Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          PKEiIoCqMn0GlvHNqru5l7/gXsFrbQ6wrFoXFZtWJ6o=
Subject key identifier:   FE:C4:00:4D:BA:85:58:AF:22:EF:1B:FD:92:10:86:8E:06:FF:EC:58
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       0199FBEB891C8AEC14980330F722CFB92393
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:21 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:21 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:21 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: J3L18WG6LoGrBRFDP1LKF4Hp3zO+PYk0MakXZ6HpqFs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:89:1c:8a:ec:14:98:03:30:f7:22:cf:b9:23:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Oct 19 10:02:21 2025 GMT
            Not After : Oct 20 10:02:21 2025 GMT
        Subject: CN=fec4004dba8558af22ef1bfd9210868e06ffec58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e1:2d:09:a1:6a:13:3e:80:8f:46:3c:93:03:
                    0d:76:9d:e9:47:43:0a:7f:c1:4c:4d:61:64:64:44:
                    5e:43:51:3d:f4:d9:45:4a:02:e2:8f:b5:05:8f:9d:
                    24:9e:bf:ab:d6:a9:b8:85:95:bc:6e:ef:91:44:3c:
                    7f:25:b0:77:5f:09:0e:b1:f9:18:d3:ea:d9:f6:a5:
                    5e:02:d0:df:1b:28:1c:06:18:83:fd:62:ac:33:07:
                    8c:a8:7b:58:67:fb:d9:e2:5d:e0:42:38:f8:c5:d0:
                    bf:94:d9:93:fb:eb:d2:5e:0a:25:24:b1:09:2d:46:
                    02:6d:39:04:d2:2a:42:6f:e1:89:40:12:5f:30:2c:
                    d8:4c:2c:15:76:8a:7d:e7:7e:41:ff:1d:22:e8:68:
                    e6:f7:20:af:97:07:52:45:fd:c5:95:ab:00:a5:5d:
                    56:6a:f3:10:d5:d7:1c:ad:e8:76:f1:c8:b4:8b:5d:
                    88:35:24:8e:91:99:f3:d7:16:91:74:3a:49:fa:f5:
                    97:3d:40:30:6d:21:8d:72:3a:31:82:cf:9b:90:06:
                    69:24:80:25:50:87:67:de:6c:51:aa:a2:89:50:a6:
                    41:c0:c8:12:b5:ca:d8:cc:b0:77:54:de:88:d2:01:
                    1f:a7:c9:32:f4:2c:e3:ae:0d:cd:82:9b:ea:e9:ab:
                    04:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:C4:00:4D:BA:85:58:AF:22:EF:1B:FD:92:10:86:8E:06:FF:EC:58
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:99:d1:4f:3d:ce:26:83:bd:ab:a8:dc:04:cc:14:21:cd:a4:
         97:16:75:cf:c2:e7:92:c5:dc:57:a5:1d:34:2e:79:62:b2:89:
         e4:84:79:6a:9d:1f:b0:d8:5d:ac:59:ec:c1:4b:82:6e:70:a4:
         ad:f5:07:59:58:68:4f:db:64:05:b9:f6:d8:b2:6c:a6:f6:d8:
         54:f3:b0:e1:8f:9f:ac:45:f2:c9:5e:0d:94:8b:6b:c3:c4:23:
         90:80:fb:c8:f4:ee:7a:e5:ad:e1:e5:80:4e:0e:3a:16:dd:a5:
         fa:b1:22:de:65:9c:b7:d5:c2:a8:82:7d:b1:c8:16:72:62:2b:
         41:ed:34:09:58:c5:a8:03:16:22:d6:8d:48:28:47:50:76:72:
         39:fe:78:49:31:38:b7:a2:61:52:2d:3b:dc:a7:fb:e3:33:87:
         ce:f0:9b:c2:4c:6c:fa:17:e9:49:75:2d:25:db:a7:9b:d5:de:
         13:43:8d:ad:9d:1c:f1:02:52:56:12:1c:ca:cf:de:41:03:9a:
         af:09:5a:95:fd:ce:32:51:62:f7:5b:2e:a9:2c:05:01:87:a5:
         3e:0c:84:3a:4b:e6:2b:e8:e1:10:22:c4:8b:e4:50:3f:70:be:
         4d:99:7e:fb:51:2a:23:a2:83:61:81:10:db:d0:6f:88:b6:da:
         10:7c:b2:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn764kciuwUmAMw9yLPuSOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjUxMDE5MTAwMjIxWhcNMjUxMDIwMTAwMjIxWjAzMTEwLwYDVQQD
EyhmZWM0MDA0ZGJhODU1OGFmMjJlZjFiZmQ5MjEwODY4ZTA2ZmZlYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquEtCaFqEz6Aj0Y8kwMNdp3pR0MK
f8FMTWFkZEReQ1E99NlFSgLij7UFj50knr+r1qm4hZW8bu+RRDx/JbB3XwkOsfkY
0+rZ9qVeAtDfGygcBhiD/WKsMweMqHtYZ/vZ4l3gQjj4xdC/lNmT++vSXgolJLEJ
LUYCbTkE0ipCb+GJQBJfMCzYTCwVdop9535B/x0i6Gjm9yCvlwdSRf3FlasApV1W
avMQ1dccreh28ci0i12INSSOkZnz1xaRdDpJ+vWXPUAwbSGNcjoxgs+bkAZpJIAl
UIdn3mxRqqKJUKZBwMgStcrYzLB3VN6I0gEfp8ky9Czjrg3Ngpvq6asEOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7EAE26hVivIu8b/ZIQho4G/+xYMB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpnRTz3O
JoO9q6jcBMwUIc2klxZ1z8LnksXcV6UdNC55YrKJ5IR5ap0fsNhdrFnswUuCbnCk
rfUHWVhoT9tkBbn22LJspvbYVPOw4Y+frEXyyV4NlItrw8QjkID7yPTueuWt4eWA
Tg46Ft2l+rEi3mWct9XCqIJ9scgWcmIrQe00CVjFqAMWItaNSChHUHZyOf54STE4
t6JhUi073Kf74zOHzvCbwkxs+hfpSXUtJdunm9XeE0ONrZ0c8QJSVhIcys/eQQOa
rwlalf3OMlFi91suqSwFAYelPgyEOkvmK+jhECLEi+RQP3C+TZl++1EqI6KDYYEQ
29BviLbaEHyyFQ==
-----END CERTIFICATE-----