Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
File:                     i6gkldaDsIyIGoGM0B-kL_9v9tE.mft (raw, json)
Hash identifier:          DOv8MTv9UkjaMBW3qZEIAHcaXdECrAjehKmy+X25hTQ=
Subject key identifier:   42:64:8F:FB:E2:61:6C:05:FE:92:D5:7B:55:A4:5D:C1:50:09:BE:B9
Authority key identifier: 8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1
Certificate issuer:       /CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
Certificate serial:       0199FD33F1A389461445D712AB540EAA3C6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
Manifest number:          02D8
Signing time:             Sun 19 Oct 2025 16:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:03 +0000
Files and hashes:         1: i6gkldaDsIyIGoGM0B-kL_9v9tE.crl (hash: 8m9ApfseiN3Ux0QW3yAP3h35RTGoUu3S0p6ktTuTlIM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:33:f1:a3:89:46:14:45:d7:12:ab:54:0e:aa:3c:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
        Validity
            Not Before: Oct 19 16:01:03 2025 GMT
            Not After : Oct 20 16:01:03 2025 GMT
        Subject: CN=42648ffbe2616c05fe92d57b55a45dc15009beb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:23:52:ff:34:8c:2e:da:85:c4:59:8f:40:83:
                    c4:24:8c:ce:28:56:c5:4d:a4:6a:90:7e:bb:91:a8:
                    3e:61:b2:93:63:72:b1:ae:b8:23:3d:60:da:d4:15:
                    9b:84:4e:8a:20:be:2d:fe:36:03:bc:0f:ed:c7:26:
                    ca:2b:f9:13:e5:e3:2f:1a:bc:83:dc:3f:e5:e6:e9:
                    26:6e:c7:df:a2:74:3c:51:5e:8a:a9:8a:df:fb:98:
                    77:fd:a7:17:2e:70:9b:7a:8a:94:fe:0e:77:36:cf:
                    cc:b1:eb:89:3a:8d:f1:da:b0:1f:6e:0b:e0:f5:4e:
                    9f:18:6e:1a:3d:15:ce:d9:75:03:3a:a0:e2:03:dd:
                    6b:6f:39:5f:07:6c:1c:6b:92:02:1f:cd:45:00:38:
                    71:d4:1e:0c:cc:b6:18:bf:0a:f5:62:3c:34:cd:2e:
                    84:de:4b:f6:2e:ad:3b:f0:3f:99:81:d2:9b:b9:7c:
                    f9:0d:74:fa:c1:7d:bc:8d:c7:46:34:a6:56:33:48:
                    39:d1:83:0d:48:26:bf:6c:ff:23:d4:a3:e4:e5:0a:
                    6a:9f:9c:bc:ad:d3:23:d8:53:a2:51:e9:2e:ec:af:
                    f9:d1:35:03:81:17:3b:78:aa:c2:a9:f9:06:d7:ef:
                    e4:61:ce:f5:53:8f:33:2e:db:ec:eb:81:2e:7c:96:
                    c8:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:64:8F:FB:E2:61:6C:05:FE:92:D5:7B:55:A4:5D:C1:50:09:BE:B9
            X509v3 Authority Key Identifier:
                keyid:8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d8:bd:85:9a:0c:6a:0a:6c:85:9a:05:82:51:e4:5c:69:62:35:
         8d:77:eb:af:02:b3:fb:8e:5d:87:41:cc:59:b3:e3:0d:ee:a9:
         1e:8f:60:47:87:ab:eb:f6:b6:45:c5:8d:a5:48:de:87:29:ab:
         81:28:79:cc:3b:74:57:ed:ea:7d:dd:49:87:35:a0:bd:72:fd:
         d6:d8:c5:3a:f4:31:61:5f:2b:a0:a7:3a:11:22:88:6e:5c:7f:
         1e:6e:97:0d:12:2c:a4:81:36:06:e0:ed:72:c3:c3:de:6d:f6:
         03:64:8c:62:84:20:2d:ee:9c:ad:e7:2c:5c:6d:82:77:34:fd:
         27:89:1c:43:b0:c9:a8:23:00:77:62:1b:86:3c:e1:f3:b4:05:
         75:76:8a:85:b9:74:f1:6d:e3:5a:1a:f7:79:8b:24:dd:0f:25:
         5f:9f:72:61:36:0b:f2:38:0b:07:78:00:94:cb:94:c5:ae:16:
         f5:87:f4:b1:6f:6e:ff:d1:ae:01:fe:d6:7d:b2:ae:f1:63:9b:
         da:26:f5:05:d4:e3:27:a4:48:db:f8:03:87:20:a4:0c:e3:6d:
         04:1c:9e:3c:24:32:5d:81:36:4b:f6:8e:e5:7a:73:73:33:a3:
         b8:10:4f:20:f3:0a:02:50:b2:83:13:b1:a1:ac:34:c2:2b:b8:
         b4:3e:ea:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9M/GjiUYURdcSq1QOqjxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYTgyNDk1ZDY4M2IwOGM4ODFhODE4Y2QwMWZhNDJmZmY2
ZmY2ZDEwHhcNMjUxMDE5MTYwMTAzWhcNMjUxMDIwMTYwMTAzWjAzMTEwLwYDVQQD
Eyg0MjY0OGZmYmUyNjE2YzA1ZmU5MmQ1N2I1NWE0NWRjMTUwMDliZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCNS/zSMLtqFxFmPQIPEJIzOKFbF
TaRqkH67kag+YbKTY3KxrrgjPWDa1BWbhE6KIL4t/jYDvA/txybKK/kT5eMvGryD
3D/l5ukmbsffonQ8UV6KqYrf+5h3/acXLnCbeoqU/g53Ns/MseuJOo3x2rAfbgvg
9U6fGG4aPRXO2XUDOqDiA91rbzlfB2wca5ICH81FADhx1B4MzLYYvwr1Yjw0zS6E
3kv2Lq078D+ZgdKbuXz5DXT6wX28jcdGNKZWM0g50YMNSCa/bP8j1KPk5Qpqn5y8
rdMj2FOiUeku7K/50TUDgRc7eKrCqfkG1+/kYc71U48zLtvs64EufJbIUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJkj/viYWwF/pLVe1WkXcFQCb65MB8GA1UdIwQY
MBaAFIuoJJXWg7CMiBqBjNAfpC//b/bRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTkt
YzYyNTBmYjYwOTZlLzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTktYzYyNTBmYjYwOTZl
LzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2L2Fmgxq
CmyFmgWCUeRcaWI1jXfrrwKz+45dh0HMWbPjDe6pHo9gR4er6/a2RcWNpUjehymr
gSh5zDt0V+3qfd1JhzWgvXL91tjFOvQxYV8roKc6ESKIblx/Hm6XDRIspIE2BuDt
csPD3m32A2SMYoQgLe6crecsXG2CdzT9J4kcQ7DJqCMAd2Ibhjzh87QFdXaKhbl0
8W3jWhr3eYsk3Q8lX59yYTYL8jgLB3gAlMuUxa4W9Yf0sW9u/9GuAf7WfbKu8WOb
2ib1BdTjJ6RI2/gDhyCkDONtBByePCQyXYE2S/aO5XpzczOjuBBPIPMKAlCygxOx
oaw0wiu4tD7qSQ==
-----END CERTIFICATE-----