Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
File:                     9PpnFz_1YpCIuXCWGuG-dGldxmE.mft (raw, json)
Hash identifier:          eMAvKWigGPCuiVy6Cs22pYXIwqZ72ffT1klGEUBd6R4=
Subject key identifier:   BC:12:A0:9A:29:A8:AE:CB:C0:9B:CC:87:95:E9:E2:1A:AE:94:86:29
Authority key identifier: F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61
Certificate issuer:       /CN=f4fa67173ff5629088b970961ae1be74695dc661
Certificate serial:       0199FBEBE1D1CDC5DBA1AEB497AF6FD6F594
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:02:43 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:43 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:43 +0000
Files and hashes:         1: 9PpnFz_1YpCIuXCWGuG-dGldxmE.crl (hash: D0EZSyiEJUl8hf/axOxSZ/dupZavn6wfd7JVteDaJ3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:e1:d1:cd:c5:db:a1:ae:b4:97:af:6f:d6:f5:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4fa67173ff5629088b970961ae1be74695dc661
        Validity
            Not Before: Oct 19 10:02:43 2025 GMT
            Not After : Oct 20 10:02:43 2025 GMT
        Subject: CN=bc12a09a29a8aecbc09bcc8795e9e21aae948629
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d2:db:61:43:b4:dd:fe:74:ec:4c:29:f1:d7:
                    09:60:51:62:68:11:ad:c7:19:cb:db:05:5d:98:80:
                    05:53:67:c2:4b:e9:cf:4d:aa:5f:86:1e:1f:ad:7a:
                    40:44:26:16:92:fd:c9:11:84:13:3f:ee:f9:5d:49:
                    6b:f1:9f:3b:b7:c3:ef:a9:d5:97:35:85:ea:51:1c:
                    d5:7e:78:e3:aa:a8:a4:4f:29:74:c1:36:6b:f5:52:
                    73:43:cb:b0:d9:a2:dd:34:e9:c4:aa:1b:bf:11:ae:
                    3d:07:61:d0:f8:41:ee:73:8e:97:f2:87:b8:65:67:
                    4b:53:4f:c5:28:9f:27:e0:22:27:24:76:6f:40:32:
                    40:04:e8:10:66:a9:44:6b:6a:7a:5f:90:1c:03:77:
                    e5:c9:e2:cc:e9:f5:38:10:b7:a6:ba:0d:57:8b:2f:
                    3a:1c:83:7c:7d:3c:4a:4d:b1:16:3d:5c:a1:9d:d3:
                    4f:d7:1c:65:88:b3:82:57:56:34:e3:e7:a3:36:18:
                    d7:ad:60:b1:5a:41:f7:6e:6b:fc:b0:94:b5:b4:fe:
                    a8:a6:d7:47:01:02:d2:2e:44:cd:f2:07:48:8b:50:
                    41:51:2a:8c:6c:05:66:80:e5:6f:8c:16:37:8a:ba:
                    9e:b9:d0:1a:cd:e8:12:45:32:93:2f:7c:c9:f9:9b:
                    1f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:12:A0:9A:29:A8:AE:CB:C0:9B:CC:87:95:E9:E2:1A:AE:94:86:29
            X509v3 Authority Key Identifier:
                keyid:F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:51:b3:1f:44:e8:69:d5:2c:a4:9d:52:ae:a7:48:a5:61:c5:
         e8:8b:30:aa:01:91:e9:33:8d:a5:8c:3e:52:af:6b:85:81:df:
         3c:90:9a:3a:fb:91:55:16:2d:e4:20:05:24:b3:7b:3d:20:52:
         01:e8:77:a9:1d:07:90:71:31:60:b1:bb:79:c9:98:5b:72:94:
         56:02:16:2f:9e:cd:66:67:bf:d4:6e:89:1c:2f:45:4e:2e:e5:
         af:ec:0c:0d:d8:1a:a4:c6:ab:00:72:9e:f1:24:ff:d8:8a:96:
         6a:59:07:ca:50:a1:b1:d6:95:df:f1:7a:52:e9:7e:0b:9c:9b:
         2b:98:8a:8c:c8:ff:d3:65:29:2c:0a:ae:af:81:76:e9:10:a7:
         10:2d:ea:ad:86:e8:ff:69:ed:8c:4b:e6:66:39:bd:40:b2:b7:
         33:78:80:11:21:ed:46:a3:57:d4:b9:48:ce:ce:37:d9:e1:27:
         80:d0:38:94:bc:27:2a:bb:e8:8d:2d:e4:02:17:d3:b5:a5:e1:
         65:4e:cf:e1:a1:05:a3:90:9a:35:48:42:9e:1a:bc:4a:4f:04:
         f7:ae:ea:ba:19:83:d5:f8:59:3d:39:43:65:87:8e:10:cf:b1:
         72:09:88:2d:24:8e:1a:d1:5d:0f:f4:49:e1:20:4e:08:63:a3:
         01:73:ef:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76+HRzcXboa60l69v1vWUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZmE2NzE3M2ZmNTYyOTA4OGI5NzA5NjFhZTFiZTc0Njk1
ZGM2NjEwHhcNMjUxMDE5MTAwMjQzWhcNMjUxMDIwMTAwMjQzWjAzMTEwLwYDVQQD
EyhiYzEyYTA5YTI5YThhZWNiYzA5YmNjODc5NWU5ZTIxYWFlOTQ4NjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtLbYUO03f507Ewp8dcJYFFiaBGt
xxnL2wVdmIAFU2fCS+nPTapfhh4frXpARCYWkv3JEYQTP+75XUlr8Z87t8PvqdWX
NYXqURzVfnjjqqikTyl0wTZr9VJzQ8uw2aLdNOnEqhu/Ea49B2HQ+EHuc46X8oe4
ZWdLU0/FKJ8n4CInJHZvQDJABOgQZqlEa2p6X5AcA3flyeLM6fU4ELemug1Xiy86
HIN8fTxKTbEWPVyhndNP1xxliLOCV1Y04+ejNhjXrWCxWkH3bmv8sJS1tP6optdH
AQLSLkTN8gdIi1BBUSqMbAVmgOVvjBY3irqeudAazegSRTKTL3zJ+Zsf3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwSoJopqK7LwJvMh5Xp4hqulIYpMB8GA1UdIwQY
MBaAFPT6Zxc/9WKQiLlwlhrhvnRpXcZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUt
ZDg1ZWJjNWVhOThkLzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUtZDg1ZWJjNWVhOThk
LzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAclGzH0To
adUspJ1SrqdIpWHF6IswqgGR6TONpYw+Uq9rhYHfPJCaOvuRVRYt5CAFJLN7PSBS
Aeh3qR0HkHExYLG7ecmYW3KUVgIWL57NZme/1G6JHC9FTi7lr+wMDdgapMarAHKe
8ST/2IqWalkHylChsdaV3/F6Uul+C5ybK5iKjMj/02UpLAqur4F26RCnEC3qrYbo
/2ntjEvmZjm9QLK3M3iAESHtRqNX1LlIzs432eEngNA4lLwnKrvojS3kAhfTtaXh
ZU7P4aEFo5CaNUhCnhq8Sk8E967quhmD1fhZPTlDZYeOEM+xcgmILSSOGtFdD/RJ
4SBOCGOjAXPvDA==
-----END CERTIFICATE-----