Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
File:                     pol1o9gy4UUny7or4QujwebGOFY.mft (raw, json)
Hash identifier:          W+BHhaOshzIoC8u0/oIMPypBE0kGjsk5clRL33yxR+Y=
Subject key identifier:   E9:B0:99:08:6A:F3:68:9A:98:27:83:88:71:8D:D4:82:82:39:09:CE
Authority key identifier: A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56
Certificate issuer:       /CN=a68975a3d832e14527cbba2be10ba3c1e6c63856
Certificate serial:       0199FDD90CC518F1379B507DF8DAD862DC95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
Manifest number:          06B7
Signing time:             Sun 19 Oct 2025 19:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:24 +0000
Files and hashes:         1: pol1o9gy4UUny7or4QujwebGOFY.crl (hash: lYyyqkSnNMIynV3SAlvUs+h8vlnAdsNmDOHWsdAHRBs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:0c:c5:18:f1:37:9b:50:7d:f8:da:d8:62:dc:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a68975a3d832e14527cbba2be10ba3c1e6c63856
        Validity
            Not Before: Oct 19 19:01:24 2025 GMT
            Not After : Oct 20 19:01:24 2025 GMT
        Subject: CN=e9b099086af3689a98278388718dd482823909ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:12:61:79:bb:36:bf:bb:1a:ba:e6:e7:cc:a6:
                    29:a7:01:cc:54:31:08:e6:f2:bc:f5:86:3a:28:d8:
                    48:ad:f4:14:09:7d:08:93:72:54:53:54:65:2a:39:
                    05:c8:8c:e9:14:93:0f:88:bc:da:76:73:b8:04:1f:
                    41:7b:f0:4a:5c:95:87:52:06:76:a3:40:da:bb:91:
                    d3:76:69:f9:86:f2:a8:ff:86:ee:2f:40:86:62:2d:
                    3e:02:fe:c4:c1:91:98:56:69:ef:1a:b6:70:f2:59:
                    17:dc:e8:9d:f2:2f:97:3b:74:7a:d3:c0:02:92:bc:
                    7f:5d:91:3f:7c:85:90:dd:1c:1a:c7:4f:57:6f:37:
                    fb:bd:99:46:0a:44:7a:ad:f9:2b:81:89:21:75:3b:
                    23:39:0b:c5:6f:cb:fa:68:84:fb:63:45:26:8b:74:
                    a3:25:f0:f6:8b:43:a2:9f:a1:d1:aa:15:98:25:dc:
                    54:97:34:10:c8:3b:9d:e1:4b:b6:22:06:2c:9d:18:
                    a1:25:86:28:3b:0c:51:1a:4e:04:89:eb:86:e5:8c:
                    e0:9b:dd:c4:59:e4:bc:b7:bd:cf:2d:2d:d1:ae:ab:
                    61:80:84:84:8f:7d:a7:d6:06:a0:f7:5b:53:24:16:
                    bb:56:47:9d:46:96:77:80:bd:b7:84:f9:4b:74:ae:
                    3d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:B0:99:08:6A:F3:68:9A:98:27:83:88:71:8D:D4:82:82:39:09:CE
            X509v3 Authority Key Identifier:
                keyid:A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         dd:ba:44:78:23:04:2f:f8:1a:79:77:8c:2c:32:c2:7a:ec:f3:
         30:2a:61:86:cb:95:d0:aa:8d:76:b5:d5:56:94:43:88:4c:4f:
         0f:72:26:5d:be:5a:13:fb:15:37:1f:02:02:3e:94:ec:e8:78:
         49:c5:f2:4c:23:de:3d:06:d5:d6:4f:6c:ad:d6:7f:a4:8e:0d:
         a4:56:4c:a4:45:c7:61:53:23:96:b7:16:ac:fc:a5:d2:a1:08:
         cc:0e:17:5a:c0:74:62:3b:8a:24:bd:67:41:42:30:c6:88:fd:
         ad:52:71:32:69:cf:08:fe:f8:3d:ef:8b:e9:28:07:71:15:85:
         bf:60:26:fb:f7:31:66:a8:50:72:b8:3c:f7:6b:62:e6:32:e5:
         45:22:33:47:ac:b7:04:d0:6b:cd:56:fe:f0:b3:e4:6d:e7:46:
         0c:86:92:17:fd:8b:c6:5f:96:f3:9f:c7:c2:d8:6f:8e:af:c3:
         13:89:3a:64:9a:37:c6:44:48:d5:20:c9:1d:7c:4a:3f:22:ca:
         f7:8a:52:72:c4:d8:87:d7:7c:60:72:30:5c:a9:db:07:87:c3:
         86:bd:ac:14:ea:5e:be:1b:4d:5c:8b:de:7b:58:87:2e:4a:b7:
         96:57:6c:33:be:95:40:4d:00:ba:a0:07:5b:db:f1:92:63:f4:
         30:19:71:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92QzFGPE3m1B9+NrYYtyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ODk3NWEzZDgzMmUxNDUyN2NiYmEyYmUxMGJhM2MxZTZj
NjM4NTYwHhcNMjUxMDE5MTkwMTI0WhcNMjUxMDIwMTkwMTI0WjAzMTEwLwYDVQQD
EyhlOWIwOTkwODZhZjM2ODlhOTgyNzgzODg3MThkZDQ4MjgyMzkwOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBJhebs2v7sauubnzKYppwHMVDEI
5vK89YY6KNhIrfQUCX0Ik3JUU1RlKjkFyIzpFJMPiLzadnO4BB9Be/BKXJWHUgZ2
o0Dau5HTdmn5hvKo/4buL0CGYi0+Av7EwZGYVmnvGrZw8lkX3Oid8i+XO3R608AC
krx/XZE/fIWQ3Rwax09Xbzf7vZlGCkR6rfkrgYkhdTsjOQvFb8v6aIT7Y0Umi3Sj
JfD2i0Oin6HRqhWYJdxUlzQQyDud4Uu2IgYsnRihJYYoOwxRGk4EieuG5Yzgm93E
WeS8t73PLS3RrqthgISEj32n1gag91tTJBa7VkedRpZ3gL23hPlLdK493QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmwmQhq82iamCeDiHGN1IKCOQnOMB8GA1UdIwQY
MBaAFKaJdaPYMuFFJ8u6K+ELo8HmxjhWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUt
MTMxNmFkODA1ZTY0LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUtMTMxNmFkODA1ZTY0
LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3bpEeCME
L/gaeXeMLDLCeuzzMCphhsuV0KqNdrXVVpRDiExPD3ImXb5aE/sVNx8CAj6U7Oh4
ScXyTCPePQbV1k9srdZ/pI4NpFZMpEXHYVMjlrcWrPyl0qEIzA4XWsB0YjuKJL1n
QUIwxoj9rVJxMmnPCP74Pe+L6SgHcRWFv2Am+/cxZqhQcrg892ti5jLlRSIzR6y3
BNBrzVb+8LPkbedGDIaSF/2Lxl+W85/Hwthvjq/DE4k6ZJo3xkRI1SDJHXxKPyLK
94pScsTYh9d8YHIwXKnbB4fDhr2sFOpevhtNXIvee1iHLkq3lldsM76VQE0AuqAH
W9vxkmP0MBlx7A==
-----END CERTIFICATE-----