Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
File:                     tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft (raw, json)
Hash identifier:          mCBUa2CsMFG2P+ml4ktNGqIqRP45zIbmGs3CPiKu1Zk=
Subject key identifier:   AF:4F:37:7C:10:FC:29:0D:19:3E:E6:B1:65:47:55:38:AD:C7:75:F9
Authority key identifier: B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5
Certificate issuer:       /CN=b483bc0a71a52d0cf3989522367575959ebdcef5
Certificate serial:       019A72259F0A1907C530E76A27D9703A62A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
Manifest number:          16AD
Signing time:             Tue 11 Nov 2025 09:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:59 +0000
Files and hashes:         1: tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl (hash: jxvywlM0Rd12wWGs+5kn/n+iEN7LHVJ5AtieUiaNRWk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:9f:0a:19:07:c5:30:e7:6a:27:d9:70:3a:62:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b483bc0a71a52d0cf3989522367575959ebdcef5
        Validity
            Not Before: Nov 11 09:00:59 2025 GMT
            Not After : Nov 12 09:00:59 2025 GMT
        Subject: CN=af4f377c10fc290d193ee6b165475538adc775f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:fd:a6:84:00:99:86:e7:4e:fe:1b:8c:99:a3:
                    20:e8:d5:55:cc:48:1c:1f:d9:fc:ce:5b:5b:9a:04:
                    3b:62:d6:ec:2d:93:c8:da:89:ab:4b:5d:67:c2:c1:
                    05:0e:9e:0e:e0:0b:bb:e4:a2:54:4d:b0:b3:26:56:
                    e8:93:3d:88:c5:fe:46:4a:a2:bb:0e:48:d5:c3:5d:
                    30:74:9f:b7:e1:95:d7:bf:07:71:67:e8:20:49:cb:
                    3a:14:42:10:da:a6:70:3f:6d:c8:ce:05:e6:a6:92:
                    0e:4e:21:ea:11:6e:f6:7f:b2:20:15:93:1d:9a:d3:
                    d4:86:c3:45:fb:d8:9a:92:c5:4c:12:b5:de:52:8e:
                    1a:60:ea:fe:64:74:8a:05:19:38:2a:1f:97:fd:36:
                    40:4a:19:91:1b:d6:a6:cf:94:4d:fc:24:1a:a5:80:
                    ca:64:bf:0e:78:fe:a6:8d:2a:3d:68:3c:da:eb:b9:
                    8d:75:0d:65:3c:0b:e3:10:3c:b0:44:17:be:c5:6e:
                    16:b1:77:30:5c:1a:02:f8:7c:70:74:34:39:0d:8c:
                    3a:63:e2:19:b4:a7:4d:39:58:db:04:3c:59:88:70:
                    15:53:27:22:bc:cf:01:d2:a5:bf:11:ba:06:48:44:
                    33:aa:bd:5d:4b:20:aa:df:21:56:27:f3:cf:81:a4:
                    ef:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:4F:37:7C:10:FC:29:0D:19:3E:E6:B1:65:47:55:38:AD:C7:75:F9
            X509v3 Authority Key Identifier:
                keyid:B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:32:2a:65:25:4a:bf:f0:8f:55:ca:54:af:32:e9:c5:c8:af:
         e5:f7:c9:03:44:68:5c:d3:3c:bb:14:55:20:99:20:54:75:94:
         eb:a7:c4:ad:2e:14:fa:29:6c:e7:57:31:56:19:e7:8f:6f:92:
         15:ad:7e:ae:99:49:49:aa:a7:7d:9b:bf:e2:85:c1:86:f4:e0:
         d9:55:c5:df:d4:13:a0:c1:05:0d:98:e8:66:e1:7d:ca:ad:ea:
         29:93:b5:ea:1f:b3:2b:a7:2e:d6:47:09:01:21:87:20:52:13:
         55:a2:c4:72:49:6d:83:b6:ef:1e:f8:de:2a:be:20:e9:83:1f:
         4a:9a:29:4f:da:7a:be:f0:a7:7b:17:26:d1:e0:35:6b:b5:3d:
         39:ba:0e:15:f4:1d:3d:26:e2:d0:d5:6a:9e:0d:4c:e9:51:9d:
         c3:0d:b0:1e:96:04:26:a2:7a:96:0c:13:93:a2:c8:45:5d:45:
         d1:b3:db:4e:0a:7c:22:f6:53:2c:9d:15:ab:0f:34:3a:e9:5b:
         46:25:d0:c6:a1:17:5d:8b:9b:49:6f:1e:b4:e9:aa:fc:b9:37:
         6c:73:b9:3d:45:d0:a6:cf:8c:a5:a1:85:a2:05:3b:71:30:6c:
         fd:58:ea:7f:21:6c:a3:6d:0a:68:54:3b:1c:d5:68:cb:b2:27:
         b2:e2:59:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZ8KGQfFMOdqJ9lwOmKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODNiYzBhNzFhNTJkMGNmMzk4OTUyMjM2NzU3NTk1OWVi
ZGNlZjUwHhcNMjUxMTExMDkwMDU5WhcNMjUxMTEyMDkwMDU5WjAzMTEwLwYDVQQD
EyhhZjRmMzc3YzEwZmMyOTBkMTkzZWU2YjE2NTQ3NTUzOGFkYzc3NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/2mhACZhudO/huMmaMg6NVVzEgc
H9n8zltbmgQ7YtbsLZPI2omrS11nwsEFDp4O4Au75KJUTbCzJlbokz2Ixf5GSqK7
DkjVw10wdJ+34ZXXvwdxZ+ggScs6FEIQ2qZwP23IzgXmppIOTiHqEW72f7IgFZMd
mtPUhsNF+9iaksVMErXeUo4aYOr+ZHSKBRk4Kh+X/TZAShmRG9amz5RN/CQapYDK
ZL8OeP6mjSo9aDza67mNdQ1lPAvjEDywRBe+xW4WsXcwXBoC+HxwdDQ5DYw6Y+IZ
tKdNOVjbBDxZiHAVUycivM8B0qW/EboGSEQzqr1dSyCq3yFWJ/PPgaTvHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9PN3wQ/CkNGT7msWVHVTitx3X5MB8GA1UdIwQY
MBaAFLSDvApxpS0M85iVIjZ1dZWevc71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEt
OTk0ZWY4N2RiM2EzLzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEtOTk0ZWY4N2RiM2Ez
LzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARjIqZSVK
v/CPVcpUrzLpxciv5ffJA0RoXNM8uxRVIJkgVHWU66fErS4U+ils51cxVhnnj2+S
Fa1+rplJSaqnfZu/4oXBhvTg2VXF39QToMEFDZjoZuF9yq3qKZO16h+zK6cu1kcJ
ASGHIFITVaLEckltg7bvHvjeKr4g6YMfSpopT9p6vvCnexcm0eA1a7U9OboOFfQd
PSbi0NVqng1M6VGdww2wHpYEJqJ6lgwTk6LIRV1F0bPbTgp8IvZTLJ0Vqw80Oulb
RiXQxqEXXYubSW8etOmq/Lk3bHO5PUXQps+MpaGFogU7cTBs/VjqfyFso20KaFQ7
HNVoy7InsuJZeg==
-----END CERTIFICATE-----