Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          h1f7l33iLrj6FapjzGrJ0PXfJg6ZdC1k/YReNMqdr2M=
Subject key identifier:   72:F5:E0:C1:C3:4A:3F:16:1B:2A:5A:13:FA:F9:B1:4A:FD:8C:A3:4B
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       0199FFC80D50C08F8036BBD5FA016C8758E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          0F79
Signing time:             Mon 20 Oct 2025 04:02:04 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:04 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:04 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: BY4yLuYu5VUIIbGVQS7iJzP3CVXhJSHhJWUmNtTd6xI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:0d:50:c0:8f:80:36:bb:d5:fa:01:6c:87:58:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: Oct 20 04:02:04 2025 GMT
            Not After : Oct 21 04:02:04 2025 GMT
        Subject: CN=72f5e0c1c34a3f161b2a5a13faf9b14afd8ca34b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:05:c9:df:af:9d:82:ea:b4:d7:56:fd:19:dd:
                    e5:d5:62:75:97:ed:0c:61:2b:0b:db:f5:0e:9c:a4:
                    ce:b1:ac:65:83:5b:c2:d0:d4:6a:5f:0e:14:6a:3d:
                    1c:c0:63:56:68:af:63:4d:9f:a2:1e:67:bc:44:7b:
                    a3:2f:f0:d5:e7:d1:8f:01:21:1c:42:69:28:f1:fa:
                    24:4e:b2:8a:cf:b7:18:8f:13:33:61:5b:38:9e:4d:
                    a5:e5:26:3d:65:d7:74:4a:54:3e:6e:23:e1:d4:ad:
                    87:53:bf:66:a5:7f:2e:e5:16:f0:b6:f5:03:02:e0:
                    05:ab:e0:fa:22:95:50:ae:c8:01:a5:75:4a:44:7b:
                    6b:7e:42:35:d1:66:b9:09:13:a5:4f:60:94:eb:c1:
                    74:3c:4c:aa:ab:45:fb:3a:b7:0e:68:e8:2f:bf:ac:
                    1a:75:25:6c:f5:0c:90:90:e0:9c:9d:ac:49:63:bf:
                    e2:88:6f:6e:c6:8f:81:5b:96:63:c2:ab:5d:1a:0a:
                    1f:01:0c:bd:c6:f2:95:1e:4b:a6:df:bd:2a:4e:2a:
                    3f:15:33:99:aa:39:0b:75:3f:32:69:5f:16:2f:0c:
                    94:91:95:c8:07:d1:5e:57:4a:e3:9a:0b:d8:82:40:
                    c9:13:12:eb:a4:1a:e1:2b:b5:ce:50:b1:33:58:4a:
                    da:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:F5:E0:C1:C3:4A:3F:16:1B:2A:5A:13:FA:F9:B1:4A:FD:8C:A3:4B
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:4e:a0:75:bb:5f:26:8d:44:d1:8a:31:09:db:4b:13:d3:de:
         ba:35:ec:54:34:76:0e:65:a3:31:49:b6:75:79:cc:ca:08:41:
         b3:01:81:9d:47:63:36:46:47:ae:7f:36:27:99:13:cb:ee:c2:
         9c:20:51:2b:1f:4f:4e:3d:c8:73:2b:89:f7:40:5e:78:0a:cd:
         81:80:5a:1a:94:70:cb:d5:de:35:43:79:b3:c5:d9:7b:61:7f:
         e8:b4:23:ba:46:4b:aa:24:b8:9f:ce:2c:48:41:21:3f:76:33:
         88:07:d0:2b:9e:ee:95:fe:85:aa:be:ce:a7:83:a1:1e:b5:8e:
         28:41:43:78:09:68:e8:77:f2:b9:39:08:f8:34:6c:b7:1f:35:
         bb:ae:e2:1a:ce:11:d2:5a:e4:5b:54:51:c1:6e:cc:34:34:cc:
         83:81:84:ea:54:59:cf:8a:75:57:e6:18:d6:4f:b8:38:21:f2:
         c5:ff:74:d8:04:0a:4d:57:45:88:0d:d3:17:b7:cd:bf:e5:20:
         a6:d7:4b:03:36:7d:29:3c:cd:fb:1f:66:c8:2c:4c:99:6e:74:
         9e:f8:dc:97:1e:6e:fd:dd:af:05:b8:41:4e:07:9e:89:0e:20:
         a2:87:92:dc:e3:25:b9:b2:80:42:aa:ed:43:ff:1b:22:db:c6:
         04:82:46:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yA1QwI+ANrvV+gFsh1jgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjUxMDIwMDQwMjA0WhcNMjUxMDIxMDQwMjA0WjAzMTEwLwYDVQQD
Eyg3MmY1ZTBjMWMzNGEzZjE2MWIyYTVhMTNmYWY5YjE0YWZkOGNhMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgXJ36+dguq011b9Gd3l1WJ1l+0M
YSsL2/UOnKTOsaxlg1vC0NRqXw4Uaj0cwGNWaK9jTZ+iHme8RHujL/DV59GPASEc
Qmko8fokTrKKz7cYjxMzYVs4nk2l5SY9Zdd0SlQ+biPh1K2HU79mpX8u5RbwtvUD
AuAFq+D6IpVQrsgBpXVKRHtrfkI10Wa5CROlT2CU68F0PEyqq0X7OrcOaOgvv6wa
dSVs9QyQkOCcnaxJY7/iiG9uxo+BW5ZjwqtdGgofAQy9xvKVHkum370qTio/FTOZ
qjkLdT8yaV8WLwyUkZXIB9FeV0rjmgvYgkDJExLrpBrhK7XOULEzWEraiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHL14MHDSj8WGypaE/r5sUr9jKNLMB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkk6gdbtf
Jo1E0YoxCdtLE9PeujXsVDR2DmWjMUm2dXnMyghBswGBnUdjNkZHrn82J5kTy+7C
nCBRKx9PTj3IcyuJ90BeeArNgYBaGpRwy9XeNUN5s8XZe2F/6LQjukZLqiS4n84s
SEEhP3YziAfQK57ulf6Fqr7Op4OhHrWOKEFDeAlo6HfyuTkI+DRstx81u67iGs4R
0lrkW1RRwW7MNDTMg4GE6lRZz4p1V+YY1k+4OCHyxf902AQKTVdFiA3TF7fNv+Ug
ptdLAzZ9KTzN+x9myCxMmW50nvjclx5u/d2vBbhBTgeeiQ4gooeS3OMlubKAQqrt
Q/8bItvGBIJG8A==
-----END CERTIFICATE-----