Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.mft
File:                     mXZKyKibCft4hQ10xo4dqo8-KvE.mft (raw, json)
Hash identifier:          28BteN3fm0ZA4GJtSZF4kxFEKlOlVVMM2HRHzDjxEjE=
Subject key identifier:   7E:C0:54:B6:1B:20:0B:B6:38:3D:8E:AE:B6:8C:7B:E4:A6:F0:FE:F6
Authority key identifier: 99:76:4A:C8:A8:9B:09:FB:78:85:0D:74:C6:8E:1D:AA:8F:3E:2A:F1
Certificate issuer:       /CN=99764ac8a89b09fb78850d74c68e1daa8f3e2af1
Certificate serial:       0199FC58E073398F1459AABE54C944C64C37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXZKyKibCft4hQ10xo4dqo8-KvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.mft
Manifest number:          08F5
Signing time:             Sun 19 Oct 2025 12:01:46 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:46 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:46 +0000
Files and hashes:         1: mXZKyKibCft4hQ10xo4dqo8-KvE.crl (hash: ZTjAU2josCCzLDj73yVIcSdxGvF9/iRi8SJs75/aku0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXZKyKibCft4hQ10xo4dqo8-KvE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:e0:73:39:8f:14:59:aa:be:54:c9:44:c6:4c:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99764ac8a89b09fb78850d74c68e1daa8f3e2af1
        Validity
            Not Before: Oct 19 12:01:46 2025 GMT
            Not After : Oct 20 12:01:46 2025 GMT
        Subject: CN=7ec054b61b200bb6383d8eaeb68c7be4a6f0fef6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:49:20:1c:14:6a:14:ab:20:46:9c:e9:e9:84:
                    0a:48:19:be:66:eb:e2:55:cf:dc:ea:4a:26:a8:3b:
                    a1:ba:ff:91:c2:37:bd:0e:3e:40:ff:58:6e:88:2a:
                    81:87:37:c8:72:22:ad:f8:d5:90:ea:09:65:fa:78:
                    17:ed:c6:c3:ef:77:37:fa:5d:30:72:ba:99:51:f7:
                    b8:90:27:20:9d:3b:b7:46:54:22:6b:cb:33:1e:c7:
                    b5:d3:79:68:ff:15:ee:25:9e:e0:8b:88:57:bd:8d:
                    6e:de:67:ad:af:18:1e:94:2a:9a:4b:b8:08:8c:f4:
                    02:3b:f0:70:5f:2f:f5:2e:e3:0a:2d:f3:fb:ef:3e:
                    3c:6a:2b:d5:7e:5f:00:63:4f:da:60:64:29:6d:9d:
                    1b:a9:b2:73:43:e9:3c:0c:8d:89:13:31:6b:85:dd:
                    97:da:64:ab:43:f8:de:63:f3:66:52:8a:5c:12:8a:
                    f9:59:6f:ee:97:f2:7e:38:33:e7:d2:1a:cb:bb:0f:
                    bf:1c:bc:ba:db:cf:45:a3:e7:32:30:e0:39:13:26:
                    57:e3:b2:d4:f6:fa:54:b5:60:ca:e4:c3:01:a5:06:
                    92:a4:a6:2b:27:af:8a:11:32:00:6a:d6:70:d5:b2:
                    5e:10:f7:8e:47:ac:a8:ff:03:ae:69:29:2b:24:29:
                    e9:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:C0:54:B6:1B:20:0B:B6:38:3D:8E:AE:B6:8C:7B:E4:A6:F0:FE:F6
            X509v3 Authority Key Identifier:
