Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
File:                     SdA41NOnW7-ev-owZGh7Xjs0b-M.mft (raw, json)
Hash identifier:          Mhh8Lm3mpRjZUX3OT5x4tlV+pXFWrIahz68/HeMwKs8=
Subject key identifier:   B4:41:DA:46:BB:B0:37:CD:1F:C7:9F:F6:60:8D:B5:65:EC:A8:EA:1E
Authority key identifier: 49:D0:38:D4:D3:A7:5B:BF:9E:BF:EA:30:64:68:7B:5E:3B:34:6F:E3
Certificate issuer:       /CN=49d038d4d3a75bbf9ebfea3064687b5e3b346fe3
Certificate serial:       019A228972BADB19FFB6ED108F8BEFB1A327
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
Manifest number:          0D17
Signing time:             Sun 26 Oct 2025 22:00:24 +0000
Manifest this update:     Sun 26 Oct 2025 22:00:24 +0000
Manifest next update:     Mon 27 Oct 2025 22:00:24 +0000
Files and hashes:         1: SdA41NOnW7-ev-owZGh7Xjs0b-M.crl (hash: 9MpdXPXFVXsSwiJw3j1zJolDI/5hq0U3arsVCGYpNtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 19:48:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:22:89:72:ba:db:19:ff:b6:ed:10:8f:8b:ef:b1:a3:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49d038d4d3a75bbf9ebfea3064687b5e3b346fe3
        Validity
            Not Before: Oct 26 22:00:24 2025 GMT
            Not After : Oct 27 22:00:24 2025 GMT
        Subject: CN=b441da46bbb037cd1fc79ff6608db565eca8ea1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:19:6b:31:bc:09:86:f6:af:80:1b:32:ca:9c:
                    64:ba:73:97:66:e9:87:0a:de:7f:e0:f4:07:44:19:
                    e4:71:ea:dd:88:0c:23:1c:be:77:df:e0:35:cc:40:
                    d7:48:15:fe:a9:67:74:3d:2a:ca:d3:51:76:89:6e:
                    c1:cb:e0:43:73:28:af:52:f1:cf:56:47:56:bd:b3:
                    f8:82:73:20:cb:4f:54:7a:47:b4:a2:1a:29:fe:7f:
                    b6:bc:78:44:d4:85:c1:49:33:74:cf:08:db:b0:0d:
                    a6:44:2b:7c:b8:cd:f7:80:16:92:3b:d9:2d:91:1a:
                    c4:d2:c0:f1:0d:f0:c0:61:eb:fe:96:f8:de:e1:d7:
                    8e:84:af:7b:a3:11:1e:47:90:8e:64:70:cd:f8:ea:
                    c1:0e:01:dd:6c:b2:25:2f:5a:9e:2a:c7:0c:fd:49:
                    a0:ab:96:35:e8:a5:fe:14:17:8b:39:fe:72:92:3f:
                    0d:c0:61:b8:aa:f4:f6:5a:ff:a4:77:60:d8:43:ba:
                    7b:76:63:9c:9b:27:77:38:cc:de:95:b1:a9:48:65:
                    16:b6:05:8e:33:c3:59:e3:e9:5f:be:34:3b:2f:29:
                    80:48:11:6b:53:b6:00:f4:16:3c:49:49:2c:74:f1:
                    05:67:e7:13:3b:40:55:9f:65:ba:ca:e9:b5:62:c5:
                    dd:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:41:DA:46:BB:B0:37:CD:1F:C7:9F:F6:60:8D:B5:65:EC:A8:EA:1E
