Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          wko8xzJSdfdLs93J8UyFwyRZMS2grLZmrZ8yTI4J5sc=
Subject key identifier:   DD:A3:79:B5:64:90:A9:94:1F:1B:19:D7:0E:D7:EF:61:A5:33:1F:B2
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       0199FE46DB0E7AAB5D94AFAFCA54977D93B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          1673
Signing time:             Sun 19 Oct 2025 21:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:20 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: HjTNiPQHR4VBemIQNTHCy6yGcpykMG12FtPk0/DKVYs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:db:0e:7a:ab:5d:94:af:af:ca:54:97:7d:93:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Oct 19 21:01:20 2025 GMT
            Not After : Oct 20 21:01:20 2025 GMT
        Subject: CN=dda379b56490a9941f1b19d70ed7ef61a5331fb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:6b:16:4c:c8:6e:0f:a8:5a:ff:b5:56:c9:46:
                    78:69:ae:9c:b4:03:22:d1:00:72:2e:35:ae:06:df:
                    81:06:c3:9a:7a:38:6f:42:d8:78:03:f6:cd:7e:56:
                    c8:80:8a:72:a3:bf:1a:c7:c3:b5:54:88:30:eb:f7:
                    74:f1:9f:ee:a0:83:84:29:27:9d:13:cf:d3:04:1c:
                    f4:01:82:98:e1:f0:0f:94:fe:8d:83:de:c6:e4:d4:
                    3b:08:18:49:21:1b:3e:39:50:1b:28:a6:db:d4:fb:
                    2c:24:32:cd:7b:c7:73:11:24:08:4a:a4:6c:61:4d:
                    df:1a:c5:bf:51:13:a6:82:8e:17:9e:e7:0d:a5:89:
                    70:f4:1a:2f:38:15:48:fc:1e:0e:d0:57:e4:e5:6a:
                    12:59:e9:7e:de:c3:64:80:67:6d:3f:0f:43:b2:46:
                    dd:8c:66:d9:88:44:8b:2b:69:db:19:fd:98:51:ec:
                    a7:66:ce:81:8a:45:17:80:29:ff:66:46:49:fa:5a:
                    f6:4b:59:95:2b:3c:a3:1b:bf:bd:7f:ae:13:6f:ee:
                    09:6a:95:40:b2:a6:3a:67:9d:b1:90:b2:e0:77:45:
                    0b:97:45:e3:65:31:0e:ea:ac:ef:ad:69:ed:1a:9f:
                    14:7e:c6:5f:e5:be:d3:d8:98:91:ad:04:06:a4:63:
                    8a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:A3:79:B5:64:90:A9:94:1F:1B:19:D7:0E:D7:EF:61:A5:33:1F:B2
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:5e:80:db:ac:3e:e1:5a:46:5f:38:04:43:b7:7e:51:7e:fb:
         0d:27:22:dd:2a:8f:d6:ee:6c:ba:55:31:e8:01:a9:ae:52:57:
         07:5d:e1:41:a7:77:af:f3:76:27:47:3c:5f:0d:af:8b:45:8c:
         53:75:3a:16:e7:80:c6:4c:b5:67:b6:12:88:2e:d9:24:1c:29:
         91:39:02:4f:a0:ee:83:2b:d2:7a:8b:d1:18:9d:fb:8d:2b:06:
         68:e2:fd:1c:5b:99:03:dd:7f:50:7e:13:f9:aa:62:d5:d2:93:
         60:6e:b2:95:f4:f0:0a:f5:a9:c9:f9:3c:89:02:df:61:09:7c:
         a8:8e:68:cf:5f:12:cb:98:b7:84:e3:bf:cf:20:09:19:13:d0:
         b2:86:12:1c:99:0a:c2:03:40:f2:d9:73:b0:47:62:29:c5:98:
         8d:2f:2e:cb:06:b3:8b:06:13:42:74:90:27:3f:38:7b:c1:94:
         77:c4:3e:43:81:b1:20:15:06:91:2e:f5:61:10:49:05:46:4a:
         2d:e4:f6:ee:24:7d:3c:51:81:71:f2:bb:e0:00:c1:33:d4:bf:
         56:fc:43:5d:93:a6:2d:22:48:89:ae:75:03:95:56:3c:58:a3:
         6a:08:5a:06:d8:20:9c:aa:4b:d4:64:34:3a:41:6f:8a:6c:f5:
         5f:ce:65:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RtsOeqtdlK+vylSXfZOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjUxMDE5MjEwMTIwWhcNMjUxMDIwMjEwMTIwWjAzMTEwLwYDVQQD
EyhkZGEzNzliNTY0OTBhOTk0MWYxYjE5ZDcwZWQ3ZWY2MWE1MzMxZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2sWTMhuD6ha/7VWyUZ4aa6ctAMi
0QByLjWuBt+BBsOaejhvQth4A/bNflbIgIpyo78ax8O1VIgw6/d08Z/uoIOEKSed
E8/TBBz0AYKY4fAPlP6Ng97G5NQ7CBhJIRs+OVAbKKbb1PssJDLNe8dzESQISqRs
YU3fGsW/UROmgo4XnucNpYlw9BovOBVI/B4O0Ffk5WoSWel+3sNkgGdtPw9Dskbd
jGbZiESLK2nbGf2YUeynZs6BikUXgCn/ZkZJ+lr2S1mVKzyjG7+9f64Tb+4JapVA
sqY6Z52xkLLgd0ULl0XjZTEO6qzvrWntGp8UfsZf5b7T2JiRrQQGpGOKRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2jebVkkKmUHxsZ1w7X72GlMx+yMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ16A26w+
4VpGXzgEQ7d+UX77DSci3SqP1u5sulUx6AGprlJXB13hQad3r/N2J0c8Xw2vi0WM
U3U6FueAxky1Z7YSiC7ZJBwpkTkCT6DugyvSeovRGJ37jSsGaOL9HFuZA91/UH4T
+api1dKTYG6ylfTwCvWpyfk8iQLfYQl8qI5oz18Sy5i3hOO/zyAJGRPQsoYSHJkK
wgNA8tlzsEdiKcWYjS8uywaziwYTQnSQJz84e8GUd8Q+Q4GxIBUGkS71YRBJBUZK
LeT27iR9PFGBcfK74ADBM9S/VvxDXZOmLSJIia51A5VWPFijaghaBtggnKpL1GQ0
OkFvimz1X85lhg==
-----END CERTIFICATE-----