Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft
File:                     9l95H50M9str44nJRWjId0BeUUQ.mft (raw, json)
Hash identifier:          s2dbDO9IrDJZRLpwT8fSsKGVT9aDeN7yCOgR3aDb9TU=
Subject key identifier:   47:55:35:6F:42:15:7B:12:FB:1C:F6:5C:FD:7F:98:65:81:52:3F:2A
Authority key identifier: F6:5F:79:1F:9D:0C:F6:CB:6B:E3:89:C9:45:68:C8:77:40:5E:51:44
Certificate issuer:       /CN=f65f791f9d0cf6cb6be389c94568c877405e5144
Certificate serial:       0199FC58B0007F857D0B457C50C6E5F6C8A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9l95H50M9str44nJRWjId0BeUUQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft
Manifest number:          064C
Signing time:             Sun 19 Oct 2025 12:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:34 +0000
Files and hashes:         1: 9l95H50M9str44nJRWjId0BeUUQ.crl (hash: cvTzy84AbzW52lXCZ/kHuGSvf1YvK+iqfgoSbHbBY1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9l95H50M9str44nJRWjId0BeUUQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:b0:00:7f:85:7d:0b:45:7c:50:c6:e5:f6:c8:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f65f791f9d0cf6cb6be389c94568c877405e5144
        Validity
            Not Before: Oct 19 12:01:34 2025 GMT
            Not After : Oct 20 12:01:34 2025 GMT
        Subject: CN=4755356f42157b12fb1cf65cfd7f986581523f2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d7:4f:c6:c4:1c:52:f8:a1:28:64:15:9a:79:
                    b4:4e:ea:16:4b:7c:fb:a6:12:3f:12:6c:2a:45:b8:
                    de:e9:9d:b4:4a:ae:4f:0d:d4:af:a9:92:d0:eb:7d:
                    f8:2e:8d:00:74:64:d8:4d:ae:09:6a:f5:4d:3a:70:
                    2b:e0:0d:db:66:13:0f:06:b4:77:dc:8d:5b:69:2b:
                    c6:d6:96:62:6c:8c:cc:55:c8:55:1a:1a:a6:9c:cb:
                    7a:7f:aa:b6:cc:d3:cf:a4:79:f9:09:b6:8d:f8:9f:
                    70:0d:e0:3a:ba:d3:10:13:67:15:64:6f:7f:73:f0:
                    95:52:4a:c4:56:63:e1:c0:08:67:f2:f5:9f:c9:9e:
                    9a:a3:61:08:da:3d:68:79:9f:b0:59:e1:d8:02:5e:
                    ca:ea:80:bf:7a:03:b6:37:33:23:43:70:dd:0d:2e:
                    c7:eb:98:7d:d6:01:fc:19:8c:23:7e:8a:ea:d2:99:
                    ce:62:2b:67:27:c6:47:51:36:ec:a3:69:4d:c1:42:
                    f0:3f:eb:a2:fd:e4:9f:45:c0:18:31:64:c3:a9:3c:
                    e0:64:79:7a:c2:cb:7c:93:27:d8:69:c5:72:aa:e9:
                    1f:b6:e8:05:83:9f:01:0a:7e:3d:84:58:b2:6d:3c:
                    4b:58:54:a8:d4:8b:0d:2e:4b:42:a9:47:af:ec:de:
                    88:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:55:35:6F:42:15:7B:12:FB:1C:F6:5C:FD:7F:98:65:81:52:3F:2A
            X509v3 Authority Key Identifier:
