Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
File:                     jPJ69YYwRc-otYseJ3aSueHTje0.mft (raw, json)
Hash identifier:          lSBsn7sWaxpW++I90nGJUc/nPLXRcEn8G3W6/wQqXRE=
Subject key identifier:   FE:11:9F:B4:A1:47:FF:1D:2A:0B:84:79:6F:75:0B:C2:45:27:23:D4
Authority key identifier: 8C:F2:7A:F5:86:30:45:CF:A8:B5:8B:1E:27:76:92:B9:E1:D3:8D:ED
Certificate issuer:       /CN=8cf27af5863045cfa8b58b1e277692b9e1d38ded
Certificate serial:       019A11296210E007B5ACC7F1CDA3CE564F33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
Manifest number:          16EC
Signing time:             Thu 23 Oct 2025 13:01:55 +0000
Manifest this update:     Thu 23 Oct 2025 13:01:55 +0000
Manifest next update:     Fri 24 Oct 2025 13:01:55 +0000
Files and hashes:         1: jPJ69YYwRc-otYseJ3aSueHTje0.crl (hash: pix3Lp8trddittQK+Noudaz9FOc3//IInQ/qv6lbwwo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 13:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:11:29:62:10:e0:07:b5:ac:c7:f1:cd:a3:ce:56:4f:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cf27af5863045cfa8b58b1e277692b9e1d38ded
        Validity
            Not Before: Oct 23 13:01:55 2025 GMT
            Not After : Oct 24 13:01:55 2025 GMT
        Subject: CN=fe119fb4a147ff1d2a0b84796f750bc2452723d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:fa:55:73:1f:53:9b:b6:14:f5:83:e6:dc:ef:
                    69:62:9b:2b:59:cb:6d:1c:e2:7b:68:81:5b:ef:9d:
                    e1:52:dc:ce:6d:ed:35:ba:70:d7:f0:cf:9b:3c:29:
                    89:b6:38:c1:5f:e1:23:7e:88:e6:8d:7c:6b:fc:dd:
                    0f:4f:3f:c1:74:75:05:00:60:33:f7:1c:32:d7:b5:
                    90:df:6e:8b:5e:45:aa:69:f2:4b:81:5f:fc:34:b3:
                    8d:71:d6:d4:8b:da:92:e4:fe:b3:b2:58:f8:c1:bf:
                    8c:1e:df:dc:fa:cd:26:83:2e:b8:87:9e:be:b0:7a:
                    62:b5:d0:ad:01:02:0b:7f:b7:e3:75:5b:f7:75:80:
                    31:2d:4b:7d:6e:3c:97:1c:d6:03:04:84:d6:9b:56:
                    97:63:f1:97:ef:14:e0:0b:ef:67:a2:c5:bd:65:69:
                    1b:bf:2a:a2:cb:56:82:d9:0b:2d:15:02:91:a2:49:
                    97:63:d2:2e:87:77:08:8f:e0:ce:83:ca:2f:6b:39:
                    01:c6:bf:ba:30:cb:41:66:09:9e:83:ce:26:77:b8:
                    45:d2:01:23:53:2a:ed:f9:87:23:ad:cb:89:e4:a0:
                    31:b9:12:3b:c1:e2:df:2f:90:dd:65:cd:e4:6a:3b:
                    e0:c6:b5:3d:45:40:43:51:78:84:34:ac:89:09:ae:
                    7c:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:11:9F:B4:A1:47:FF:1D:2A:0B:84:79:6F:75:0B:C2:45:27:23:D4
