7:6a:
                    fd:a1:b2:a5:d1:40:8a:6e:2d:0a:35:bc:19:82:fa:
                    9f:e3:cb:57:bf:ba:6c:ff:15:7d:99:58:17:5f:18:
                    22:38:5d:61:ac:32:84:31:fc:4e:80:23:c9:0b:0e:
                    33:26:40:20:66:d3:29:27:00:a3:36:f4:34:3e:d0:
                    26:48:e7:86:8a:83:85:08:ee:1f:66:90:70:46:57:
                    a0:1d:b0:c6:94:4c:52:2d:2e:b7:ad:9a:90:9a:78:
                    8e:00:56:32:aa:ec:1a:50:c7:56:c2:89:c6:1e:49:
                    a4:35:81:df:70:27:a7:e2:e3:db:85:22:ff:58:37:
                    b8:fa:77:60:37:f3:cf:1b:03:76:dd:cd:a0:89:ab:
                    ad:a0:50:63:1b:56:86:1b:b2:2b:b2:63:52:0c:a7:
                    53:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:2A:88:D3:CA:84:D7:D5:A8:FE:C1:EE:A8:FE:24:04:5A:BD:EC:21
            X509v3 Authority Key Identifier:
                keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:12:df:75:1e:f9:ac:d0:90:60:e5:0c:09:1b:8b:b8:d8:cd:
         de:c2:c4:0b:1f:48:b3:d2:4a:ea:f7:75:07:dc:6f:b1:1a:ef:
         7d:da:6b:a8:d2:04:33:f3:03:f6:1a:5f:9d:93:30:eb:dd:52:
         94:88:f9:b0:46:83:6c:6a:10:49:93:68:39:4e:b7:f5:e5:81:
         ac:60:34:ce:ca:41:6d:e6:cc:f2:c8:18:c3:5a:3a:78:30:82:
         11:6f:d3:27:8d:59:4a:0d:c2:bf:20:a5:36:7b:f2:b1:b0:98:
         34:65:0b:5c:06:ef:ee:ea:ea:c0:66:06:fa:e5:39:d0:bd:ef:
         44:29:cc:b4:03:4b:62:86:68:8b:b6:81:a3:2d:fb:ba:15:43:
         a8:ed:e8:3a:d1:8c:73:f4:11:f1:fc:18:73:84:29:49:03:96:
         30:45:92:01:7d:8d:7b:75:b4:1b:8f:51:07:27:fd:aa:27:f5:
         7e:fe:82:95:fa:f0:d2:60:7a:e7:7e:86:9b:d9:86:ba:77:e2:
         47:51:5f:00:a4:93:9c:52:1d:c5:1e:4a:ab:fc:eb:31:7d:71:
         66:70:39:46:74:59:29:b2:92:0a:01:12:1a:73:96:ad:71:65:
         4f:a3:0f:01:e4:08:a8:98:6f:fa:fb:15:19:c8:74:f7:13:f0:
         be:d4:79:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn764FkzGcbc7NB0ZJEkmb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh
NTZjYmQwHhcNMjUxMDE5MTAwMjE5WhcNMjUxMDIwMTAwMjE5WjAzMTEwLwYDVQQD
EyhmNTJhODhkM2NhODRkN2Q1YThmZWMxZWVhOGZlMjQwNDVhYmRlYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaOrGHfdPSVhfiNpHuOD+QXRbjDL
/5zLl9odoCcqrnyhUtR3azgMbUUx1JQUQH/9ORTRK8PN3qkLv8mN2xo9yUYBw/d9
B/iTs6gzbQbz6tXolG3Di4uluwVf+UA/6lwo9ds2xhc/12r9obKl0UCKbi0KNbwZ
gvqf48tXv7ps/xV9mVgXXxgiOF1hrDKEMfxOgCPJCw4zJkAgZtMpJwCjNvQ0PtAm
SOeGioOFCO4fZpBwRlegHbDGlExSLS63rZqQmniOAFYyquwaUMdWwonGHkmkNYHf
cCen4uPbhSL/WDe4+ndgN/PPGwN23c2giautoFBjG1aGG7IrsmNSDKdTgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUqiNPKhNfVqP7B7qj+JARavewhMB8GA1UdIwQY
MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt
MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx
LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkhLfdR75
rNCQYOUMCRuLuNjN3sLECx9Is9JK6vd1B9xvsRrvfdprqNIEM/MD9hpfnZMw691S
lIj5sEaDbGoQSZNoOU639eWBrGA0zspBbebM8sgYw1o6eDCCEW/TJ41ZSg3CvyCl
NnvysbCYNGULXAbv7urqwGYG+uU50L3vRCnMtANLYoZoi7aBoy37uhVDqO3oOtGM
c/QR8fwYc4QpSQOWMEWSAX2Ne3W0G49RByf9qif1fv6Clfrw0mB6536Gm9mGunfi
R1FfAKSTnFIdxR5Kq/zrMX1xZnA5RnRZKbKSCgESGnOWrXFlT6MPAeQIqJhv+vsV
Gch09xPwvtR50g==
-----END CERTIFICATE-----