Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
File:                     GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json)
Hash identifier:          uAEupPXOXGb4f7gkfQQXgAjlGFvN6z27heK8d4fmNfk=
Subject key identifier:   10:35:D4:E4:39:B3:4A:1F:CC:D6:0D:C7:51:DC:76:2C:23:DE:1F:F6
Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D
Certificate issuer:       /CN=1a66819ed62a71090cf437e4263012d4c035067d
Certificate serial:       0199FA6A0545562A752AD85045E3DD0AF647
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 03:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 03:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 03:01:16 +0000
Files and hashes:         1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: BkNC+a/cCEyR6JzWhzMrvMR9LFwMqSKYjzpaVY3sV+4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 03:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:6a:05:45:56:2a:75:2a:d8:50:45:e3:dd:0a:f6:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d
        Validity
            Not Before: Oct 19 03:01:16 2025 GMT
            Not After : Oct 20 03:01:16 2025 GMT
        Subject: CN=1035d4e439b34a1fccd60dc751dc762c23de1ff6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e6:b4:13:c0:4f:57:47:3d:b3:49:7c:e3:e7:
                    de:93:95:12:1e:8e:03:16:3b:a5:79:44:ac:96:7f:
                    44:13:57:21:52:02:90:9d:8d:20:33:5a:e9:f5:94:
                    c6:c8:9a:8c:33:bd:f6:25:a3:09:27:68:ab:ab:47:
                    f6:e5:c1:37:6e:7c:74:ab:ea:5d:a7:48:c2:18:84:
                    bb:c7:ec:93:69:a7:80:2a:fb:fe:6b:c8:7d:e6:65:
                    43:b2:80:06:62:5a:b6:4b:e8:1a:81:a7:cf:30:1f:
                    1c:a0:fa:35:a4:55:ee:02:8a:c7:f5:07:47:0d:25:
                    3d:83:e6:d7:ce:eb:ce:44:7b:b3:4d:21:e1:46:33:
                    6c:37:24:2f:43:61:d8:7f:d6:fd:ff:8a:28:8b:6a:
                    9a:44:58:fa:28:96:08:39:74:2e:32:7c:03:0f:7f:
                    74:6d:f1:4a:35:34:a2:c6:55:42:91:72:e7:14:c0:
                    19:b4:6b:96:50:9b:72:19:26:14:78:2a:1e:0e:e2:
                    36:5f:91:11:04:52:38:6f:45:9b:9f:e5:4e:b2:f4:
                    bb:67:65:a9:a6:a2:1a:9b:fb:51:ca:bc:e1:1a:c8:
                    40:2f:10:a1:e3:2b:6c:b3:18:a1:dd:13:f4:c9:0c:
                    d1:46:73:51:0c:92:1a:a8:7b:79:7b:99:c4:62:30:
                    c4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:35:D4:E4:39:B3:4A:1F:CC:D6:0D:C7:51:DC:76:2C:23:DE:1F:F6
            X509v3 Authority Key Identifier:
                keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:01:e4:75:ca:b3:8e:90:05:ba:17:5e:cb:dc:e7:ef:e6:4f:
         7d:73:70:e9:ff:d0:ab:70:fc:03:29:95:61:91:41:34:05:cd:
         5f:c6:74:ad:94:df:50:2a:ae:76:81:4e:0a:0a:9a:7b:d8:be:
         44:b0:f3:0b:55:18:5f:fe:42:de:f0:04:76:a1:50:43:27:8f:
         64:0c:bb:09:ff:1d:3a:86:37:fa:c0:6b:99:54:8d:de:07:45:
         61:bd:ba:89:6f:07:8f:bf:9c:56:9c:96:71:08:47:5b:dd:94:
         d0:49:27:29:89:dd:bb:03:2c:b5:62:b5:44:4d:01:03:28:5c:
         7a:60:c8:ec:8e:fe:c5:af:30:f7:60:91:4d:20:b8:72:8b:19:
         a3:20:f4:53:e8:3e:3f:eb:1e:01:d6:7c:ad:6a:0b:ac:c4:0c:
         27:06:f5:78:5e:6e:99:f6:e4:ce:e0:8a:00:e2:bc:12:e7:e3:
         2a:a0:30:ae:22:53:c6:d2:e3:25:c9:16:a0:ad:37:b3:b1:f2:
         99:83:9f:7d:77:0f:3a:c4:38:04:3e:ae:d7:de:30:68:53:41:
         9b:63:12:2e:98:c2:28:3b:21:1e:ba:2d:31:b7:53:0b:74:84:
         dd:11:ae:c4:bc:6e:1f:d9:b0:6e:a2:ab:2f:54:5d:2a:ff:0b:
         ac:af:ae:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6agVFVip1KthQRePdCvZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz
NTA2N2QwHhcNMjUxMDE5MDMwMTE2WhcNMjUxMDIwMDMwMTE2WjAzMTEwLwYDVQQD
EygxMDM1ZDRlNDM5YjM0YTFmY2NkNjBkYzc1MWRjNzYyYzIzZGUxZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvea0E8BPV0c9s0l84+fek5USHo4D
FjuleUSsln9EE1chUgKQnY0gM1rp9ZTGyJqMM732JaMJJ2irq0f25cE3bnx0q+pd
p0jCGIS7x+yTaaeAKvv+a8h95mVDsoAGYlq2S+gagafPMB8coPo1pFXuAorH9QdH
DSU9g+bXzuvORHuzTSHhRjNsNyQvQ2HYf9b9/4ooi2qaRFj6KJYIOXQuMnwDD390
bfFKNTSixlVCkXLnFMAZtGuWUJtyGSYUeCoeDuI2X5ERBFI4b0Wbn+VOsvS7Z2Wp
pqIam/tRyrzhGshALxCh4ytssxih3RP0yQzRRnNRDJIaqHt5e5nEYjDEGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBA11OQ5s0ofzNYNx1Hcdiwj3h/2MB8GA1UdIwQY
MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt
NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3
LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWwHkdcqz
jpAFuhdey9zn7+ZPfXNw6f/Qq3D8AymVYZFBNAXNX8Z0rZTfUCqudoFOCgqae9i+
RLDzC1UYX/5C3vAEdqFQQyePZAy7Cf8dOoY3+sBrmVSN3gdFYb26iW8Hj7+cVpyW
cQhHW92U0EknKYnduwMstWK1RE0BAyhcemDI7I7+xa8w92CRTSC4cosZoyD0U+g+
P+seAdZ8rWoLrMQMJwb1eF5umfbkzuCKAOK8EufjKqAwriJTxtLjJckWoK03s7Hy
mYOffXcPOsQ4BD6u194waFNBm2MSLpjCKDshHrotMbdTC3SE3RGuxLxuH9mwbqKr
L1RdKv8LrK+ugQ==
-----END CERTIFICATE-----