Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
File:                     miIdT5cAcYIi7es06TinZjQ_JOE.mft (raw, json)
Hash identifier:          Gm4QuFmLpjtCiTcXARNKvEKHYYRJNT7fSijQPwFqfbI=
Subject key identifier:   65:E0:1E:8B:97:02:D9:6A:C5:0A:F4:18:BF:1D:06:F0:10:FD:39:58
Authority key identifier: 9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1
Certificate issuer:       /CN=9a221d4f9700718222edeb34e938a766343f24e1
Certificate serial:       0199FBEB821EC8B4BD40763525AF09E4E26B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
Manifest number:          158C
Signing time:             Sun 19 Oct 2025 10:02:19 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:19 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:19 +0000
Files and hashes:         1: miIdT5cAcYIi7es06TinZjQ_JOE.crl (hash: GOhMru2sfms7eomxmJpEpYVdMnsmDLMjZeddpbnqYQY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:82:1e:c8:b4:bd:40:76:35:25:af:09:e4:e2:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a221d4f9700718222edeb34e938a766343f24e1
        Validity
            Not Before: Oct 19 10:02:19 2025 GMT
            Not After : Oct 20 10:02:19 2025 GMT
        Subject: CN=65e01e8b9702d96ac50af418bf1d06f010fd3958
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c5:2b:8d:58:0f:97:8b:2b:d8:e9:52:49:7b:
                    68:ec:3e:8e:85:08:64:d1:7d:c5:18:23:65:76:f7:
                    bd:1a:3b:e5:22:76:40:e7:18:20:84:ac:76:1f:09:
                    f7:d8:73:6d:10:34:6e:28:55:8d:de:f6:be:a5:6a:
                    90:3a:a3:f4:69:94:c3:94:31:a1:30:c9:dc:a9:2c:
                    15:b5:58:bb:f7:53:cc:23:59:6e:8e:fb:37:f5:28:
                    77:e5:c1:41:f1:bd:1a:f0:61:45:e7:8e:36:98:df:
                    f1:fc:67:28:7f:c2:7b:3f:cc:3f:9b:15:e7:30:af:
                    6f:fe:62:ae:c3:56:33:0f:44:c8:36:96:16:ee:af:
                    8b:dc:50:b1:c1:46:25:f2:0c:28:ee:99:38:b3:0c:
                    fe:a0:d1:c9:5c:41:0a:e6:b3:f3:b5:5a:21:4a:97:
                    a9:a9:97:cc:9b:74:88:25:62:c9:cf:86:ae:4c:9f:
                    f1:23:23:e1:be:a1:60:d3:d0:87:ae:78:d2:5a:74:
                    c6:c6:11:1d:8f:d9:71:6d:0a:81:ad:ee:9e:53:75:
                    10:e2:3f:0b:f4:4c:63:f3:ec:90:97:a4:b5:89:3c:
                    63:4d:30:1c:b8:31:6e:8e:36:5c:4e:1e:e0:ad:b9:
                    03:e2:a6:99:b5:17:3e:64:63:de:56:59:0d:db:fd:
                    45:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:E0:1E:8B:97:02:D9:6A:C5:0A:F4:18:BF:1D:06:F0:10:FD:39:58
            X509v3 Authority Key Identifier:
                keyid:9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:a6:f9:fc:d7:40:fc:31:d4:ab:80:32:4a:b1:d0:ab:da:2d:
         64:b6:a4:25:c4:19:9f:75:4f:14:1e:d6:59:77:87:5a:36:b7:
         79:a5:5b:d4:93:6b:6c:e4:f7:20:87:a1:80:94:52:7e:59:9a:
         e5:30:ca:d2:9c:59:e7:d6:3e:71:be:14:83:35:97:a3:9a:86:
         38:de:04:e1:08:b1:c4:42:ef:6e:56:05:5f:92:34:5c:f6:fa:
         3d:9a:86:a9:d7:ab:b1:43:8f:ec:87:3b:2c:ea:8e:1c:e3:9d:
         06:01:5d:15:50:70:4d:ee:b4:54:25:96:27:d0:84:92:fd:e3:
         62:2a:af:82:06:21:fb:f9:d0:86:fa:2b:e0:ac:08:47:1c:37:
         fe:3f:4d:9e:f3:fc:31:66:6e:17:d3:4b:66:b2:12:c7:b7:9f:
         c8:ce:0c:c1:c7:3b:84:d6:4c:60:d3:e7:28:b0:5d:1e:03:c2:
         2b:5d:7a:8d:c5:f0:69:72:be:de:2e:d8:66:ec:cc:4a:f6:d9:
         47:f0:b7:ed:3c:3d:b4:bc:57:9e:48:b6:2b:7c:2a:6a:76:dc:
         39:05:34:cf:56:ef:c8:94:3e:71:9d:5b:43:c3:0b:46:96:e1:
         d0:3c:28:00:0f:21:99:10:d6:dd:c8:89:bd:e0:88:7a:4a:c9:
         75:e7:e3:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn764IeyLS9QHY1Ja8J5OJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjIxZDRmOTcwMDcxODIyMmVkZWIzNGU5MzhhNzY2MzQz
ZjI0ZTEwHhcNMjUxMDE5MTAwMjE5WhcNMjUxMDIwMTAwMjE5WjAzMTEwLwYDVQQD
Eyg2NWUwMWU4Yjk3MDJkOTZhYzUwYWY0MThiZjFkMDZmMDEwZmQzOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MUrjVgPl4sr2OlSSXto7D6OhQhk
0X3FGCNldve9GjvlInZA5xgghKx2Hwn32HNtEDRuKFWN3va+pWqQOqP0aZTDlDGh
MMncqSwVtVi791PMI1lujvs39Sh35cFB8b0a8GFF5442mN/x/Gcof8J7P8w/mxXn
MK9v/mKuw1YzD0TINpYW7q+L3FCxwUYl8gwo7pk4swz+oNHJXEEK5rPztVohSpep
qZfMm3SIJWLJz4auTJ/xIyPhvqFg09CHrnjSWnTGxhEdj9lxbQqBre6eU3UQ4j8L
9Exj8+yQl6S1iTxjTTAcuDFujjZcTh7grbkD4qaZtRc+ZGPeVlkN2/1F0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXgHouXAtlqxQr0GL8dBvAQ/TlYMB8GA1UdIwQY
MBaAFJoiHU+XAHGCIu3rNOk4p2Y0PyThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEt
N2RlN2E3YzViZjcyLzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEtN2RlN2E3YzViZjcy
LzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkKb5/NdA
/DHUq4AySrHQq9otZLakJcQZn3VPFB7WWXeHWja3eaVb1JNrbOT3IIehgJRSflma
5TDK0pxZ59Y+cb4UgzWXo5qGON4E4QixxELvblYFX5I0XPb6PZqGqdersUOP7Ic7
LOqOHOOdBgFdFVBwTe60VCWWJ9CEkv3jYiqvggYh+/nQhvor4KwIRxw3/j9NnvP8
MWZuF9NLZrISx7efyM4Mwcc7hNZMYNPnKLBdHgPCK116jcXwaXK+3i7YZuzMSvbZ
R/C37Tw9tLxXnki2K3wqanbcOQU0z1bvyJQ+cZ1bQ8MLRpbh0DwoAA8hmRDW3ciJ
veCIekrJdefjFQ==
-----END CERTIFICATE-----