Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File:                     bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier:          XUeHxK3R+DT1GpA9l5eJECPy2XdATRvQwwZmeJdWvoU=
Subject key identifier:   16:63:D8:AB:33:8F:23:42:EC:07:8B:6D:0A:81:75:AB:C5:A1:CB:DA
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer:       /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial:       0199FAD7CB29CE440FE172116B9B44F94049
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number:          0721
Signing time:             Sun 19 Oct 2025 05:01:10 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:10 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:10 +0000
Files and hashes:         1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: IfxhJIFh+5CP8F7slDldp5EHtG9UvOBt2r5tnPwJJWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:cb:29:ce:44:0f:e1:72:11:6b:9b:44:f9:40:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
        Validity
            Not Before: Oct 19 05:01:10 2025 GMT
            Not After : Oct 20 05:01:10 2025 GMT
        Subject: CN=1663d8ab338f2342ec078b6d0a8175abc5a1cbda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:16:3f:04:99:35:88:8f:fa:65:f7:f7:18:7d:
                    18:99:4f:e2:46:5c:7b:cc:30:08:84:eb:18:db:66:
                    a7:01:6d:a6:8a:c4:84:50:49:94:88:26:aa:cf:6e:
                    17:81:dd:c6:84:17:52:5d:82:1a:2c:0d:14:e7:b0:
                    b3:11:4e:69:89:05:bd:82:f3:9b:78:84:c8:6f:36:
                    05:dc:f0:1b:5f:36:e2:03:27:02:f6:f5:3c:2e:c7:
                    03:63:62:46:40:eb:f4:59:63:53:03:86:34:9b:24:
                    e7:26:7e:ec:c3:6f:43:77:37:37:83:b4:7e:b8:9d:
                    4b:b0:78:21:7a:1f:11:01:34:07:fa:56:95:59:31:
                    d6:f6:9c:f0:91:1d:a2:9d:df:c4:84:26:a5:a2:3d:
                    85:22:93:33:f1:38:24:ec:03:08:f9:aa:5e:c0:d2:
                    80:f6:b9:ea:f9:9e:f0:a1:4b:72:46:b3:26:3d:67:
                    2f:82:30:ed:ba:3c:5f:61:a0:a6:32:21:06:27:94:
                    eb:6c:c1:33:4e:f9:04:e9:1f:2c:2e:57:3a:26:4f:
                    18:f6:be:c5:4f:c4:2d:65:45:c8:9d:40:7c:1d:6c:
                    54:4b:c4:b0:e3:32:0c:a1:69:be:5a:e2:fa:63:f7:
                    32:ab:bd:ad:54:96:35:60:28:db:36:aa:bc:b3:60:
                    49:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:63:D8:AB:33:8F:23:42:EC:07:8B:6D:0A:81:75:AB:C5:A1:CB:DA
            X509v3 Authority Key Identifier:
                keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:3e:a2:fa:35:de:51:b6:09:67:24:4a:a6:16:d1:44:0a:cb:
         e5:68:ea:6a:3e:1a:2c:37:e5:76:bd:a4:85:ea:f1:5c:9e:47:
         09:29:95:69:37:71:08:0c:7a:52:2a:fa:0b:84:6b:1d:f6:c4:
         18:27:0f:1f:2a:b8:07:90:6c:80:f2:7e:44:3f:32:9c:ab:44:
         c3:b2:3c:0a:71:f9:35:26:70:3f:5e:96:6e:05:e9:93:f1:90:
         48:60:14:8e:70:3a:bb:0a:6f:d9:ea:44:49:bb:f5:7e:45:e7:
         87:04:8e:0f:6c:38:99:a6:9a:f0:6d:cf:f9:ba:26:0e:d3:22:
         3d:d7:d1:3c:7b:0f:76:17:72:d2:28:a4:97:49:3b:4e:14:16:
         80:24:03:74:64:ed:3e:f4:5c:24:9f:88:c0:a4:b8:a8:bd:80:
         1f:47:f6:eb:5a:d5:67:3a:ff:9e:50:b8:43:d7:4d:09:87:17:
         c9:be:f1:78:93:5e:4a:03:5d:2e:83:2e:5c:74:e7:b5:19:20:
         8d:3f:31:8b:c4:c7:59:7b:e9:3f:d4:eb:14:d2:d2:61:44:6a:
         b4:e4:11:18:de:6f:9f:02:65:ca:e0:37:50:36:31:cb:10:15:
         9f:94:78:fb:d1:2a:13:7c:8b:15:df:dd:03:b7:fb:6c:33:e0:
         90:e7:75:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn618spzkQP4XIRa5tE+UBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjUxMDE5MDUwMTEwWhcNMjUxMDIwMDUwMTEwWjAzMTEwLwYDVQQD
EygxNjYzZDhhYjMzOGYyMzQyZWMwNzhiNmQwYTgxNzVhYmM1YTFjYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRY/BJk1iI/6Zff3GH0YmU/iRlx7
zDAIhOsY22anAW2misSEUEmUiCaqz24Xgd3GhBdSXYIaLA0U57CzEU5piQW9gvOb
eITIbzYF3PAbXzbiAycC9vU8LscDY2JGQOv0WWNTA4Y0myTnJn7sw29Ddzc3g7R+
uJ1LsHgheh8RATQH+laVWTHW9pzwkR2ind/EhCaloj2FIpMz8Tgk7AMI+apewNKA
9rnq+Z7woUtyRrMmPWcvgjDtujxfYaCmMiEGJ5TrbMEzTvkE6R8sLlc6Jk8Y9r7F
T8QtZUXInUB8HWxUS8Sw4zIMoWm+WuL6Y/cyq72tVJY1YCjbNqq8s2BJHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZj2KszjyNC7AeLbQqBdavFocvaMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAED6i+jXe
UbYJZyRKphbRRArL5Wjqaj4aLDfldr2kherxXJ5HCSmVaTdxCAx6Uir6C4RrHfbE
GCcPHyq4B5BsgPJ+RD8ynKtEw7I8CnH5NSZwP16WbgXpk/GQSGAUjnA6uwpv2epE
Sbv1fkXnhwSOD2w4maaa8G3P+bomDtMiPdfRPHsPdhdy0iikl0k7ThQWgCQDdGTt
PvRcJJ+IwKS4qL2AH0f261rVZzr/nlC4Q9dNCYcXyb7xeJNeSgNdLoMuXHTntRkg
jT8xi8THWXvpP9TrFNLSYURqtOQRGN5vnwJlyuA3UDYxyxAVn5R4+9EqE3yLFd/d
A7f7bDPgkOd1rQ==
-----END CERTIFICATE-----