Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft
File:                     fKnhWNylWE83ofg0myiaaBLbkko.mft (raw, json)
Hash identifier:          yuKeAN29tnhK7lNb5mHo2EaXNCMz6Qu/a9Q9i9hgotY=
Subject key identifier:   53:E4:BE:D1:66:73:4F:0D:06:94:3F:AA:0F:81:20:84:CB:1F:C5:15
Authority key identifier: 7C:A9:E1:58:DC:A5:58:4F:37:A1:F8:34:9B:28:9A:68:12:DB:92:4A
Certificate issuer:       /CN=7ca9e158dca5584f37a1f8349b289a6812db924a
Certificate serial:       0199FCFD219A1B7BA19532FF7F5C9EDB168A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft
Manifest number:          094C
Signing time:             Sun 19 Oct 2025 15:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:11 +0000
Files and hashes:         1: fKnhWNylWE83ofg0myiaaBLbkko.crl (hash: 1JEQeVmfElpNFEzHNRxi0Zo6v479wD08C2xEEhPTZGs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:21:9a:1b:7b:a1:95:32:ff:7f:5c:9e:db:16:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ca9e158dca5584f37a1f8349b289a6812db924a
        Validity
            Not Before: Oct 19 15:01:11 2025 GMT
            Not After : Oct 20 15:01:11 2025 GMT
        Subject: CN=53e4bed166734f0d06943faa0f812084cb1fc515
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4b:37:cd:ff:46:b6:78:a7:b3:94:b7:bf:30:
                    78:31:98:a4:e2:6b:a0:3b:54:b8:6d:3f:d4:5c:4a:
                    9d:92:b6:b4:45:54:5e:43:2c:0f:65:5f:78:df:49:
                    46:d6:95:0c:0e:b4:d4:90:2c:b6:12:8d:07:fc:16:
                    98:83:81:03:fb:72:9c:52:8c:97:48:20:40:59:30:
                    04:f5:22:0a:d8:3c:18:68:ac:6e:e2:4c:d3:9b:d3:
                    cd:d6:d7:7c:9c:30:b4:f6:06:46:a4:2d:c8:24:db:
                    2c:de:b8:22:55:fd:95:83:c4:93:e4:8f:b8:51:94:
                    3e:7a:1a:7a:5f:06:8e:a5:30:f2:7e:d4:35:8b:41:
                    12:da:d9:dd:ea:37:15:f6:94:b3:b5:15:90:84:bf:
                    a4:41:06:9b:b1:bc:8e:22:6b:be:17:94:7d:45:74:
                    a1:e6:3a:6c:40:45:a3:ba:8b:73:f9:42:ad:2f:d3:
                    b2:53:63:1d:f9:1c:de:f3:af:68:0c:25:aa:ff:b8:
                    36:69:31:53:6c:13:c1:06:91:76:20:2a:6f:dd:ee:
                    a6:d3:d3:79:9d:7b:49:e2:ba:f4:bd:e0:fb:2a:11:
                    1a:78:d0:68:99:e2:98:a3:e4:12:91:03:76:78:70:
                    79:a3:77:2c:95:74:95:f3:d4:cd:ce:73:8e:82:10:
                    91:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:E4:BE:D1:66:73:4F:0D:06:94:3F:AA:0F:81:20:84:CB:1F:C5:15
            X509v3 Authority Key Identifier:
