Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          yfgsZuxDFy3QZOWa12+/knhew50OiuTv0iEJeJwUBnk=
Subject key identifier:   16:73:64:7E:15:CB:8D:6C:6B:39:52:D4:E0:5F:FC:09:D2:89:E1:5B
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       0199FDDA55D992BA6C6144084A2088D80137
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          03EF
Signing time:             Sun 19 Oct 2025 19:02:48 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:48 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:48 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: G4HLq8pv3PhX1lo5T6PPWG0pMBmES23+wlFklgyaRn4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:02:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:55:d9:92:ba:6c:61:44:08:4a:20:88:d8:01:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: Oct 19 19:02:48 2025 GMT
            Not After : Oct 20 19:02:48 2025 GMT
        Subject: CN=1673647e15cb8d6c6b3952d4e05ffc09d289e15b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:71:db:9f:3e:ce:67:b6:a6:a1:1a:b7:bc:7f:
                    84:a6:61:5a:a8:16:56:b5:f2:f0:38:d0:62:9a:e9:
                    b2:b5:a2:f4:58:3e:95:30:0c:90:35:c2:83:45:00:
                    22:30:96:cd:25:fe:4a:67:fb:20:10:7f:74:1b:cc:
                    f6:28:38:1a:b1:f4:45:64:f6:ce:07:82:97:5e:b9:
                    22:3a:35:2d:9e:13:5c:4d:89:a0:9e:53:2e:a2:76:
                    8a:f9:3c:58:cc:4a:e5:95:ab:61:60:9c:2c:d3:42:
                    d8:b8:01:bb:15:58:5d:98:4f:31:f3:a4:46:4d:9c:
                    31:d2:f5:68:89:4f:5d:46:4c:c9:d1:99:95:dd:98:
                    a2:67:e6:d9:ab:80:e2:db:c9:18:03:31:61:89:a1:
                    fd:06:d4:d5:1e:08:82:ea:b1:b1:fa:ac:a8:ba:07:
                    9b:96:2e:9f:9d:e4:53:77:57:fe:d0:21:fe:37:67:
                    34:5b:c6:cb:08:00:9d:a6:9a:7c:f6:2d:cc:13:7d:
                    9d:8d:85:ea:46:c0:45:6f:13:12:a1:ab:13:2a:e4:
                    35:9b:4d:0b:b1:03:42:d0:a7:f5:c7:ea:22:4a:ab:
                    9f:a8:21:44:28:17:56:15:0c:a6:e4:1c:39:f5:a9:
                    f6:75:83:4c:4a:30:a1:44:5c:a2:e5:44:4a:65:34:
                    40:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:73:64:7E:15:CB:8D:6C:6B:39:52:D4:E0:5F:FC:09:D2:89:E1:5B
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:38:42:7c:90:aa:17:27:6c:1c:ea:a2:b6:d6:fb:1e:e7:19:
         fd:63:37:7f:c4:da:3e:50:69:9a:95:8d:e8:ae:26:12:cb:3a:
         b2:35:df:14:1a:f2:39:35:f7:8f:cc:57:30:25:38:22:d9:b9:
         ac:72:41:b2:d0:09:a8:52:d3:84:a1:70:17:9b:de:08:83:47:
         a6:2f:f7:5f:c0:52:8f:a1:a0:1d:de:43:44:18:d3:ce:39:6e:
         a3:fe:0c:be:b2:0e:64:ca:95:73:b9:cb:01:8f:3d:ab:72:a4:
         15:70:8e:2c:d7:9e:64:ec:a9:3a:31:88:00:c2:f9:5b:55:6c:
         25:11:6e:88:d5:21:db:c5:30:77:4a:0b:b5:6e:b7:7e:ba:71:
         ff:1c:f4:6c:c9:4e:20:9e:39:0e:c7:03:99:a7:c8:46:ed:77:
         e8:0c:da:36:b4:dc:25:cf:ab:8b:d5:6e:91:35:2f:18:3b:c2:
         31:68:d6:9d:74:c5:88:cd:c4:7d:d7:ac:c0:26:bb:5c:83:c1:
         78:97:45:dc:00:ae:4f:0c:d8:e9:7f:d1:c6:bc:0a:07:2c:ed:
         97:d2:12:31:82:c0:7f:c2:3b:4e:f3:a0:95:69:75:84:7e:eb:
         65:f9:64:96:93:88:b3:8f:22:54:86:ac:f1:7c:0c:78:c5:99:
         51:4f:91:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92lXZkrpsYUQISiCI2AE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjUxMDE5MTkwMjQ4WhcNMjUxMDIwMTkwMjQ4WjAzMTEwLwYDVQQD
EygxNjczNjQ3ZTE1Y2I4ZDZjNmIzOTUyZDRlMDVmZmMwOWQyODllMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXHbnz7OZ7amoRq3vH+EpmFaqBZW
tfLwONBimumytaL0WD6VMAyQNcKDRQAiMJbNJf5KZ/sgEH90G8z2KDgasfRFZPbO
B4KXXrkiOjUtnhNcTYmgnlMuonaK+TxYzErllathYJws00LYuAG7FVhdmE8x86RG
TZwx0vVoiU9dRkzJ0ZmV3ZiiZ+bZq4Di28kYAzFhiaH9BtTVHgiC6rGx+qyougeb
li6fneRTd1f+0CH+N2c0W8bLCACdppp89i3ME32djYXqRsBFbxMSoasTKuQ1m00L
sQNC0Kf1x+oiSqufqCFEKBdWFQym5Bw59an2dYNMSjChRFyi5URKZTRALwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZzZH4Vy41sazlS1OBf/AnSieFbMB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZThCfJCq
FydsHOqittb7HucZ/WM3f8TaPlBpmpWN6K4mEss6sjXfFBryOTX3j8xXMCU4Itm5
rHJBstAJqFLThKFwF5veCINHpi/3X8BSj6GgHd5DRBjTzjluo/4MvrIOZMqVc7nL
AY89q3KkFXCOLNeeZOypOjGIAML5W1VsJRFuiNUh28Uwd0oLtW63frpx/xz0bMlO
IJ45DscDmafIRu136AzaNrTcJc+ri9VukTUvGDvCMWjWnXTFiM3EfdeswCa7XIPB
eJdF3ACuTwzY6X/RxrwKByztl9ISMYLAf8I7TvOglWl1hH7rZflklpOIs48iVIas
8XwMeMWZUU+RxQ==
-----END CERTIFICATE-----