Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File:                     icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier:          BKmA0UYaU/aXb5v0fhHsBw5H96ipXtdAKcoLxM7Meaw=
Subject key identifier:   9C:87:02:3E:6F:C9:9C:DF:D0:82:C8:A3:C5:D8:EF:85:49:A9:99:5C
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer:       /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial:       019A50E3C812A73C8FF174A0A9EBAB93B96A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number:          087E
Signing time:             Tue 04 Nov 2025 22:01:36 +0000
Manifest this update:     Tue 04 Nov 2025 22:01:36 +0000
Manifest next update:     Wed 05 Nov 2025 22:01:36 +0000
Files and hashes:         1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: wHLcp05w64mNBeG1KKqZxEiPuXOj2vzwg5iA/RoEk7s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:c8:12:a7:3c:8f:f1:74:a0:a9:eb:ab:93:b9:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
        Validity
            Not Before: Nov  4 22:01:36 2025 GMT
            Not After : Nov  5 22:01:36 2025 GMT
        Subject: CN=9c87023e6fc99cdfd082c8a3c5d8ef8549a9995c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:1b:fe:c9:aa:7a:f8:fb:ef:93:2a:cb:4a:2a:
                    a1:4a:01:14:9e:09:66:2c:49:26:36:08:e5:47:c0:
                    15:bc:af:48:80:9b:6e:b9:09:e4:98:62:b9:26:88:
                    54:52:57:26:13:87:0e:91:dc:16:e3:4b:b2:97:03:
                    61:0d:a2:84:d1:75:71:a9:ab:c6:29:7a:9b:c0:4d:
                    fe:3e:ff:45:8a:c2:8f:14:39:bc:c1:62:e4:82:88:
                    fd:22:d7:04:3c:94:ab:c3:fd:9f:7b:42:cc:73:9e:
                    44:3c:ca:08:60:11:27:09:c5:de:e1:15:15:55:0d:
                    3a:41:30:b0:e5:24:3a:6d:3d:33:3c:01:68:70:32:
                    ab:b6:e7:38:8d:ff:68:1c:1c:c4:38:8e:2d:50:ca:
                    ee:04:35:c8:29:c0:c8:ae:a9:9e:8a:4d:63:63:bb:
                    2d:8d:e1:08:25:09:3b:ae:46:01:a8:ff:14:c7:ff:
                    a5:90:5a:2e:30:4a:d6:5d:4d:c9:43:e1:f4:91:e5:
                    a2:e0:99:82:45:5d:3d:c9:75:7e:d2:7d:c7:78:08:
                    80:0c:1a:2e:54:b6:aa:5b:60:52:ed:f5:7e:44:b6:
                    4d:c0:76:0a:90:be:ad:9e:84:e2:55:78:f8:df:51:
                    71:4f:41:51:e0:c7:6e:de:f0:13:dc:1f:cf:a8:37:
                    28:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:87:02:3E:6F:C9:9C:DF:D0:82:C8:A3:C5:D8:EF:85:49:A9:99:5C
            X509v3 Authority Key Identifier:
                keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:97:7f:b2:fd:7f:3e:2e:b3:85:e7:6e:8f:83:24:50:e4:b1:
         61:8a:10:0e:e9:0e:09:07:e2:f5:06:11:56:a4:4c:f0:fb:fb:
         d3:b4:86:1f:72:c3:cf:e5:49:fe:a0:5f:3f:cb:af:3b:62:1c:
         1f:96:45:82:1b:a3:3b:ad:b8:04:c3:cb:ae:62:dd:c4:2a:b7:
         12:c1:f7:3f:b0:b6:b9:8f:1c:4e:5e:95:f1:78:bf:df:3a:88:
         21:c9:cc:9a:7c:bf:d0:49:88:0b:34:01:63:ee:60:53:89:7b:
         73:dd:44:e9:ff:3a:f0:f2:7d:75:b0:ca:fc:de:84:05:c6:3a:
         df:75:6d:09:8d:09:c5:5d:e6:95:68:bc:9b:9d:b7:43:07:c5:
         7d:64:be:32:0d:6a:59:34:77:18:34:09:a7:1e:8b:41:1c:36:
         b7:3d:57:96:9d:19:72:29:35:9d:e6:5b:76:1e:fe:2a:99:db:
         bc:00:f4:e3:84:7d:77:c5:da:f3:f7:bd:7c:ae:53:e3:07:df:
         80:36:aa:fc:7c:2d:51:9b:3f:88:27:47:1b:18:a5:16:27:78:
         85:4e:d0:c8:f5:5f:15:43:52:bc:e7:45:13:b8:a8:87:ee:66:
         13:79:c8:71:41:b7:29:cd:1f:1a:8b:3a:7a:51:88:28:39:34:
         04:f5:a0:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ48gSpzyP8XSgqeurk7lqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjUxMTA0MjIwMTM2WhcNMjUxMTA1MjIwMTM2WjAzMTEwLwYDVQQD
Eyg5Yzg3MDIzZTZmYzk5Y2RmZDA4MmM4YTNjNWQ4ZWY4NTQ5YTk5OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBv+yap6+PvvkyrLSiqhSgEUnglm
LEkmNgjlR8AVvK9IgJtuuQnkmGK5JohUUlcmE4cOkdwW40uylwNhDaKE0XVxqavG
KXqbwE3+Pv9FisKPFDm8wWLkgoj9ItcEPJSrw/2fe0LMc55EPMoIYBEnCcXe4RUV
VQ06QTCw5SQ6bT0zPAFocDKrtuc4jf9oHBzEOI4tUMruBDXIKcDIrqmeik1jY7st
jeEIJQk7rkYBqP8Ux/+lkFouMErWXU3JQ+H0keWi4JmCRV09yXV+0n3HeAiADBou
VLaqW2BS7fV+RLZNwHYKkL6tnoTiVXj431FxT0FR4Mdu3vAT3B/PqDcoywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyHAj5vyZzf0ILIo8XY74VJqZlcMB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq5d/sv1/
Pi6zheduj4MkUOSxYYoQDukOCQfi9QYRVqRM8Pv707SGH3LDz+VJ/qBfP8uvO2Ic
H5ZFghujO624BMPLrmLdxCq3EsH3P7C2uY8cTl6V8Xi/3zqIIcnMmny/0EmICzQB
Y+5gU4l7c91E6f868PJ9dbDK/N6EBcY633VtCY0JxV3mlWi8m523QwfFfWS+Mg1q
WTR3GDQJpx6LQRw2tz1Xlp0Zcik1neZbdh7+KpnbvAD044R9d8Xa8/e9fK5T4wff
gDaq/HwtUZs/iCdHGxilFid4hU7QyPVfFUNSvOdFE7ioh+5mE3nIcUG3Kc0fGos6
elGIKDk0BPWgXQ==
-----END CERTIFICATE-----