Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
File:                     Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft (raw, json)
Hash identifier:          /SLZQpqio+MIE7xVyx4HAOK9TaA56oENv/XCcJCb2e0=
Subject key identifier:   D5:DB:86:00:24:49:CD:7F:E0:D5:85:DD:90:14:0D:83:31:72:B8:03
Authority key identifier: 03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09
Certificate issuer:       /CN=032d39ce91be867cf5ce1b6009d5262c28b65209
Certificate serial:       0199FD33FFC8A93326D34B3844701F88F013
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 16:01:07 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:07 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:07 +0000
Files and hashes:         1: Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl (hash: ez1xCuX0/geD1+d+F9N8zIYdoqqtkbcYMwaDCVZg5D8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:33:ff:c8:a9:33:26:d3:4b:38:44:70:1f:88:f0:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d39ce91be867cf5ce1b6009d5262c28b65209
        Validity
            Not Before: Oct 19 16:01:07 2025 GMT
            Not After : Oct 20 16:01:07 2025 GMT
        Subject: CN=d5db86002449cd7fe0d585dd90140d833172b803
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:70:64:af:2d:13:0d:12:70:79:6c:30:75:71:
                    b1:a6:0c:04:81:4b:2e:cd:87:4a:df:36:ab:eb:e2:
                    a2:d6:30:e9:8b:a0:4f:4a:cf:7f:b9:35:2a:c6:3c:
                    b7:e4:9d:c5:62:59:81:88:91:b6:c0:2c:ca:43:eb:
                    12:a5:4d:6d:22:fa:40:76:f0:25:77:9e:13:a0:7a:
                    a7:f7:8a:19:42:46:49:07:17:13:cf:8b:cb:88:c4:
                    e2:1c:ce:24:07:01:21:5d:86:ce:60:c8:1b:24:43:
                    43:cf:72:92:12:df:ea:ff:e4:d7:fa:34:95:61:f5:
                    f7:59:c7:de:78:f2:7e:71:cf:80:97:c4:9c:72:ef:
                    9d:b7:a9:c6:53:6f:58:4e:a0:a5:4f:42:9c:74:0f:
                    a8:f8:65:71:75:19:e5:29:61:8a:4f:50:b3:08:6b:
                    2a:3e:22:c8:1c:7a:fd:5d:ea:42:20:57:65:b2:1a:
                    50:71:f3:5f:f0:e6:2b:bc:4f:9d:a9:0e:22:f9:b5:
                    f0:1a:aa:28:80:17:2d:57:95:98:bd:07:d8:d6:e1:
                    e9:82:69:ae:a4:76:cd:00:2f:c2:c5:92:96:24:43:
                    ab:c4:c8:22:2d:b7:61:42:21:56:3e:d5:eb:e2:ee:
                    4c:1c:92:bc:de:b3:2f:c2:69:67:e7:53:c5:93:33:
                    9c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:DB:86:00:24:49:CD:7F:E0:D5:85:DD:90:14:0D:83:31:72:B8:03
            X509v3 Authority Key Identifier:
                keyid:03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:13:e5:c8:98:3d:d8:28:22:9a:15:cd:bf:50:8b:58:5f:cd:
         44:1f:0e:6a:21:c8:13:52:1c:93:55:3e:e1:dd:c6:c6:a7:0a:
         1d:26:51:b8:5a:29:03:15:68:fa:3c:5b:e4:ba:c9:9e:98:43:
         54:4b:d7:a8:f9:8c:33:69:92:28:2d:19:c4:43:d5:49:c6:1d:
         e4:49:ca:4e:83:7c:cc:4a:93:ab:09:97:fd:79:13:e4:91:13:
         41:a9:7a:77:e7:94:8e:c8:11:75:7d:50:64:23:e2:4d:96:54:
         a3:71:7b:3f:5c:bf:df:30:63:1f:80:3f:47:4d:94:65:6c:08:
         70:8d:8a:7e:f3:df:35:bb:96:bd:1b:8b:40:dd:f8:fd:04:63:
         1f:50:da:1d:85:3c:4a:38:f1:d9:da:85:3e:14:8e:da:f7:08:
         08:22:2d:40:d2:73:3b:61:52:f4:46:df:1f:8d:de:1d:ab:7d:
         76:14:d8:9f:e4:85:92:49:bc:7b:ce:be:4d:2f:57:6b:90:14:
         eb:da:e5:d7:bc:9d:e7:f1:ca:22:c8:eb:8e:df:8d:c9:6d:25:
         e3:22:97:16:92:32:3d:b0:10:7a:c7:54:9e:bc:65:73:3c:b5:
         0c:9a:1b:49:ba:46:59:72:1b:62:ec:07:ba:4a:f9:ef:e1:fb:
         b0:73:c3:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9M//IqTMm00s4RHAfiPATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQzOWNlOTFiZTg2N2NmNWNlMWI2MDA5ZDUyNjJjMjhi
NjUyMDkwHhcNMjUxMDE5MTYwMTA3WhcNMjUxMDIwMTYwMTA3WjAzMTEwLwYDVQQD
EyhkNWRiODYwMDI0NDljZDdmZTBkNTg1ZGQ5MDE0MGQ4MzMxNzJiODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonBkry0TDRJweWwwdXGxpgwEgUsu
zYdK3zar6+Ki1jDpi6BPSs9/uTUqxjy35J3FYlmBiJG2wCzKQ+sSpU1tIvpAdvAl
d54ToHqn94oZQkZJBxcTz4vLiMTiHM4kBwEhXYbOYMgbJENDz3KSEt/q/+TX+jSV
YfX3WcfeePJ+cc+Al8Sccu+dt6nGU29YTqClT0KcdA+o+GVxdRnlKWGKT1CzCGsq
PiLIHHr9XepCIFdlshpQcfNf8OYrvE+dqQ4i+bXwGqoogBctV5WYvQfY1uHpgmmu
pHbNAC/CxZKWJEOrxMgiLbdhQiFWPtXr4u5MHJK83rMvwmln51PFkzOctQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXbhgAkSc1/4NWF3ZAUDYMxcrgDMB8GA1UdIwQY
MBaAFAMtOc6RvoZ89c4bYAnVJiwotlIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEt
ODRhY2NlY2M1MWYwLzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEtODRhY2NlY2M1MWYw
LzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxPlyJg9
2CgimhXNv1CLWF/NRB8OaiHIE1Ick1U+4d3GxqcKHSZRuFopAxVo+jxb5LrJnphD
VEvXqPmMM2mSKC0ZxEPVScYd5EnKToN8zEqTqwmX/XkT5JETQal6d+eUjsgRdX1Q
ZCPiTZZUo3F7P1y/3zBjH4A/R02UZWwIcI2KfvPfNbuWvRuLQN34/QRjH1DaHYU8
Sjjx2dqFPhSO2vcICCItQNJzO2FS9EbfH43eHat9dhTYn+SFkkm8e86+TS9Xa5AU
69rl17yd5/HKIsjrjt+NyW0l4yKXFpIyPbAQesdUnrxlczy1DJobSbpGWXIbYuwH
ukr57+H7sHPDWg==
-----END CERTIFICATE-----