                keyid:F6:5F:79:1F:9D:0C:F6:CB:6B:E3:89:C9:45:68:C8:77:40:5E:51:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9l95H50M9str44nJRWjId0BeUUQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:f2:ae:28:88:a4:e4:43:0f:7e:44:ec:34:63:74:56:d4:01:
         73:c7:50:d0:ba:63:76:65:59:37:9e:a9:96:1b:75:82:e5:fc:
         0e:bd:9e:03:e8:0d:af:62:3f:2c:62:e9:69:72:50:49:88:5b:
         a1:5f:f7:0f:22:bf:e5:c3:9b:e8:3c:62:7f:4d:20:c8:20:1e:
         8f:90:63:a7:2a:fa:61:47:2a:d5:ce:28:77:47:48:18:e8:39:
         fb:94:52:88:78:98:1a:75:8d:71:0a:b8:39:1b:dc:1a:6b:4b:
         f7:31:94:ba:89:f4:c7:a0:e1:42:bc:77:9b:af:82:90:13:6d:
         a3:ef:6a:8e:e2:78:ce:d1:df:17:58:10:13:a1:2c:3d:17:fa:
         73:89:74:89:66:56:90:0e:45:27:d6:6d:0f:59:64:36:5b:a8:
         ec:d7:81:8f:cb:72:05:5a:85:86:02:a2:21:f0:17:f3:34:98:
         c7:2d:02:01:07:9c:06:14:3e:be:a1:ec:e3:48:b5:bc:0c:bb:
         b0:23:1a:00:03:03:f4:6d:2a:57:48:a6:f0:c9:5a:13:9b:3a:
         8f:09:e5:03:ab:76:74:c2:7d:c4:2c:ba:42:cb:28:2b:2d:c6:
         bf:72:48:3d:3f:25:1d:d2:a7:93:fe:b6:47:60:63:e8:5e:0b:
         f1:40:e5:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WLAAf4V9C0V8UMbl9silMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NWY3OTFmOWQwY2Y2Y2I2YmUzODljOTQ1NjhjODc3NDA1
ZTUxNDQwHhcNMjUxMDE5MTIwMTM0WhcNMjUxMDIwMTIwMTM0WjAzMTEwLwYDVQQD
Eyg0NzU1MzU2ZjQyMTU3YjEyZmIxY2Y2NWNmZDdmOTg2NTgxNTIzZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArddPxsQcUvihKGQVmnm0TuoWS3z7
phI/EmwqRbje6Z20Sq5PDdSvqZLQ6334Lo0AdGTYTa4JavVNOnAr4A3bZhMPBrR3
3I1baSvG1pZibIzMVchVGhqmnMt6f6q2zNPPpHn5CbaN+J9wDeA6utMQE2cVZG9/
c/CVUkrEVmPhwAhn8vWfyZ6ao2EI2j1oeZ+wWeHYAl7K6oC/egO2NzMjQ3DdDS7H
65h91gH8GYwjforq0pnOYitnJ8ZHUTbso2lNwULwP+ui/eSfRcAYMWTDqTzgZHl6
wst8kyfYacVyqukftugFg58BCn49hFiybTxLWFSo1IsNLktCqUev7N6IjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdVNW9CFXsS+xz2XP1/mGWBUj8qMB8GA1UdIwQY
MBaAFPZfeR+dDPbLa+OJyUVoyHdAXlFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWw5NUg1ME05c3RyNDRuSlJXaklkMEJlVVVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xNzM4OTQtMjBkNS00ZDA0LWJlNzAt
Y2QwMzc0MWQyNmI1LzEvOWw5NUg1ME05c3RyNDRuSlJXaklkMEJlVVVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xNzM4OTQtMjBkNS00ZDA0LWJlNzAtY2QwMzc0MWQyNmI1
LzEvOWw5NUg1ME05c3RyNDRuSlJXaklkMEJlVVVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/KuKIik
5EMPfkTsNGN0VtQBc8dQ0LpjdmVZN56plht1guX8Dr2eA+gNr2I/LGLpaXJQSYhb
oV/3DyK/5cOb6Dxif00gyCAej5Bjpyr6YUcq1c4od0dIGOg5+5RSiHiYGnWNcQq4
ORvcGmtL9zGUuon0x6DhQrx3m6+CkBNto+9qjuJ4ztHfF1gQE6EsPRf6c4l0iWZW
kA5FJ9ZtD1lkNluo7NeBj8tyBVqFhgKiIfAX8zSYxy0CAQecBhQ+vqHs40i1vAy7
sCMaAAMD9G0qV0im8MlaE5s6jwnlA6t2dMJ9xCy6QssoKy3Gv3JIPT8lHdKnk/62
R2Bj6F4L8UDlMQ==
-----END CERTIFICATE-----