            X509v3 Authority Key Identifier:
                keyid:49:D0:38:D4:D3:A7:5B:BF:9E:BF:EA:30:64:68:7B:5E:3B:34:6F:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:fc:81:0d:5e:f0:6f:de:65:22:4b:42:81:ab:84:8c:a5:07:
         a6:11:20:be:aa:d2:16:38:97:ab:98:a3:59:2a:96:ec:c3:f7:
         7d:e9:2a:97:76:d8:11:bc:8b:20:23:a5:3d:34:f8:28:b5:53:
         48:ea:4b:2d:4b:5d:ca:4d:e9:36:63:98:8d:8f:1d:37:62:ed:
         e9:ec:31:99:cc:90:6a:01:f7:c2:cc:b5:89:cf:1a:28:66:75:
         7f:79:93:d6:d4:0d:ff:3f:b8:a6:a3:3d:3c:1a:86:c9:4f:03:
         79:f2:be:05:69:06:e8:c8:56:ab:16:d1:3b:32:8d:5a:c6:93:
         82:71:8c:fc:ed:1f:19:aa:fa:17:f2:ba:55:60:26:b6:48:2e:
         25:51:1b:ff:86:24:c1:a6:9f:6f:3d:71:6b:de:2b:e4:05:26:
         83:f0:e2:b7:25:c5:ef:f6:99:0c:2d:ed:fc:e5:70:cd:68:dd:
         fc:2b:14:ed:8c:21:46:5c:84:25:ca:9f:95:23:a7:75:eb:32:
         f8:41:3b:36:09:09:80:c2:00:53:9b:d9:93:d6:b6:1e:af:73:
         2a:ae:dc:c9:57:cb:19:10:3a:73:42:13:0d:cc:1a:35:21:01:
         03:bb:bd:6f:33:82:9b:3c:01:97:ae:06:d3:f1:e6:ed:af:a5:
         b3:01:80:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoiiXK62xn/tu0Qj4vvsaMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZDAzOGQ0ZDNhNzViYmY5ZWJmZWEzMDY0Njg3YjVlM2Iz
NDZmZTMwHhcNMjUxMDI2MjIwMDI0WhcNMjUxMDI3MjIwMDI0WjAzMTEwLwYDVQQD
EyhiNDQxZGE0NmJiYjAzN2NkMWZjNzlmZjY2MDhkYjU2NWVjYThlYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RlrMbwJhvavgBsyypxkunOXZumH
Ct5/4PQHRBnkcerdiAwjHL533+A1zEDXSBX+qWd0PSrK01F2iW7By+BDcyivUvHP
VkdWvbP4gnMgy09Ueke0ohop/n+2vHhE1IXBSTN0zwjbsA2mRCt8uM33gBaSO9kt
kRrE0sDxDfDAYev+lvje4deOhK97oxEeR5COZHDN+OrBDgHdbLIlL1qeKscM/Umg
q5Y16KX+FBeLOf5ykj8NwGG4qvT2Wv+kd2DYQ7p7dmOcmyd3OMzelbGpSGUWtgWO
M8NZ4+lfvjQ7LymASBFrU7YA9BY8SUksdPEFZ+cTO0BVn2W6yum1YsXdtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRB2ka7sDfNH8ef9mCNtWXsqOoeMB8GA1UdIwQY
MBaAFEnQONTTp1u/nr/qMGRoe147NG/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83MzU3NTYtODg1Ny00MjRkLTk1MjQt
MjBmNTMxMTIyYjU3LzEvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83MzU3NTYtODg1Ny00MjRkLTk1MjQtMjBmNTMxMTIyYjU3
LzEvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmfyBDV7w
b95lIktCgauEjKUHphEgvqrSFjiXq5ijWSqW7MP3fekql3bYEbyLICOlPTT4KLVT
SOpLLUtdyk3pNmOYjY8dN2Lt6ewxmcyQagH3wsy1ic8aKGZ1f3mT1tQN/z+4pqM9
PBqGyU8DefK+BWkG6MhWqxbROzKNWsaTgnGM/O0fGar6F/K6VWAmtkguJVEb/4Yk
waafbz1xa94r5AUmg/DityXF7/aZDC3t/OVwzWjd/CsU7YwhRlyEJcqflSOndesy
+EE7NgkJgMIAU5vZk9a2Hq9zKq7cyVfLGRA6c0ITDcwaNSEBA7u9bzOCmzwBl64G
0/Hm7a+lswGA1A==
-----END CERTIFICATE-----