                keyid:99:76:4A:C8:A8:9B:09:FB:78:85:0D:74:C6:8E:1D:AA:8F:3E:2A:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXZKyKibCft4hQ10xo4dqo8-KvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:8f:0a:40:d1:6f:d7:3e:1c:83:93:d3:f7:e3:74:31:ff:71:
         be:40:17:9f:45:4d:ac:6b:f5:0a:9c:39:64:39:70:57:d7:04:
         98:87:90:f0:59:94:08:72:2d:4c:8d:30:84:fd:86:6f:5e:0d:
         2c:8e:fb:0e:47:ed:82:15:83:88:5a:4c:1f:62:61:5b:bc:59:
         3f:63:e5:55:2f:ae:4c:b9:3b:cc:1a:df:b6:a6:b9:77:c2:1b:
         1c:36:c0:ff:5a:48:d2:71:ae:86:f4:54:0f:ae:8f:c4:21:1e:
         46:40:a0:e4:7e:fa:56:bd:85:c9:32:f8:91:60:26:93:fa:a2:
         d5:65:36:42:f8:54:20:69:0c:c4:7e:ad:31:72:0a:68:91:6c:
         77:48:7b:9e:6b:30:9b:fd:26:a8:41:f8:ac:cf:29:eb:ca:ea:
         78:22:63:23:f8:65:cb:3d:93:69:67:18:ba:fd:7a:99:e7:a7:
         e1:b7:e5:06:c5:51:9c:55:1c:b6:3f:0c:54:da:70:cb:ce:e1:
         23:1c:df:be:13:3a:1d:86:8a:f5:87:1b:57:1c:99:14:d1:fc:
         31:cc:d3:a0:ca:9c:e1:92:72:46:99:8f:e7:db:06:60:60:e4:
         a1:02:83:7c:f3:72:4a:91:08:99:5a:12:a2:88:30:71:cd:12:
         e8:be:79:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WOBzOY8UWaq+VMlExkw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzY0YWM4YTg5YjA5ZmI3ODg1MGQ3NGM2OGUxZGFhOGYz
ZTJhZjEwHhcNMjUxMDE5MTIwMTQ2WhcNMjUxMDIwMTIwMTQ2WjAzMTEwLwYDVQQD
Eyg3ZWMwNTRiNjFiMjAwYmI2MzgzZDhlYWViNjhjN2JlNGE2ZjBmZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUkgHBRqFKsgRpzp6YQKSBm+Zuvi
Vc/c6komqDuhuv+Rwje9Dj5A/1huiCqBhzfIciKt+NWQ6gll+ngX7cbD73c3+l0w
crqZUfe4kCcgnTu3RlQia8szHse103lo/xXuJZ7gi4hXvY1u3metrxgelCqaS7gI
jPQCO/BwXy/1LuMKLfP77z48aivVfl8AY0/aYGQpbZ0bqbJzQ+k8DI2JEzFrhd2X
2mSrQ/jeY/NmUopcEor5WW/ul/J+ODPn0hrLuw+/HLy6289Fo+cyMOA5EyZX47LU
9vpUtWDK5MMBpQaSpKYrJ6+KETIAatZw1bJeEPeOR6yo/wOuaSkrJCnppwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7AVLYbIAu2OD2OrraMe+Sm8P72MB8GA1UdIwQY
MBaAFJl2Ssiomwn7eIUNdMaOHaqPPirxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhaS3lLaWJDZnQ0aFExMHhvNGRxbzgtS3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jYjU4ZWItN2MwNC00Y2I5LThmMzMt
ODE2OGNmNDcyOTYyLzEvbVhaS3lLaWJDZnQ0aFExMHhvNGRxbzgtS3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jYjU4ZWItN2MwNC00Y2I5LThmMzMtODE2OGNmNDcyOTYy
LzEvbVhaS3lLaWJDZnQ0aFExMHhvNGRxbzgtS3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATo8KQNFv
1z4cg5PT9+N0Mf9xvkAXn0VNrGv1Cpw5ZDlwV9cEmIeQ8FmUCHItTI0whP2Gb14N
LI77DkftghWDiFpMH2JhW7xZP2PlVS+uTLk7zBrftqa5d8IbHDbA/1pI0nGuhvRU
D66PxCEeRkCg5H76Vr2FyTL4kWAmk/qi1WU2QvhUIGkMxH6tMXIKaJFsd0h7nmsw
m/0mqEH4rM8p68rqeCJjI/hlyz2TaWcYuv16meen4bflBsVRnFUctj8MVNpwy87h
IxzfvhM6HYaK9YcbVxyZFNH8MczToMqc4ZJyRpmP59sGYGDkoQKDfPNySpEImVoS
oogwcc0S6L553g==
-----END CERTIFICATE-----