Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
File:                     wq8ZpG9azIz4_QNiSmG3koqBjNA.mft (raw, json)
Hash identifier:          LtUxSb6o8zICDnS7omnTu3ke2gyV8PyK07bqTDP90tY=
Subject key identifier:   3E:70:8C:61:E4:F4:B2:1D:92:59:31:89:EF:8A:5B:52:32:EA:47:D3
Authority key identifier: C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0
Certificate issuer:       /CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
Certificate serial:       019A2E20301D9CC444A137E38188B1B69468
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
Manifest number:          16F7
Signing time:             Wed 29 Oct 2025 04:00:52 +0000
Manifest this update:     Wed 29 Oct 2025 04:00:52 +0000
Manifest next update:     Thu 30 Oct 2025 04:00:52 +0000
Files and hashes:         1: wq8ZpG9azIz4_QNiSmG3koqBjNA.crl (hash: m3rCFcBzhQY6FY1NTZc6oVxvyP4yrvnp+LiDjCF4WZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 Oct 2025 23:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:2e:20:30:1d:9c:c4:44:a1:37:e3:81:88:b1:b6:94:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
        Validity
            Not Before: Oct 29 04:00:52 2025 GMT
            Not After : Oct 30 04:00:52 2025 GMT
        Subject: CN=3e708c61e4f4b21d92593189ef8a5b5232ea47d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:3f:0b:1a:f6:ed:e3:dd:fc:48:80:1f:c2:d2:
                    a7:b4:aa:5f:fc:54:22:b4:58:46:5d:ec:d6:41:6e:
                    bb:13:16:04:a3:fa:51:06:f6:28:c1:b0:78:27:9b:
                    c6:24:5f:9b:2a:c5:cc:6b:67:6c:f6:89:73:ab:05:
                    a7:c6:5b:2b:fe:f8:b3:74:61:45:6a:3d:d4:93:e1:
                    7e:57:53:71:6e:22:c6:99:1d:ac:a9:cc:12:15:d5:
                    a7:a6:0d:a4:d7:2e:0c:8c:cc:8d:05:25:da:a5:d7:
                    ce:62:9c:c8:bb:d1:b4:e3:1d:78:a4:fd:31:51:e6:
                    68:51:6c:b6:da:f4:98:37:ff:03:52:18:02:3d:24:
                    12:ce:7b:82:f7:b4:43:37:b3:9f:25:b0:f2:7f:25:
                    70:9a:f5:e3:fd:74:d0:4c:58:8d:21:20:8d:45:ad:
                    bf:5c:16:12:7e:f5:88:3c:11:3d:6d:79:52:aa:96:
                    d9:19:03:31:7a:9b:17:b5:c1:44:22:2e:a5:7d:d4:
                    4c:80:9e:3a:96:29:4a:ae:72:a7:28:fb:30:68:f7:
                    d7:38:41:80:c3:38:a2:7d:61:2e:54:2a:2f:dd:2f:
                    f9:8b:40:b2:78:96:8c:d7:0f:2f:eb:80:b2:3a:b3:
                    11:f6:49:78:4e:ab:6c:83:a7:f3:49:b3:53:19:65:
                    7c:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:70:8C:61:E4:F4:B2:1D:92:59:31:89:EF:8A:5B:52:32:EA:47:D3
            X509v3 Authority Key Identifier:
                keyid:C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:1d:da:54:2e:ba:67:65:11:48:fe:6c:23:ad:44:6b:e8:b9:
         c3:dd:b0:92:d6:e6:e8:3b:82:28:ec:c6:ff:f1:b5:66:99:67:
         e0:a6:96:97:d5:3b:61:f8:3a:9a:a8:bc:ec:be:0b:ff:2d:c0:
         5b:6a:89:86:59:6e:87:c0:0f:b7:9d:c5:df:8f:61:02:d2:29:
         75:65:53:7f:fd:78:46:43:6b:f7:8b:e0:31:d7:16:14:c0:55:
         a0:6c:48:b0:01:eb:40:34:a6:eb:4c:ed:b1:d8:8e:19:29:fa:
         0f:d5:50:0a:5a:97:f7:6a:b2:59:7b:d1:ac:a3:a3:23:0b:b5:
         82:eb:46:86:e9:72:b8:fd:34:b0:97:3e:87:f9:0c:3a:55:fb:
         4e:77:18:4e:6a:10:2c:e5:cd:de:1e:b8:df:92:20:d6:35:e9:
         cd:1a:f3:05:a2:25:b7:bb:24:b2:9f:02:d0:19:b4:e7:54:4a:
         4b:b5:3f:40:1f:d2:cc:08:59:c2:fc:35:ea:a4:46:f5:3d:f4:
         21:f9:1a:8a:8e:33:48:48:b4:7a:cc:7c:6f:51:c7:a1:08:56:
         0a:2c:75:a2:70:cb:2d:3e:26:8b:50:80:0d:94:03:fc:00:42:
         b1:6b:1a:bc:d9:80:38:1b:0c:45:16:0e:5d:ee:8f:72:16:3b:
         f0:80:f4:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZouIDAdnMREoTfjgYixtpRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWYxOWE0NmY1YWNjOGNmOGZkMDM2MjRhNjFiNzkyOGE4
MThjZDAwHhcNMjUxMDI5MDQwMDUyWhcNMjUxMDMwMDQwMDUyWjAzMTEwLwYDVQQD
EygzZTcwOGM2MWU0ZjRiMjFkOTI1OTMxODllZjhhNWI1MjMyZWE0N2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj8LGvbt4938SIAfwtKntKpf/FQi
tFhGXezWQW67ExYEo/pRBvYowbB4J5vGJF+bKsXMa2ds9olzqwWnxlsr/vizdGFF
aj3Uk+F+V1NxbiLGmR2sqcwSFdWnpg2k1y4MjMyNBSXapdfOYpzIu9G04x14pP0x
UeZoUWy22vSYN/8DUhgCPSQSznuC97RDN7OfJbDyfyVwmvXj/XTQTFiNISCNRa2/
XBYSfvWIPBE9bXlSqpbZGQMxepsXtcFEIi6lfdRMgJ46lilKrnKnKPswaPfXOEGA
wziifWEuVCov3S/5i0CyeJaM1w8v64CyOrMR9kl4Tqtsg6fzSbNTGWV8uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5wjGHk9LIdklkxie+KW1Iy6kfTMB8GA1UdIwQY
MBaAFMKvGaRvWsyM+P0DYkpht5KKgYzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMt
NTYzNjgxNGE5MzM3LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMtNTYzNjgxNGE5MzM3
LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwR3aVC66
Z2URSP5sI61Ea+i5w92wktbm6DuCKOzG//G1Zpln4KaWl9U7Yfg6mqi87L4L/y3A
W2qJhlluh8APt53F349hAtIpdWVTf/14RkNr94vgMdcWFMBVoGxIsAHrQDSm60zt
sdiOGSn6D9VQClqX92qyWXvRrKOjIwu1gutGhulyuP00sJc+h/kMOlX7TncYTmoQ
LOXN3h6435Ig1jXpzRrzBaIlt7sksp8C0Bm051RKS7U/QB/SzAhZwvw16qRG9T30
Ifkaio4zSEi0esx8b1HHoQhWCix1onDLLT4mi1CADZQD/ABCsWsavNmAOBsMRRYO
Xe6PchY78ID0Tw==
-----END CERTIFICATE-----