Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/cbeac8-ebed-45fb-b724-70b1c69b4232/1/EzI-rNd-XKWVLdZ8KPT9kNMq-t8.mft
File:                     EzI-rNd-XKWVLdZ8KPT9kNMq-t8.mft (raw, json)
Hash identifier:          RnGOs1MAMoEbHSLsfQuzNDuy0y+/1Ps1jUGsVQEigck=
Subject key identifier:   81:38:DF:D8:29:19:F6:17:E7:83:93:4C:93:0F:EC:E3:CC:A1:99:4C
Authority key identifier: 13:32:3E:AC:D7:7E:5C:A5:95:2D:D6:7C:28:F4:FD:90:D3:2A:FA:DF
Certificate issuer:       /CN=13323eacd77e5ca5952dd67c28f4fd90d32afadf
Certificate serial:       019A006BFC342EEC427B2382D48A61072904
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EzI-rNd-XKWVLdZ8KPT9kNMq-t8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/cbeac8-ebed-45fb-b724-70b1c69b4232/1/EzI-rNd-XKWVLdZ8KPT9kNMq-t8.mft
Manifest number:          16DE
Signing time:             Mon 20 Oct 2025 07:01:08 +0000
Manifest this update:     Mon 20 Oct 2025 07:01:08 +0000
Manifest next update:     Tue 21 Oct 2025 07:01:08 +0000
Files and hashes:         1: EzI-rNd-XKWVLdZ8KPT9kNMq-t8.crl (hash: gcNwRAZrYN5iOWvr5TVpzDxv5MZKKGnJxsvCY2YApgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/cbeac8-ebed-45fb-b724-70b1c69b4232/1/EzI-rNd-XKWVLdZ8KPT9kNMq-t8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/cbeac8-ebed-45fb-b724-70b1c69b4232/1/EzI-rNd-XKWVLdZ8KPT9kNMq-t8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EzI-rNd-XKWVLdZ8KPT9kNMq-t8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:6b:fc:34:2e:ec:42:7b:23:82:d4:8a:61:07:29:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13323eacd77e5ca5952dd67c28f4fd90d32afadf
        Validity
            Not Before: Oct 20 07:01:08 2025 GMT
            Not After : Oct 21 07:01:08 2025 GMT
        Subject: CN=8138dfd82919f617e783934c930fece3cca1994c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:22:31:8e:14:86:d6:43:d9:e6:a5:32:bd:db:
                    44:33:71:d5:d3:51:96:7b:af:1f:16:d5:42:e0:12:
                    93:3b:6a:53:19:9e:26:3b:08:5b:e3:0a:c8:5a:7c:
                    e1:a4:cd:55:6e:69:07:0c:53:1c:26:d3:d0:44:9a:
                    a5:91:5e:0a:32:6d:2d:02:60:52:3e:16:d6:32:d5:
                    c9:cc:13:10:8c:63:71:7e:e4:95:8d:2f:97:05:67:
                    a0:77:24:f6:bb:c9:72:e4:fd:70:78:42:20:1f:87:
                    20:78:e2:0f:f2:32:f8:36:04:78:09:75:00:35:f1:
                    64:94:19:8d:e2:ee:e6:d7:16:13:b1:99:13:77:75:
                    d6:0a:85:65:59:df:a0:30:f3:a7:15:1b:13:6d:3d:
                    e7:0d:0c:e0:06:b2:a6:72:73:99:17:3c:a5:1d:bd:
                    ac:83:19:86:fa:74:c4:b8:a8:e7:a1:93:90:f2:15:
                    4a:92:64:40:5a:d7:9f:86:38:d2:8e:67:12:aa:a1:
                    29:52:83:db:ec:49:83:0e:2f:24:27:f6:a3:c9:0d:
                    79:50:27:43:18:fb:c1:2b:60:31:09:bc:5e:1f:db:
                    ec:4f:18:04:be:e9:1b:ed:21:c6:f9:75:d3:45:0b:
                    b8:55:4b:e0:9c:25:64:a6:ed:2d:85:ee:a1:dc:0f:
                    9e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:38:DF:D8:29:19:F6:17:E7:83:93:4C:93:0F:EC:E3:CC:A1:99:4C
