Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
File:                     dqIj-utMXd95nTyiqWDAbB1tHZY.mft (raw, json)
Hash identifier:          MqInfPzCw7gcRDE7gwjzkVl3xWD0JlipQEpibWw4lzk=
Subject key identifier:   8C:13:B9:E4:6E:DC:0A:1B:0F:2E:91:F8:F0:FA:F5:0B:90:5D:9D:A5
Authority key identifier: 76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96
Certificate issuer:       /CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
Certificate serial:       0199FCFD8BBED05F65AC4BBDCEC7EA97BD84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
Manifest number:          0C91
Signing time:             Sun 19 Oct 2025 15:01:38 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:38 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:38 +0000
Files and hashes:         1: dqIj-utMXd95nTyiqWDAbB1tHZY.crl (hash: L6vp3yK5l1WqWtz6FxYktpgTO+or8v9P2IBypSnS+4c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:8b:be:d0:5f:65:ac:4b:bd:ce:c7:ea:97:bd:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
        Validity
            Not Before: Oct 19 15:01:38 2025 GMT
            Not After : Oct 20 15:01:38 2025 GMT
        Subject: CN=8c13b9e46edc0a1b0f2e91f8f0faf50b905d9da5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ab:f8:32:37:96:c5:36:ca:4b:e3:8d:61:70:
                    53:88:e3:f5:79:e5:cf:58:3c:c8:39:23:6a:de:5e:
                    ed:f8:de:c2:4c:d3:d7:00:79:d1:ea:2f:ad:34:fe:
                    47:7a:e6:ee:a2:f5:b4:73:6e:93:07:da:e7:33:f7:
                    a8:81:03:14:dc:e1:8f:38:7b:5b:05:1d:cf:29:c2:
                    71:a6:cd:b1:88:7d:bd:5d:dc:b5:9c:e8:54:50:27:
                    e6:e1:6c:81:26:67:39:7a:f7:67:1b:33:6f:3c:e6:
                    a7:40:1e:33:f0:8e:9f:4e:aa:c0:e6:d5:82:31:cd:
                    ba:4f:75:ff:82:73:75:2f:2d:c5:7c:c7:3f:56:a9:
                    b1:6c:39:4a:99:56:38:e4:b2:a8:f5:c4:db:51:ba:
                    3b:d1:b2:86:0c:01:d8:cb:29:d2:52:7c:cb:e0:1c:
                    db:01:be:a1:c8:24:d9:b4:50:5d:7a:6b:14:6b:78:
                    60:00:60:e0:6a:c4:03:0b:5f:35:73:6d:75:7a:38:
                    d0:fc:ac:99:24:35:12:c5:7a:1d:80:3c:da:52:d0:
                    85:e5:e4:de:eb:e5:c8:50:ce:7f:e3:3e:64:e7:f1:
                    25:ad:a2:72:6b:83:67:8d:62:be:66:50:79:d2:8c:
                    b1:0a:b1:44:2c:8f:33:8e:c7:29:12:53:c3:d5:c7:
                    88:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:13:B9:E4:6E:DC:0A:1B:0F:2E:91:F8:F0:FA:F5:0B:90:5D:9D:A5
            X509v3 Authority Key Identifier:
                keyid:76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:84:4f:75:a9:d9:0a:80:e5:18:ab:ea:f0:01:f7:82:b0:97:
         6f:b2:8a:d6:4e:4d:47:f8:77:52:ff:42:9b:60:63:0a:47:fb:
         e3:4a:53:00:fa:09:c8:85:a5:ae:63:44:59:37:18:e9:91:a9:
         cb:05:0f:8f:26:26:d5:6e:ff:d5:fe:48:48:e8:89:08:9a:56:
         9f:1a:3a:1f:0e:d4:4e:99:20:f9:c2:47:0c:9f:12:90:fe:3f:
         2e:58:ef:b3:cb:71:61:b7:85:c0:79:d3:bf:af:9e:98:2b:13:
         6d:34:00:34:cd:c4:79:16:93:45:9f:24:4a:67:c6:41:f0:95:
         8d:55:11:04:aa:f8:1c:19:d1:f8:89:fb:4a:b1:2c:c9:59:37:
         80:5d:d4:ff:a0:4b:5b:c3:ec:ad:cf:bc:8a:92:c7:06:c3:82:
         8c:5d:0c:40:1b:6e:0e:c9:04:65:2a:f9:f9:73:18:22:f2:87:
         41:4a:99:cf:df:e9:04:11:c8:de:a5:86:2c:a8:46:55:b2:22:
         f6:87:b9:ba:38:39:ab:5c:37:f4:41:23:bb:85:34:ba:c1:c9:
         cc:23:3a:8f:54:bf:04:d2:d3:1f:43:dd:fb:ef:16:59:f8:e2:
         82:b9:68:33:00:c7:33:35:72:64:f1:de:10:0c:5e:ad:7d:cf:
         55:c1:75:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/Yu+0F9lrEu9zsfql72EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTIyM2ZhZWI0YzVkZGY3OTlkM2NhMmE5NjBjMDZjMWQ2
ZDFkOTYwHhcNMjUxMDE5MTUwMTM4WhcNMjUxMDIwMTUwMTM4WjAzMTEwLwYDVQQD
Eyg4YzEzYjllNDZlZGMwYTFiMGYyZTkxZjhmMGZhZjUwYjkwNWQ5ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKv4MjeWxTbKS+ONYXBTiOP1eeXP
WDzIOSNq3l7t+N7CTNPXAHnR6i+tNP5HeubuovW0c26TB9rnM/eogQMU3OGPOHtb
BR3PKcJxps2xiH29Xdy1nOhUUCfm4WyBJmc5evdnGzNvPOanQB4z8I6fTqrA5tWC
Mc26T3X/gnN1Ly3FfMc/VqmxbDlKmVY45LKo9cTbUbo70bKGDAHYyynSUnzL4Bzb
Ab6hyCTZtFBdemsUa3hgAGDgasQDC181c211ejjQ/KyZJDUSxXodgDzaUtCF5eTe
6+XIUM5/4z5k5/ElraJya4NnjWK+ZlB50oyxCrFELI8zjscpElPD1ceISwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwTueRu3AobDy6R+PD69QuQXZ2lMB8GA1UdIwQY
MBaAFHaiI/rrTF3feZ08oqlgwGwdbR2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1Mzgt
MWRkZWU4NTVjZGY4LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1MzgtMWRkZWU4NTVjZGY4
LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM4RPdanZ
CoDlGKvq8AH3grCXb7KK1k5NR/h3Uv9Cm2BjCkf740pTAPoJyIWlrmNEWTcY6ZGp
ywUPjyYm1W7/1f5ISOiJCJpWnxo6Hw7UTpkg+cJHDJ8SkP4/Lljvs8txYbeFwHnT
v6+emCsTbTQANM3EeRaTRZ8kSmfGQfCVjVURBKr4HBnR+In7SrEsyVk3gF3U/6BL
W8Psrc+8ipLHBsOCjF0MQBtuDskEZSr5+XMYIvKHQUqZz9/pBBHI3qWGLKhGVbIi
9oe5ujg5q1w39EEju4U0usHJzCM6j1S/BNLTH0Pd++8WWfjigrloMwDHMzVyZPHe
EAxerX3PVcF1xw==
-----END CERTIFICATE-----