            X509v3 Authority Key Identifier:
                keyid:8C:F2:7A:F5:86:30:45:CF:A8:B5:8B:1E:27:76:92:B9:E1:D3:8D:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:ad:e8:df:0c:ef:fb:ec:67:df:25:d2:db:39:74:87:3d:49:
         52:66:09:9e:1c:11:38:25:f1:e6:a8:b0:31:33:61:a8:d3:b2:
         af:f7:91:1e:04:30:f9:f5:55:9e:67:19:71:71:2c:23:01:bd:
         10:19:83:a9:98:72:44:7c:89:af:0b:12:ef:6e:29:d4:ae:68:
         1d:f6:71:a4:7b:55:34:23:54:3f:95:ae:4e:d1:3f:f6:e8:4c:
         32:48:22:3b:79:0a:4e:ea:a9:8a:64:e4:cd:9f:b3:94:3d:15:
         ad:87:96:8b:70:2b:6f:a0:09:2c:17:3a:01:3a:e1:d4:f8:04:
         37:90:59:68:5b:4e:c8:85:f9:f9:e8:64:b6:3b:19:c1:4a:cb:
         f0:68:36:be:cb:d8:4f:bf:bd:ad:92:fc:39:f4:d0:ce:f5:21:
         bc:5c:1a:ed:44:8a:80:95:21:5e:62:f7:f6:e5:21:a0:57:0a:
         75:6e:8d:2a:e4:05:bf:07:c7:79:81:ec:32:8a:27:1e:36:81:
         0e:96:13:52:28:0d:8f:85:a3:54:7d:7d:b4:dd:fc:b3:21:28:
         2d:0c:a9:a2:37:10:1f:57:ea:b5:cb:a6:50:34:55:89:41:a7:
         b9:6d:83:80:1c:83:b9:36:71:0a:eb:90:8a:d1:a1:1f:8f:84:
         e0:8f:61:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoRKWIQ4Ae1rMfxzaPOVk8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZjI3YWY1ODYzMDQ1Y2ZhOGI1OGIxZTI3NzY5MmI5ZTFk
MzhkZWQwHhcNMjUxMDIzMTMwMTU1WhcNMjUxMDI0MTMwMTU1WjAzMTEwLwYDVQQD
EyhmZTExOWZiNGExNDdmZjFkMmEwYjg0Nzk2Zjc1MGJjMjQ1MjcyM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvpVcx9Tm7YU9YPm3O9pYpsrWctt
HOJ7aIFb753hUtzObe01unDX8M+bPCmJtjjBX+EjfojmjXxr/N0PTz/BdHUFAGAz
9xwy17WQ326LXkWqafJLgV/8NLONcdbUi9qS5P6zslj4wb+MHt/c+s0mgy64h56+
sHpitdCtAQILf7fjdVv3dYAxLUt9bjyXHNYDBITWm1aXY/GX7xTgC+9nosW9ZWkb
vyqiy1aC2QstFQKRokmXY9Iuh3cIj+DOg8ovazkBxr+6MMtBZgmeg84md7hF0gEj
Uyrt+YcjrcuJ5KAxuRI7weLfL5DdZc3kajvgxrU9RUBDUXiENKyJCa58uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4Rn7ShR/8dKguEeW91C8JFJyPUMB8GA1UdIwQY
MBaAFIzyevWGMEXPqLWLHid2krnh043tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hYjdlZmItMmQ2MC00ZTY5LTllMDYt
MDFjOTk2ZTBiN2U3LzEvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hYjdlZmItMmQ2MC00ZTY5LTllMDYtMDFjOTk2ZTBiN2U3
LzEvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD63o3wzv
++xn3yXS2zl0hz1JUmYJnhwROCXx5qiwMTNhqNOyr/eRHgQw+fVVnmcZcXEsIwG9
EBmDqZhyRHyJrwsS724p1K5oHfZxpHtVNCNUP5WuTtE/9uhMMkgiO3kKTuqpimTk
zZ+zlD0VrYeWi3Arb6AJLBc6ATrh1PgEN5BZaFtOyIX5+ehktjsZwUrL8Gg2vsvY
T7+9rZL8OfTQzvUhvFwa7USKgJUhXmL39uUhoFcKdW6NKuQFvwfHeYHsMoonHjaB
DpYTUigNj4WjVH19tN38syEoLQypojcQH1fqtcumUDRViUGnuW2DgByDuTZxCuuQ
itGhH4+E4I9h5g==
-----END CERTIFICATE-----