            X509v3 Authority Key Identifier:
                keyid:13:32:3E:AC:D7:7E:5C:A5:95:2D:D6:7C:28:F4:FD:90:D3:2A:FA:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzI-rNd-XKWVLdZ8KPT9kNMq-t8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/cbeac8-ebed-45fb-b724-70b1c69b4232/1/EzI-rNd-XKWVLdZ8KPT9kNMq-t8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/cbeac8-ebed-45fb-b724-70b1c69b4232/1/EzI-rNd-XKWVLdZ8KPT9kNMq-t8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:fc:59:a0:c6:00:5b:97:18:03:98:bd:b7:d6:86:7f:2e:7a:
         0b:20:3e:66:0e:89:b8:80:04:3d:d9:c7:e5:73:30:b5:d4:2b:
         5f:7f:31:ed:69:e7:2e:8b:a0:0e:85:af:49:b7:75:76:8d:85:
         d9:3d:7e:a1:b1:3b:aa:a5:52:ee:b0:21:96:d0:e1:b2:eb:0e:
         d7:c6:30:f8:5e:43:d0:8c:7f:85:63:ef:10:01:6c:37:bd:d7:
         2d:b7:2a:2c:34:0f:9b:0c:21:b3:0e:bf:ab:ad:e7:de:c2:a1:
         d2:22:de:79:a8:91:67:c5:29:5f:aa:62:bf:90:b6:20:82:13:
         a0:93:19:3b:6d:2a:7e:5d:b7:fd:2f:f7:37:d8:f2:0c:4e:dd:
         c7:77:66:ae:5f:f7:f1:7d:48:22:0d:fa:88:a0:7d:4c:d2:55:
         7a:53:27:f1:e8:85:86:f4:22:db:0a:ba:01:3b:b3:df:08:a4:
         a8:bd:65:9c:0d:79:4a:d0:00:ea:c4:68:ee:97:65:ec:8b:cb:
         ed:23:eb:70:5f:b6:e5:ac:c0:48:70:1f:50:88:4c:0f:5c:49:
         b7:e9:ea:cf:e3:4e:a7:1a:24:2c:8e:51:5e:a9:b1:05:37:92:
         e8:8b:6b:53:d7:a6:2d:92:dc:8e:83:a7:48:63:ed:b3:a2:7e:
         78:e6:2b:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAa/w0LuxCeyOC1IphBykEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMzIzZWFjZDc3ZTVjYTU5NTJkZDY3YzI4ZjRmZDkwZDMy
YWZhZGYwHhcNMjUxMDIwMDcwMTA4WhcNMjUxMDIxMDcwMTA4WjAzMTEwLwYDVQQD
Eyg4MTM4ZGZkODI5MTlmNjE3ZTc4MzkzNGM5MzBmZWNlM2NjYTE5OTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSIxjhSG1kPZ5qUyvdtEM3HV01GW
e68fFtVC4BKTO2pTGZ4mOwhb4wrIWnzhpM1VbmkHDFMcJtPQRJqlkV4KMm0tAmBS
PhbWMtXJzBMQjGNxfuSVjS+XBWegdyT2u8ly5P1weEIgH4cgeOIP8jL4NgR4CXUA
NfFklBmN4u7m1xYTsZkTd3XWCoVlWd+gMPOnFRsTbT3nDQzgBrKmcnOZFzylHb2s
gxmG+nTEuKjnoZOQ8hVKkmRAWtefhjjSjmcSqqEpUoPb7EmDDi8kJ/ajyQ15UCdD
GPvBK2AxCbxeH9vsTxgEvukb7SHG+XXTRQu4VUvgnCVkpu0the6h3A+eJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIE439gpGfYX54OTTJMP7OPMoZlMMB8GA1UdIwQY
MBaAFBMyPqzXflyllS3WfCj0/ZDTKvrfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXpJLXJOZC1YS1dWTGRaOEtQVDlrTk1xLXQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYmVhYzgtZWJlZC00NWZiLWI3MjQt
NzBiMWM2OWI0MjMyLzEvRXpJLXJOZC1YS1dWTGRaOEtQVDlrTk1xLXQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYmVhYzgtZWJlZC00NWZiLWI3MjQtNzBiMWM2OWI0MjMy
LzEvRXpJLXJOZC1YS1dWTGRaOEtQVDlrTk1xLXQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ/xZoMYA
W5cYA5i9t9aGfy56CyA+Zg6JuIAEPdnH5XMwtdQrX38x7WnnLougDoWvSbd1do2F
2T1+obE7qqVS7rAhltDhsusO18Yw+F5D0Ix/hWPvEAFsN73XLbcqLDQPmwwhsw6/
q63n3sKh0iLeeaiRZ8UpX6piv5C2IIIToJMZO20qfl23/S/3N9jyDE7dx3dmrl/3
8X1IIg36iKB9TNJVelMn8eiFhvQi2wq6ATuz3wikqL1lnA15StAA6sRo7pdl7IvL
7SPrcF+25azASHAfUIhMD1xJt+nqz+NOpxokLI5RXqmxBTeS6ItrU9emLZLcjoOn
SGPts6J+eOYraw==
-----END CERTIFICATE-----