                keyid:7C:A9:E1:58:DC:A5:58:4F:37:A1:F8:34:9B:28:9A:68:12:DB:92:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:da:b8:78:aa:13:8f:a6:52:0c:84:0f:32:c9:aa:31:06:d1:
         2b:da:8e:6c:f1:5c:e6:83:25:e7:e9:2a:f4:b8:f8:10:22:a8:
         93:e6:b8:1c:a2:3f:57:85:4e:14:65:6b:b8:30:e3:90:a6:70:
         7c:6b:59:c0:9d:ab:c2:85:66:3d:b3:22:d6:f1:08:f5:d5:ab:
         ed:ec:d1:e5:d1:4e:35:94:ef:cd:38:b7:15:1a:77:02:bf:79:
         8b:55:3a:d0:42:40:34:82:c4:cc:96:18:02:8f:a3:4c:9c:30:
         b4:26:56:90:0e:cc:26:ce:cf:3e:21:eb:18:d7:8c:86:32:8f:
         3e:ad:17:3e:9d:ec:9c:17:26:37:17:79:f5:dc:a6:a5:b1:c4:
         e2:3f:2b:36:f6:e0:b4:52:e1:6e:93:25:9f:ed:0c:5f:f8:e6:
         c4:55:67:62:c3:04:7b:d8:8d:5a:90:81:17:c7:c5:85:16:8a:
         fb:ca:e3:5d:32:8f:14:9f:e1:68:ab:9d:42:23:9f:21:a4:99:
         81:3e:66:e3:c7:1e:2a:9b:dc:3b:4a:7b:99:11:79:31:a7:0f:
         1e:82:06:d8:91:c8:ac:71:64:64:6a:cb:d3:d7:4e:58:b7:96:
         6b:bb:29:53:8d:54:cb:db:55:83:12:90:6e:13:4e:d9:55:d9:
         81:15:a2:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/SGaG3uhlTL/f1ye2xaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTllMTU4ZGNhNTU4NGYzN2ExZjgzNDliMjg5YTY4MTJk
YjkyNGEwHhcNMjUxMDE5MTUwMTExWhcNMjUxMDIwMTUwMTExWjAzMTEwLwYDVQQD
Eyg1M2U0YmVkMTY2NzM0ZjBkMDY5NDNmYWEwZjgxMjA4NGNiMWZjNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUs3zf9Gtnins5S3vzB4MZik4mug
O1S4bT/UXEqdkra0RVReQywPZV9430lG1pUMDrTUkCy2Eo0H/BaYg4ED+3KcUoyX
SCBAWTAE9SIK2DwYaKxu4kzTm9PN1td8nDC09gZGpC3IJNss3rgiVf2Vg8ST5I+4
UZQ+ehp6XwaOpTDyftQ1i0ES2tnd6jcV9pSztRWQhL+kQQabsbyOImu+F5R9RXSh
5jpsQEWjuotz+UKtL9OyU2Md+Rze869oDCWq/7g2aTFTbBPBBpF2ICpv3e6m09N5
nXtJ4rr0veD7KhEaeNBomeKYo+QSkQN2eHB5o3cslXSV89TNznOOghCRKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPkvtFmc08NBpQ/qg+BIITLH8UVMB8GA1UdIwQY
MBaAFHyp4VjcpVhPN6H4NJsommgS25JKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mYjM0ZTQtZWQ2MS00ZTFkLWE0NmQt
NzhhNzdmN2ExMzQyLzEvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mYjM0ZTQtZWQ2MS00ZTFkLWE0NmQtNzhhNzdmN2ExMzQy
LzEvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtq4eKoT
j6ZSDIQPMsmqMQbRK9qObPFc5oMl5+kq9Lj4ECKok+a4HKI/V4VOFGVruDDjkKZw
fGtZwJ2rwoVmPbMi1vEI9dWr7ezR5dFONZTvzTi3FRp3Ar95i1U60EJANILEzJYY
Ao+jTJwwtCZWkA7MJs7PPiHrGNeMhjKPPq0XPp3snBcmNxd59dympbHE4j8rNvbg
tFLhbpMln+0MX/jmxFVnYsMEe9iNWpCBF8fFhRaK+8rjXTKPFJ/haKudQiOfIaSZ
gT5m48ceKpvcO0p7mRF5MacPHoIG2JHIrHFkZGrL09dOWLeWa7spU41Uy9tVgxKQ
bhNO2VXZgRWiAA==
-----END CERTIFICATE-----