Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
File:                     h16pmc28YATHGlRwyg7HrnOCCPo.mft (raw, json)
Hash identifier:          jMOMQCPODlcoyODWHHq9C65mCef4S+aRg2bOFZ9QhDI=
Subject key identifier:   F3:E2:F3:C7:07:33:88:B1:F4:8C:52:64:B1:70:0A:03:56:66:80:07
Authority key identifier: 87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA
Certificate issuer:       /CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
Certificate serial:       019A51506F34E1BFD8A631CCE4CF70F9D85A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
Manifest number:          066F
Signing time:             Wed 05 Nov 2025 00:00:16 +0000
Manifest this update:     Wed 05 Nov 2025 00:00:16 +0000
Manifest next update:     Thu 06 Nov 2025 00:00:16 +0000
Files and hashes:         1: h16pmc28YATHGlRwyg7HrnOCCPo.crl (hash: TfGTQPCHZEVnev+yLEXGQU2Xirai1H7CnZA/CGrKqtU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:50:6f:34:e1:bf:d8:a6:31:cc:e4:cf:70:f9:d8:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
        Validity
            Not Before: Nov  5 00:00:16 2025 GMT
            Not After : Nov  6 00:00:16 2025 GMT
        Subject: CN=f3e2f3c7073388b1f48c5264b1700a0356668007
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:a2:f2:29:57:fc:f7:d2:b5:13:d5:d2:7f:97:
                    76:a7:43:12:17:5b:cc:fd:36:c3:1f:4c:38:fe:34:
                    d3:8e:65:90:b9:0f:34:16:2d:f4:b5:27:04:94:cc:
                    68:9f:eb:1d:12:f9:55:6a:e5:1e:c8:99:74:ce:d5:
                    7d:32:35:36:6e:fb:bc:81:18:35:be:3a:5a:13:ae:
                    8e:6b:88:dc:0f:6a:68:9f:c7:4a:2c:32:a2:df:7a:
                    9d:c5:c4:a6:b2:4a:e9:a7:f5:b1:b1:56:d6:fe:76:
                    96:b6:be:88:05:62:73:ea:b5:8f:10:24:40:b3:0e:
                    8d:91:44:c0:9b:8a:95:33:ea:21:7a:c0:27:b5:42:
                    8f:ba:28:c3:62:f0:89:83:47:65:05:ae:7a:f5:4b:
                    6f:70:eb:cb:65:26:2d:a8:06:5f:d9:0e:3e:36:ce:
                    53:f3:6d:9b:6b:ee:5b:d9:44:a9:26:bf:e4:a6:81:
                    f2:31:47:92:c9:fe:7d:7e:dc:74:3f:8c:e0:47:2e:
                    d3:5a:78:58:8c:85:80:d6:c6:c6:50:a6:f4:a2:22:
                    b1:c0:3b:cb:aa:3e:81:22:04:04:64:74:69:57:63:
                    e5:22:c7:50:18:4d:43:9d:27:35:1e:cc:52:f1:35:
                    66:90:d2:65:aa:a3:7b:19:85:60:40:50:12:73:76:
                    f0:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:E2:F3:C7:07:33:88:B1:F4:8C:52:64:B1:70:0A:03:56:66:80:07
            X509v3 Authority Key Identifier:
                keyid:87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:49:dc:e1:4d:6c:71:4b:d2:9f:64:ee:1e:1c:5c:88:b3:c4:
         7e:6b:1a:42:71:cd:e6:7f:ac:87:2b:cb:c8:23:8b:7e:9b:eb:
         8a:fe:96:49:18:85:0a:8d:9d:9f:c6:5d:41:31:95:34:32:d2:
         54:3b:be:98:dc:38:82:11:be:d9:76:84:11:36:ee:9a:72:89:
         4a:93:18:91:9c:45:09:fb:c3:60:2a:29:28:62:27:01:b9:63:
         d9:ec:b2:8b:51:83:2c:44:76:1e:60:a6:5c:13:f7:33:4a:83:
         b5:59:9c:04:e4:a6:16:3c:4f:8f:ca:46:80:d3:1f:a3:49:24:
         80:f8:b3:57:41:ba:d6:fe:0d:e7:20:6e:2e:f2:47:91:76:9e:
         09:2a:86:a7:30:a5:7a:a1:f5:d3:7d:5b:98:72:87:0f:15:de:
         1a:2b:ef:09:8f:c6:88:1b:19:ba:c6:72:54:2f:83:a6:3b:f9:
         d4:7f:f7:f6:7d:56:54:0b:47:57:e7:01:69:92:44:25:9e:47:
         38:c6:1e:b2:ac:2f:66:10:c8:93:40:dc:16:78:e1:61:dc:c1:
         87:fe:16:a3:a1:72:32:6b:b2:a8:b7:80:69:fc:55:3a:b9:7f:
         a6:d8:a0:96:64:c1:b4:a1:2b:08:a4:37:0d:a6:51:21:07:66:
         32:32:b9:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUG804b/YpjHM5M9w+dhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWVhOTk5Y2RiYzYwMDRjNzFhNTQ3MGNhMGVjN2FlNzM4
MjA4ZmEwHhcNMjUxMTA1MDAwMDE2WhcNMjUxMTA2MDAwMDE2WjAzMTEwLwYDVQQD
EyhmM2UyZjNjNzA3MzM4OGIxZjQ4YzUyNjRiMTcwMGEwMzU2NjY4MDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06LyKVf899K1E9XSf5d2p0MSF1vM
/TbDH0w4/jTTjmWQuQ80Fi30tScElMxon+sdEvlVauUeyJl0ztV9MjU2bvu8gRg1
vjpaE66Oa4jcD2pon8dKLDKi33qdxcSmskrpp/WxsVbW/naWtr6IBWJz6rWPECRA
sw6NkUTAm4qVM+ohesAntUKPuijDYvCJg0dlBa569UtvcOvLZSYtqAZf2Q4+Ns5T
822ba+5b2USpJr/kpoHyMUeSyf59ftx0P4zgRy7TWnhYjIWA1sbGUKb0oiKxwDvL
qj6BIgQEZHRpV2PlIsdQGE1DnSc1HsxS8TVmkNJlqqN7GYVgQFASc3bwewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPi88cHM4ix9IxSZLFwCgNWZoAHMB8GA1UdIwQY
MBaAFIdeqZnNvGAExxpUcMoOx65zggj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2Ut
NGQxMmZkMjVkOTc4LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2UtNGQxMmZkMjVkOTc4
LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG0nc4U1s
cUvSn2TuHhxciLPEfmsaQnHN5n+shyvLyCOLfpvriv6WSRiFCo2dn8ZdQTGVNDLS
VDu+mNw4ghG+2XaEETbumnKJSpMYkZxFCfvDYCopKGInAblj2eyyi1GDLER2HmCm
XBP3M0qDtVmcBOSmFjxPj8pGgNMfo0kkgPizV0G61v4N5yBuLvJHkXaeCSqGpzCl
eqH1031bmHKHDxXeGivvCY/GiBsZusZyVC+Dpjv51H/39n1WVAtHV+cBaZJEJZ5H
OMYesqwvZhDIk0DcFnjhYdzBh/4Wo6FyMmuyqLeAafxVOrl/ptiglmTBtKErCKQ3
DaZRIQdmMjK5/w==
-----END CERTIFICATE-----