Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
File:                     3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json)
Hash identifier:          Mf8jk+B2GRSPcqXRy1YVNzsDeyZOHEwl5NnxNpqWyTk=
Subject key identifier:   64:58:2E:E0:98:DE:1C:B1:1E:88:1B:98:56:F6:D6:93:83:FE:68:ED
Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
Certificate issuer:       /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Certificate serial:       0199FBEAF6764E934302363E6304321981BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
Manifest number:          0225
Signing time:             Sun 19 Oct 2025 10:01:43 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:43 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:43 +0000
Files and hashes:         1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: yp/zVBDEkf5736JpKfL1ie8cWqa/TlWg+nxUvp/YGFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:f6:76:4e:93:43:02:36:3e:63:04:32:19:81:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
        Validity
            Not Before: Oct 19 10:01:43 2025 GMT
            Not After : Oct 20 10:01:43 2025 GMT
        Subject: CN=64582ee098de1cb11e881b9856f6d69383fe68ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:42:72:22:75:7e:c4:0d:eb:4f:57:65:c8:43:
                    c1:e0:b8:f1:ee:95:39:db:ba:34:8e:b8:c8:23:af:
                    6d:cf:f9:61:d1:09:b7:34:5c:87:a9:c5:c3:ff:32:
                    6b:37:88:57:24:fa:33:e5:9c:f9:e5:a9:c9:99:d8:
                    59:95:47:41:e4:34:25:4d:96:aa:9e:4b:be:0c:d1:
                    c5:2a:be:76:0f:82:3a:d3:5f:b0:b4:84:a4:f3:96:
                    e1:c4:3d:59:3a:35:ea:26:c0:94:df:93:e5:40:98:
                    2f:ca:84:6f:7f:fc:fe:00:dc:9f:c6:7d:77:6e:12:
                    da:9f:10:99:6b:0c:24:58:db:f7:7e:b8:f9:6d:ea:
                    24:0b:50:77:af:93:e0:0a:91:15:cf:45:2b:5a:2f:
                    d0:76:4d:ed:e7:43:0c:5a:e3:6a:df:f7:ca:f0:4e:
                    c7:3a:59:c0:90:9d:0f:16:3c:99:7e:fd:2f:36:1b:
                    92:ac:b6:86:49:10:d3:3f:6e:67:3d:49:4a:9a:54:
                    db:97:4e:12:8a:43:d3:f6:78:48:8e:37:6f:d8:92:
                    f3:6d:31:07:de:f1:89:0e:dd:12:dd:d5:40:2f:1b:
                    32:3f:f9:5b:d4:62:e9:09:5e:d9:97:a2:b3:18:2b:
                    1a:07:e9:c8:01:03:9c:13:46:5c:d8:b1:16:dd:3b:
                    1d:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:58:2E:E0:98:DE:1C:B1:1E:88:1B:98:56:F6:D6:93:83:FE:68:ED
            X509v3 Authority Key Identifier:
                keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:79:ff:60:be:dd:78:77:6e:14:0c:a5:26:73:62:cd:74:5d:
         6e:08:c7:90:a2:16:c8:9e:29:62:f2:84:26:16:4d:89:ae:a0:
         5f:0a:88:71:8a:a0:51:d3:74:24:ef:c6:40:4d:d5:c7:a5:48:
         0e:98:eb:d3:3e:a9:bc:91:17:6e:60:3f:4b:c1:6c:85:90:11:
         13:d4:fb:85:b9:08:c2:19:4e:63:36:f6:b1:e9:e9:82:d7:29:
         30:1f:bb:63:71:94:12:00:10:af:86:40:96:ef:4f:b2:13:da:
         2e:c6:b0:b7:33:88:9d:65:ed:e6:b4:94:83:48:e2:c4:0a:40:
         34:f2:a2:15:2b:67:a7:55:00:14:2f:20:b3:7f:3c:72:c5:dc:
         49:c5:77:c8:00:2f:cd:73:98:38:02:c0:26:fa:57:b2:12:7e:
         22:70:21:af:18:c9:42:31:5d:23:ed:f1:63:cf:e0:bf:bb:51:
         93:ad:1b:94:c4:98:c3:c1:d5:9e:b3:81:d2:48:4e:da:22:fa:
         2c:10:f3:4c:81:e8:5e:93:f5:bd:41:57:d5:f2:79:0b:26:38:
         49:9d:cc:5e:5f:c8:d8:82:0a:45:00:a5:3e:62:69:64:6e:6c:
         38:9c:ec:87:0d:da:de:91:8c:72:1f:a7:33:3e:8e:db:fc:44:
         52:5e:00:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76vZ2TpNDAjY+YwQyGYG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1
NDNkMGEwHhcNMjUxMDE5MTAwMTQzWhcNMjUxMDIwMTAwMTQzWjAzMTEwLwYDVQQD
Eyg2NDU4MmVlMDk4ZGUxY2IxMWU4ODFiOTg1NmY2ZDY5MzgzZmU2OGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UJyInV+xA3rT1dlyEPB4Ljx7pU5
27o0jrjII69tz/lh0Qm3NFyHqcXD/zJrN4hXJPoz5Zz55anJmdhZlUdB5DQlTZaq
nku+DNHFKr52D4I601+wtISk85bhxD1ZOjXqJsCU35PlQJgvyoRvf/z+ANyfxn13
bhLanxCZawwkWNv3frj5beokC1B3r5PgCpEVz0UrWi/Qdk3t50MMWuNq3/fK8E7H
OlnAkJ0PFjyZfv0vNhuSrLaGSRDTP25nPUlKmlTbl04SikPT9nhIjjdv2JLzbTEH
3vGJDt0S3dVALxsyP/lb1GLpCV7Zl6KzGCsaB+nIAQOcE0Zc2LEW3TsdBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRYLuCY3hyxHogbmFb21pOD/mjtMB8GA1UdIwQY
MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt
YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx
LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwXn/YL7d
eHduFAylJnNizXRdbgjHkKIWyJ4pYvKEJhZNia6gXwqIcYqgUdN0JO/GQE3Vx6VI
Dpjr0z6pvJEXbmA/S8FshZARE9T7hbkIwhlOYzb2senpgtcpMB+7Y3GUEgAQr4ZA
lu9PshPaLsawtzOInWXt5rSUg0jixApANPKiFStnp1UAFC8gs388csXcScV3yAAv
zXOYOALAJvpXshJ+InAhrxjJQjFdI+3xY8/gv7tRk60blMSYw8HVnrOB0khO2iL6
LBDzTIHoXpP1vUFX1fJ5CyY4SZ3MXl/I2IIKRQClPmJpZG5sOJzshw3a3pGMch+n
Mz6O2/xEUl4AIg==
-----END CERTIFICATE-----