Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
File:                     aQMR37ZbZZViGO_0cZep65akB9s.mft (raw, json)
Hash identifier:          TEn5srxLLB/BADT4xYZBM19kEdo68PotSgxrmRxpq34=
Subject key identifier:   05:60:D1:8E:AC:B5:5A:61:8B:79:B0:D2:D3:4A:4E:7D:27:63:1C:CD
Authority key identifier: 69:03:11:DF:B6:5B:65:95:62:18:EF:F4:71:97:A9:EB:96:A4:07:DB
Certificate issuer:       /CN=690311dfb65b65956218eff47197a9eb96a407db
Certificate serial:       0199FBEAD0A09F662CA9446B4D2F8C8EFF08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:34 +0000
Files and hashes:         1: aQMR37ZbZZViGO_0cZep65akB9s.crl (hash: UABZ6ZSmzEd158gKC9uUVRpreGerPpqTQFYsgdFmlWo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:d0:a0:9f:66:2c:a9:44:6b:4d:2f:8c:8e:ff:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=690311dfb65b65956218eff47197a9eb96a407db
        Validity
            Not Before: Oct 19 10:01:34 2025 GMT
            Not After : Oct 20 10:01:34 2025 GMT
        Subject: CN=0560d18eacb55a618b79b0d2d34a4e7d27631ccd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a0:d6:b5:c6:f0:58:c0:c4:45:49:5c:3a:7e:
                    49:cf:e3:ca:14:af:1d:8d:b9:61:7d:c0:cb:64:d4:
                    b9:60:c5:bd:05:35:a3:3f:5b:c3:82:c5:9f:78:75:
                    d0:65:01:08:56:0e:b3:61:2c:4a:8a:13:94:06:71:
                    58:75:09:d2:0b:98:91:8c:3a:aa:dc:7b:4c:12:54:
                    ed:5b:93:ac:5a:65:50:cf:1c:b0:6d:e9:f6:47:c7:
                    4c:21:3d:ca:6d:f1:cd:5d:21:f7:3b:90:bf:59:b7:
                    5d:44:19:2c:cb:64:60:da:9e:b1:e4:0b:5b:80:6b:
                    b7:ca:d0:c0:c7:75:44:9c:2d:ef:af:32:d1:c5:2a:
                    f9:eb:9b:cb:8a:0c:b8:4b:86:c9:b2:6a:46:2a:e2:
                    4f:7f:2c:65:f9:13:03:76:3a:0d:e2:a2:b0:e1:c1:
                    a3:4e:48:87:b7:32:37:e6:69:66:fd:80:03:af:c5:
                    6c:36:52:d2:27:6b:0b:ae:13:07:fd:14:52:33:f7:
                    e4:46:5f:10:6c:82:52:80:47:5d:95:4e:5d:10:8d:
                    09:5e:60:0e:68:a0:95:7a:36:3a:cb:9a:79:8d:50:
                    a6:0a:7d:d8:39:b4:9d:52:e2:40:a1:c7:b7:32:8d:
                    ce:a7:05:98:31:d4:68:7e:40:1b:40:2b:a8:67:ff:
                    30:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:60:D1:8E:AC:B5:5A:61:8B:79:B0:D2:D3:4A:4E:7D:27:63:1C:CD
            X509v3 Authority Key Identifier:
                keyid:69:03:11:DF:B6:5B:65:95:62:18:EF:F4:71:97:A9:EB:96:A4:07:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:5f:ca:f4:4b:49:d3:5b:37:60:54:e4:96:f3:1d:62:80:8f:
         bb:e8:11:07:d9:de:b6:ed:04:23:e0:03:7c:c2:35:7d:39:67:
         8c:4e:c2:58:83:78:5f:d1:ab:00:47:60:00:22:15:fc:44:bd:
         bc:be:6d:37:c7:f9:b6:dc:10:5c:d8:f7:24:99:c0:78:7f:66:
         c9:b1:e8:73:95:6a:22:18:cc:10:45:9e:25:20:ec:ba:92:2e:
         c8:26:a8:e0:39:42:43:15:94:48:df:16:d0:ff:ec:a9:96:62:
         7e:8f:31:e3:1c:ee:8c:79:fd:c8:ec:2b:e1:6d:50:81:b3:f2:
         d1:ca:e3:52:1c:14:2d:70:52:3e:6b:43:8b:bf:49:c9:fa:df:
         3b:ee:85:1c:51:a1:d0:0d:21:3a:83:90:97:b6:a9:fa:96:a8:
         4b:e7:ff:0b:05:cc:2a:b5:16:a7:56:11:62:d5:5b:12:ad:93:
         17:fe:5e:05:55:ff:a2:3a:ea:80:05:36:2e:46:5b:3d:a3:b7:
         59:a7:d5:b0:03:18:17:52:ba:1d:95:03:79:c6:3d:42:71:48:
         79:c4:56:0d:53:4a:1d:d5:da:17:16:6d:a5:71:9b:81:9e:05:
         fa:26:d9:14:10:41:35:6e:ab:a4:63:86:17:4a:49:02:cb:22:
         66:81:02:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76tCgn2YsqURrTS+Mjv8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDMxMWRmYjY1YjY1OTU2MjE4ZWZmNDcxOTdhOWViOTZh
NDA3ZGIwHhcNMjUxMDE5MTAwMTM0WhcNMjUxMDIwMTAwMTM0WjAzMTEwLwYDVQQD
EygwNTYwZDE4ZWFjYjU1YTYxOGI3OWIwZDJkMzRhNGU3ZDI3NjMxY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aDWtcbwWMDERUlcOn5Jz+PKFK8d
jblhfcDLZNS5YMW9BTWjP1vDgsWfeHXQZQEIVg6zYSxKihOUBnFYdQnSC5iRjDqq
3HtMElTtW5OsWmVQzxywben2R8dMIT3KbfHNXSH3O5C/WbddRBksy2Rg2p6x5Atb
gGu3ytDAx3VEnC3vrzLRxSr565vLigy4S4bJsmpGKuJPfyxl+RMDdjoN4qKw4cGj
TkiHtzI35mlm/YADr8VsNlLSJ2sLrhMH/RRSM/fkRl8QbIJSgEddlU5dEI0JXmAO
aKCVejY6y5p5jVCmCn3YObSdUuJAoce3Mo3OpwWYMdRofkAbQCuoZ/8wjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAVg0Y6stVphi3mw0tNKTn0nYxzNMB8GA1UdIwQY
MBaAFGkDEd+2W2WVYhjv9HGXqeuWpAfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS84MjY2YTYtMzlmMi00YTlmLWE0ZGQt
YTQ1NmUzNjRjYjBlLzEvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS84MjY2YTYtMzlmMi00YTlmLWE0ZGQtYTQ1NmUzNjRjYjBl
LzEvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALV/K9EtJ
01s3YFTklvMdYoCPu+gRB9netu0EI+ADfMI1fTlnjE7CWIN4X9GrAEdgACIV/ES9
vL5tN8f5ttwQXNj3JJnAeH9mybHoc5VqIhjMEEWeJSDsupIuyCao4DlCQxWUSN8W
0P/sqZZifo8x4xzujHn9yOwr4W1QgbPy0crjUhwULXBSPmtDi79JyfrfO+6FHFGh
0A0hOoOQl7ap+paoS+f/CwXMKrUWp1YRYtVbEq2TF/5eBVX/ojrqgAU2LkZbPaO3
WafVsAMYF1K6HZUDecY9QnFIecRWDVNKHdXaFxZtpXGbgZ4F+ibZFBBBNW6rpGOG
F0pJAssiZoEC7w==
-----END CERTIFICATE-----