Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
File:                     214_2Taim0KaFIK070HDJuKTfSo.mft (raw, json)
Hash identifier:          sZ/b8txZ8QTjjfcK5Z9tA84wHpGgQbE0nLmbJovmpvA=
Subject key identifier:   3B:E8:99:1E:69:D1:53:2B:3E:98:0E:3C:DA:D3:82:C0:AE:6D:4D:D0
Authority key identifier: DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A
Certificate issuer:       /CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
Certificate serial:       019A22F7A958483B4A3BCD51221876ED6C24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
Manifest number:          16F3
Signing time:             Mon 27 Oct 2025 00:00:47 +0000
Manifest this update:     Mon 27 Oct 2025 00:00:47 +0000
Manifest next update:     Tue 28 Oct 2025 00:00:47 +0000
Files and hashes:         1: 214_2Taim0KaFIK070HDJuKTfSo.crl (hash: xhd0nTaY2VNm8yylbm33+OvCIP7mnQC6zUJR84KfcxQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 19:48:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:22:f7:a9:58:48:3b:4a:3b:cd:51:22:18:76:ed:6c:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
        Validity
            Not Before: Oct 27 00:00:47 2025 GMT
            Not After : Oct 28 00:00:47 2025 GMT
        Subject: CN=3be8991e69d1532b3e980e3cdad382c0ae6d4dd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:bd:72:0e:d8:d8:d5:fe:f7:49:94:99:58:20:
                    3d:8f:75:c5:27:6c:17:f4:30:af:6b:4f:f8:c2:7b:
                    35:ff:b4:de:83:17:70:f2:fb:73:76:06:41:90:02:
                    2f:84:94:85:25:c7:5a:45:9d:35:ca:ea:7e:49:f1:
                    41:67:b0:12:e8:2d:44:5a:60:68:e5:8c:ed:8c:6c:
                    d4:cd:8d:99:a1:96:72:c8:d6:f4:14:3b:18:4d:b5:
                    f1:f4:31:9c:3a:1a:01:46:b9:0a:fa:70:87:be:1e:
                    f5:ef:0b:20:87:f7:a1:9f:4f:62:ae:f0:36:bb:d7:
                    68:53:6e:bc:31:87:7d:a8:b5:81:03:e4:25:3b:34:
                    bd:e7:88:f2:4f:76:52:07:ed:87:44:07:eb:4a:99:
                    c7:62:46:e6:b6:4f:94:2b:43:e2:a3:5a:47:db:c5:
                    dd:8e:28:09:84:52:ee:7a:2f:0d:78:8c:44:6e:ed:
                    bc:31:83:9b:0d:b8:19:76:7d:62:3e:1d:89:81:08:
                    bd:b4:c5:cb:66:19:c0:ff:fe:51:d7:a1:c3:ce:f1:
                    f1:e7:81:2a:ce:36:28:1d:0f:86:1b:b1:43:04:c3:
                    24:88:0a:94:a9:0b:de:36:1f:47:d6:4e:42:d3:94:
                    20:60:2d:ac:80:a7:ad:cf:5a:84:cc:81:4a:23:e8:
                    f0:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:E8:99:1E:69:D1:53:2B:3E:98:0E:3C:DA:D3:82:C0:AE:6D:4D:D0
            X509v3 Authority Key Identifier:
                keyid:DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:2d:83:90:2e:d9:9c:13:59:bf:30:ec:c8:89:d3:4b:d3:d9:
         8c:e2:92:41:27:65:f5:b3:a1:6b:43:89:72:53:56:f2:f1:21:
         41:99:ad:ae:af:d6:1b:01:86:90:91:cc:52:eb:28:84:b7:b8:
         00:2f:96:4e:77:b1:59:8c:37:2c:28:ca:64:f2:3f:00:49:7f:
         85:c8:69:ed:e4:3f:0e:2b:17:00:09:d7:e9:aa:a7:c0:8e:55:
         2e:5f:56:b6:fd:20:44:0e:f3:18:29:99:53:54:09:88:43:ee:
         ed:6a:97:95:ae:02:75:84:3f:58:30:a5:1b:96:75:ca:5f:9e:
         50:72:38:0e:f7:7e:e9:f5:8c:83:22:ba:26:64:b7:ef:fa:32:
         83:4b:03:5b:cb:f9:e5:af:d7:8a:08:f9:2b:c0:8e:66:5d:d4:
         d2:ed:75:64:6b:ef:a9:d1:11:a7:82:90:0d:91:a7:b8:1f:b1:
         ff:42:7c:1f:24:8d:df:55:aa:7a:32:2e:2c:05:95:10:6d:f6:
         93:9e:ec:e7:85:e9:32:96:ef:79:7a:69:73:30:80:7b:3c:89:
         64:d7:88:ad:4b:f5:21:64:7a:8c:f9:b6:01:ec:50:75:7c:03:
         fe:e1:76:66:40:86:d0:10:31:cf:e2:8c:3f:09:98:28:dc:a2:
         47:3a:8d:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoi96lYSDtKO81RIhh27WwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNWUzZmQ5MzZhMjliNDI5YTE0ODJiNGVmNDFjMzI2ZTI5
MzdkMmEwHhcNMjUxMDI3MDAwMDQ3WhcNMjUxMDI4MDAwMDQ3WjAzMTEwLwYDVQQD
EygzYmU4OTkxZTY5ZDE1MzJiM2U5ODBlM2NkYWQzODJjMGFlNmQ0ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmb1yDtjY1f73SZSZWCA9j3XFJ2wX
9DCva0/4wns1/7Tegxdw8vtzdgZBkAIvhJSFJcdaRZ01yup+SfFBZ7AS6C1EWmBo
5YztjGzUzY2ZoZZyyNb0FDsYTbXx9DGcOhoBRrkK+nCHvh717wsgh/ehn09irvA2
u9doU268MYd9qLWBA+QlOzS954jyT3ZSB+2HRAfrSpnHYkbmtk+UK0Pio1pH28Xd
jigJhFLuei8NeIxEbu28MYObDbgZdn1iPh2JgQi9tMXLZhnA//5R16HDzvHx54Eq
zjYoHQ+GG7FDBMMkiAqUqQveNh9H1k5C05QgYC2sgKetz1qEzIFKI+jwywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvomR5p0VMrPpgOPNrTgsCubU3QMB8GA1UdIwQY
MBaAFNteP9k2optCmhSCtO9Bwybik30qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmIt
N2U1NzY5MWJiZWQ5LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmItN2U1NzY5MWJiZWQ5
LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANy2DkC7Z
nBNZvzDsyInTS9PZjOKSQSdl9bOha0OJclNW8vEhQZmtrq/WGwGGkJHMUusohLe4
AC+WTnexWYw3LCjKZPI/AEl/hchp7eQ/DisXAAnX6aqnwI5VLl9Wtv0gRA7zGCmZ
U1QJiEPu7WqXla4CdYQ/WDClG5Z1yl+eUHI4Dvd+6fWMgyK6JmS37/oyg0sDW8v5
5a/Xigj5K8COZl3U0u11ZGvvqdERp4KQDZGnuB+x/0J8HySN31WqejIuLAWVEG32
k57s54XpMpbveXppczCAezyJZNeIrUv1IWR6jPm2AexQdXwD/uF2ZkCG0BAxz+KM
PwmYKNyiRzqNSQ==
-----END CERTIFICATE-----