Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          c9+aHI66+fOqqbM7DMPHVlkv9+iRbENHNXtoV97eCcY=
Subject key identifier:   78:93:47:0F:9F:AF:12:21:72:87:6F:95:9F:BB:4C:02:C9:58:86:C8
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       0199FC58F0E8CEECD1A1DAF570DC1DD82BA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          06AB
Signing time:             Sun 19 Oct 2025 12:01:51 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:51 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:51 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: cCwEZAg1K7BPKJfi8UC24CkRk9qCz7t5Fi1eOfLQyGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:f0:e8:ce:ec:d1:a1:da:f5:70:dc:1d:d8:2b:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Oct 19 12:01:51 2025 GMT
            Not After : Oct 20 12:01:51 2025 GMT
        Subject: CN=7893470f9faf122172876f959fbb4c02c95886c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:5a:78:2e:70:78:9c:03:af:a7:aa:57:57:29:
                    ce:b3:a3:5b:e4:ab:f1:09:10:21:07:85:ca:75:ac:
                    85:b8:94:f3:3b:e2:1b:08:27:df:d1:32:ac:7d:86:
                    8c:03:7c:7d:f8:59:8e:45:2d:84:9d:c2:b4:46:be:
                    a5:0b:ba:5a:52:27:f5:45:fb:30:49:96:17:81:14:
                    27:66:6c:f2:8d:1c:08:48:ce:95:f8:e2:10:26:07:
                    d8:db:22:f8:d2:7a:4a:9f:d5:0e:f6:53:97:86:b1:
                    ca:e9:53:cb:18:df:cf:4d:ce:ad:de:90:12:3f:47:
                    a3:a7:4d:98:97:d2:67:7a:1a:6b:62:13:db:fb:fd:
                    0e:05:a7:c0:c9:86:4b:a1:0a:91:6c:e9:31:f1:03:
                    d1:e7:d9:c5:74:e4:b2:1f:cb:5b:fd:4d:9f:1f:61:
                    88:b3:a1:6c:6a:20:1c:2a:6b:b2:9a:c4:73:23:52:
                    7e:77:b5:7b:c7:2e:e8:39:eb:99:ac:66:ec:1a:b4:
                    ab:66:c2:77:46:f1:36:3c:79:2c:e3:42:1a:4e:31:
                    58:11:77:c2:9b:a9:54:d0:5a:d4:a9:51:d4:b1:f0:
                    fe:3a:d1:97:05:79:b0:60:98:35:d2:8a:1f:73:bf:
                    51:8d:cc:8d:b8:8b:cd:bc:23:56:04:96:78:7d:38:
                    80:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:93:47:0F:9F:AF:12:21:72:87:6F:95:9F:BB:4C:02:C9:58:86:C8
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:97:a1:94:e2:a9:c5:37:3d:22:b3:64:ac:18:ee:1d:9a:44:
         5c:ea:52:f8:d9:95:4b:63:a2:50:ca:b2:29:cc:73:9d:db:00:
         4a:f2:49:d0:dd:6f:ca:2a:c3:6c:7b:61:77:54:13:73:2f:d5:
         74:5c:1c:32:37:70:1c:62:b7:a1:16:ad:68:55:f8:e3:7b:22:
         60:70:6e:51:48:b4:70:30:dd:c7:66:72:c0:8e:55:fd:16:62:
         f1:df:09:08:91:cb:98:52:5f:8d:4d:d3:25:7b:fc:a6:3a:d9:
         0d:02:4d:4d:3e:5f:0d:30:c4:fd:87:10:d9:1e:91:89:3e:23:
         6a:1b:77:78:66:8d:d6:53:01:90:86:97:f7:3b:ad:e6:c5:fa:
         21:3c:b4:ff:95:15:ee:b3:82:c0:ee:1c:b8:11:1f:a6:5e:29:
         6b:d7:12:23:cf:a6:f0:3d:a4:21:f6:46:61:b2:3b:25:06:4f:
         13:c8:ab:bf:dc:e0:a1:12:b8:e2:cd:a5:dc:a1:10:76:a1:34:
         40:6d:14:ca:77:3c:15:fe:99:9c:6f:72:70:c9:c4:0b:d6:ec:
         27:0d:a7:e7:b7:b4:80:2d:05:dc:b3:0d:f8:59:60:4f:01:fb:
         81:cb:2b:92:18:2f:c3:00:ab:75:77:f7:9c:2e:c7:de:53:86:
         86:74:29:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WPDozuzRodr1cNwd2CujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjUxMDE5MTIwMTUxWhcNMjUxMDIwMTIwMTUxWjAzMTEwLwYDVQQD
Eyg3ODkzNDcwZjlmYWYxMjIxNzI4NzZmOTU5ZmJiNGMwMmM5NTg4NmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1p4LnB4nAOvp6pXVynOs6Nb5Kvx
CRAhB4XKdayFuJTzO+IbCCff0TKsfYaMA3x9+FmORS2EncK0Rr6lC7paUif1Rfsw
SZYXgRQnZmzyjRwISM6V+OIQJgfY2yL40npKn9UO9lOXhrHK6VPLGN/PTc6t3pAS
P0ejp02Yl9JnehprYhPb+/0OBafAyYZLoQqRbOkx8QPR59nFdOSyH8tb/U2fH2GI
s6FsaiAcKmuymsRzI1J+d7V7xy7oOeuZrGbsGrSrZsJ3RvE2PHks40IaTjFYEXfC
m6lU0FrUqVHUsfD+OtGXBXmwYJg10oofc79RjcyNuIvNvCNWBJZ4fTiABQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiTRw+frxIhcodvlZ+7TALJWIbIMB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwZehlOKp
xTc9IrNkrBjuHZpEXOpS+NmVS2OiUMqyKcxzndsASvJJ0N1vyirDbHthd1QTcy/V
dFwcMjdwHGK3oRataFX443siYHBuUUi0cDDdx2ZywI5V/RZi8d8JCJHLmFJfjU3T
JXv8pjrZDQJNTT5fDTDE/YcQ2R6RiT4jaht3eGaN1lMBkIaX9zut5sX6ITy0/5UV
7rOCwO4cuBEfpl4pa9cSI8+m8D2kIfZGYbI7JQZPE8irv9zgoRK44s2l3KEQdqE0
QG0Uync8Ff6ZnG9ycMnEC9bsJw2n57e0gC0F3LMN+FlgTwH7gcsrkhgvwwCrdXf3
nC7H3lOGhnQpNg==
-----END CERTIFICATE-----