Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
File:                     h3OqvdPia0S3mDfBRwq44XQV6o4.mft (raw, json)
Hash identifier:          yjLh3B4ALh4JMH1EkXNHe4miSkZSUMwqDPJeuqNQEuU=
Subject key identifier:   22:57:D1:55:A5:8E:A9:25:AA:21:3E:E2:32:4A:26:D8:F6:62:CE:27
Authority key identifier: 87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E
Certificate issuer:       /CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
Certificate serial:       0199FC58D6975A0CD4460E908F505ECB3507
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
Manifest number:          02CE
Signing time:             Sun 19 Oct 2025 12:01:44 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:44 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:44 +0000
Files and hashes:         1: h3OqvdPia0S3mDfBRwq44XQV6o4.crl (hash: D2dB9IZuX0yCk2wMcZ1Nt/sb9m1HD5xapHEe4C8uLHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:d6:97:5a:0c:d4:46:0e:90:8f:50:5e:cb:35:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
        Validity
            Not Before: Oct 19 12:01:44 2025 GMT
            Not After : Oct 20 12:01:44 2025 GMT
        Subject: CN=2257d155a58ea925aa213ee2324a26d8f662ce27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:25:3f:d2:85:22:98:99:d9:6b:de:9c:8f:e5:
                    ad:fd:05:59:89:00:34:f1:8c:60:1e:c6:f0:19:f8:
                    ed:1d:35:aa:39:23:65:7b:a3:f5:30:d8:d6:88:44:
                    87:ee:74:58:21:83:0c:48:cd:e1:56:95:fe:b3:af:
                    8b:e2:00:07:56:a9:04:a6:fb:29:4b:26:ac:ae:1d:
                    b5:c0:70:2f:25:e5:4c:24:43:ee:1e:28:45:3a:41:
                    85:e9:17:84:b2:c3:2d:fb:49:88:5b:f5:47:c4:1b:
                    6d:a8:c3:f9:f8:62:39:2d:ae:d1:4c:e3:d9:88:11:
                    38:16:2d:d6:5a:5e:78:82:fe:5d:c3:02:74:4c:aa:
                    a1:b0:62:e6:dc:ce:9c:6b:ca:d2:64:d4:ae:8d:c4:
                    fe:c2:83:13:1b:ec:04:29:b9:8f:34:29:ea:72:61:
                    de:d0:05:c5:04:19:27:eb:48:28:a7:52:ef:8c:d0:
                    cb:66:25:dc:77:52:58:aa:b8:06:b9:59:14:9d:86:
                    3c:5c:8d:21:56:64:29:12:f2:67:47:29:35:e4:8c:
                    65:5d:73:76:96:77:13:9a:b0:ec:15:7a:a3:d1:dd:
                    f3:42:35:d2:6a:3e:26:ff:e8:e1:0b:e4:1d:c7:b6:
                    1b:ef:c8:48:a4:02:fc:a0:35:61:77:d9:cf:58:98:
                    e3:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:57:D1:55:A5:8E:A9:25:AA:21:3E:E2:32:4A:26:D8:F6:62:CE:27
            X509v3 Authority Key Identifier:
                keyid:87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:de:f3:5d:e2:30:89:2f:fc:da:fa:72:a5:ce:26:97:3d:51:
         8c:29:e8:79:1d:c2:b4:68:60:df:01:95:87:35:de:80:64:b7:
         f3:ee:8d:d9:3c:29:a4:dc:c9:d8:ef:cc:aa:21:2b:0f:0f:68:
         b5:21:54:21:9b:3f:04:45:a6:11:a7:e7:fb:a6:fa:4f:f3:bb:
         c3:9c:b8:26:64:6a:a8:85:c2:54:f4:c8:21:94:8e:8c:0a:54:
         c5:18:08:7d:f6:0b:cf:a6:47:e3:4c:14:05:ad:9b:1a:dc:50:
         c5:5d:ec:84:65:d0:c0:2e:89:05:87:36:b5:54:99:ef:4d:94:
         ca:10:77:1b:05:64:1e:02:3b:93:17:2c:ae:7f:da:64:71:40:
         6a:2a:6c:42:12:87:96:10:cf:da:a7:f7:c0:c5:e3:37:1e:cc:
         a2:ab:c7:e3:15:4c:ff:f0:0e:94:ee:1e:a0:f9:b0:74:06:4f:
         2e:c8:17:db:33:c4:a2:49:32:79:40:d6:9b:82:46:6a:18:48:
         5a:e7:59:a7:d2:db:d4:4f:94:e1:3d:48:63:53:0a:ff:93:18:
         2b:c1:f7:e5:b0:2a:80:05:3c:37:9f:d4:5c:d3:ce:6f:01:6c:
         01:69:4a:d6:56:1e:b9:59:bd:49:ec:ab:12:ed:2c:9e:7a:2e:
         84:d6:3c:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WNaXWgzURg6Qj1BeyzUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzNhYWJkZDNlMjZiNDRiNzk4MzdjMTQ3MGFiOGUxNzQx
NWVhOGUwHhcNMjUxMDE5MTIwMTQ0WhcNMjUxMDIwMTIwMTQ0WjAzMTEwLwYDVQQD
EygyMjU3ZDE1NWE1OGVhOTI1YWEyMTNlZTIzMjRhMjZkOGY2NjJjZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyU/0oUimJnZa96cj+Wt/QVZiQA0
8YxgHsbwGfjtHTWqOSNle6P1MNjWiESH7nRYIYMMSM3hVpX+s6+L4gAHVqkEpvsp
Syasrh21wHAvJeVMJEPuHihFOkGF6ReEssMt+0mIW/VHxBttqMP5+GI5La7RTOPZ
iBE4Fi3WWl54gv5dwwJ0TKqhsGLm3M6ca8rSZNSujcT+woMTG+wEKbmPNCnqcmHe
0AXFBBkn60gop1LvjNDLZiXcd1JYqrgGuVkUnYY8XI0hVmQpEvJnRyk15IxlXXN2
lncTmrDsFXqj0d3zQjXSaj4m/+jhC+Qdx7Yb78hIpAL8oDVhd9nPWJjj1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJX0VWljqklqiE+4jJKJtj2Ys4nMB8GA1UdIwQY
MBaAFIdzqr3T4mtEt5g3wUcKuOF0FeqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0Mzgt
NmFiOGE4NzlhMTdiLzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0MzgtNmFiOGE4NzlhMTdi
LzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWd7zXeIw
iS/82vpypc4mlz1RjCnoeR3CtGhg3wGVhzXegGS38+6N2TwppNzJ2O/MqiErDw9o
tSFUIZs/BEWmEafn+6b6T/O7w5y4JmRqqIXCVPTIIZSOjApUxRgIffYLz6ZH40wU
Ba2bGtxQxV3shGXQwC6JBYc2tVSZ702UyhB3GwVkHgI7kxcsrn/aZHFAaipsQhKH
lhDP2qf3wMXjNx7MoqvH4xVM//AOlO4eoPmwdAZPLsgX2zPEokkyeUDWm4JGahhI
WudZp9Lb1E+U4T1IY1MK/5MYK8H35bAqgAU8N5/UXNPObwFsAWlK1lYeuVm9Seyr
Eu0snnouhNY8yw==
-----END CERTIFICATE-----