Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          4eNAustxzNpML7Zv0NCqqmmWjGRMzB/Oiaq5tZmK5e4=
Subject key identifier:   2F:07:31:BE:1A:1D:0D:DD:8E:51:96:FA:13:77:66:63:D2:30:A8:85
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       0199FF22E307E1CD7E9765782CE6BC6D1290
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          0603
Signing time:             Mon 20 Oct 2025 01:01:40 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:40 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:40 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: t3eCwfLV1lAn3YtXH4efYsGI0WLu7AnfgZQ1v7ZFuGA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:e3:07:e1:cd:7e:97:65:78:2c:e6:bc:6d:12:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: Oct 20 01:01:40 2025 GMT
            Not After : Oct 21 01:01:40 2025 GMT
        Subject: CN=2f0731be1a1d0ddd8e5196fa13776663d230a885
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:20:67:e8:e9:35:d1:f1:59:88:05:45:d5:f0:
                    29:31:91:ec:3b:72:c0:ba:3a:c3:bc:10:eb:dc:6d:
                    cd:e4:85:cd:23:e2:bc:f3:63:d2:50:d4:4e:a4:6b:
                    4e:95:d3:ae:aa:5a:f7:6b:f9:b1:98:bd:7a:1b:6b:
                    74:30:b3:3c:36:f1:d5:ba:49:7e:85:27:87:7d:8d:
                    50:45:30:c7:17:2a:49:8a:56:a0:fc:57:7f:42:5b:
                    0f:39:27:21:9e:14:f6:5c:a5:a3:b7:09:e3:b2:c9:
                    5e:21:a1:dd:af:d4:91:bf:82:48:48:e5:84:b6:ef:
                    ac:47:9b:15:01:42:f1:b1:df:ac:2e:ec:78:86:da:
                    b8:06:55:90:ba:bd:81:21:a6:bf:d6:c9:55:f1:c8:
                    7d:3a:9b:92:08:40:e5:42:73:8d:de:c7:6c:19:a4:
                    20:80:f2:ad:17:24:ba:63:72:ef:64:99:dd:dc:a9:
                    a4:ee:08:d2:03:50:6e:a8:fb:8b:07:9f:be:c5:36:
                    64:40:63:c1:66:d2:d2:2e:71:d3:97:16:29:49:db:
                    16:31:cb:30:b8:e3:c8:2b:91:b9:ab:bf:f1:27:5e:
                    36:6a:09:a1:8d:e5:f2:3b:ee:a2:49:ff:95:3e:da:
                    65:5c:3d:65:c6:96:41:c2:72:58:e4:06:48:54:ae:
                    75:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:07:31:BE:1A:1D:0D:DD:8E:51:96:FA:13:77:66:63:D2:30:A8:85
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:b9:84:3e:b9:6c:d8:7a:32:70:38:7c:f2:ed:a8:4f:3f:8a:
         c7:3e:13:67:0f:84:bd:19:5b:c7:b9:7a:79:d2:ed:33:05:ec:
         71:e3:66:07:94:b8:2b:f5:fb:32:c4:4a:32:0c:f0:8b:6e:22:
         27:99:df:d4:3d:19:18:88:1e:fc:e4:54:51:02:2f:2b:15:0e:
         99:f3:43:e1:b9:12:51:ac:c1:96:85:13:c4:12:e5:07:a8:4a:
         31:1c:97:6e:f9:78:a8:da:1c:7f:7c:55:f5:21:75:57:e4:63:
         d7:80:08:45:97:41:d9:47:de:3c:4a:f1:b5:63:05:e4:d1:c6:
         c4:69:81:9a:4c:89:b7:19:43:65:e7:5d:0b:50:46:f4:73:41:
         0c:14:f3:f2:e4:d6:28:22:c9:75:16:6e:ca:72:c2:72:e5:bb:
         6f:ba:e5:b4:b8:21:7b:ff:4e:ac:6f:ff:61:2f:ba:10:e0:29:
         10:a0:97:cb:47:f8:df:87:af:1e:42:f7:07:27:8c:9a:49:27:
         b9:fd:d1:54:7f:35:11:78:75:cf:ce:f1:49:a8:85:6d:9e:75:
         70:12:11:65:49:61:bd:9c:24:7f:9b:7a:6a:fe:2e:93:bf:e7:
         53:d3:42:26:09:af:99:44:40:26:a6:c3:3d:eb:68:d2:f0:0b:
         b6:c9:a1:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IuMH4c1+l2V4LOa8bRKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjUxMDIwMDEwMTQwWhcNMjUxMDIxMDEwMTQwWjAzMTEwLwYDVQQD
EygyZjA3MzFiZTFhMWQwZGRkOGU1MTk2ZmExMzc3NjY2M2QyMzBhODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSBn6Ok10fFZiAVF1fApMZHsO3LA
ujrDvBDr3G3N5IXNI+K882PSUNROpGtOldOuqlr3a/mxmL16G2t0MLM8NvHVukl+
hSeHfY1QRTDHFypJilag/Fd/QlsPOSchnhT2XKWjtwnjssleIaHdr9SRv4JISOWE
tu+sR5sVAULxsd+sLux4htq4BlWQur2BIaa/1slV8ch9OpuSCEDlQnON3sdsGaQg
gPKtFyS6Y3LvZJnd3Kmk7gjSA1BuqPuLB5++xTZkQGPBZtLSLnHTlxYpSdsWMcsw
uOPIK5G5q7/xJ142agmhjeXyO+6iSf+VPtplXD1lxpZBwnJY5AZIVK51PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8HMb4aHQ3djlGW+hN3ZmPSMKiFMB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbLmEPrls
2HoycDh88u2oTz+Kxz4TZw+EvRlbx7l6edLtMwXsceNmB5S4K/X7MsRKMgzwi24i
J5nf1D0ZGIge/ORUUQIvKxUOmfND4bkSUazBloUTxBLlB6hKMRyXbvl4qNocf3xV
9SF1V+Rj14AIRZdB2UfePErxtWMF5NHGxGmBmkyJtxlDZeddC1BG9HNBDBTz8uTW
KCLJdRZuynLCcuW7b7rltLghe/9OrG//YS+6EOApEKCXy0f434evHkL3ByeMmkkn
uf3RVH81EXh1z87xSaiFbZ51cBIRZUlhvZwkf5t6av4uk7/nU9NCJgmvmURAJqbD
Peto0vALtsmh1w==
-----END CERTIFICATE-----