Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
File:                     _ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft (raw, json)
Hash identifier:          85Z8Zx66WAstI3NR1YQgzSyh+acDukcbb7rQS7cFg10=
Subject key identifier:   02:21:FB:55:E3:31:76:28:9F:FC:1C:A4:66:60:CE:7C:A6:E5:45:A4
Authority key identifier: FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13
Certificate issuer:       /CN=fd385a616398e416c70dcb322566f93e3d2fbf13
Certificate serial:       019A51504FCAE7F679B63BB6040C2778F7E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
Manifest number:          0E7E
Signing time:             Wed 05 Nov 2025 00:00:09 +0000
Manifest this update:     Wed 05 Nov 2025 00:00:09 +0000
Manifest next update:     Thu 06 Nov 2025 00:00:09 +0000
Files and hashes:         1: _ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl (hash: QoR6MdOvDmto38CSc8C/Z4UA2nBw4mj5ZaYxTKMX4jY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:50:4f:ca:e7:f6:79:b6:3b:b6:04:0c:27:78:f7:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd385a616398e416c70dcb322566f93e3d2fbf13
        Validity
            Not Before: Nov  5 00:00:09 2025 GMT
            Not After : Nov  6 00:00:09 2025 GMT
        Subject: CN=0221fb55e33176289ffc1ca46660ce7ca6e545a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:20:c2:86:d3:5a:54:11:be:6d:d2:0a:91:51:
                    a5:d6:be:7d:46:67:68:a3:0c:02:a8:82:60:27:c7:
                    bd:e8:5c:b4:f1:bf:b0:35:6a:ae:58:97:0f:7a:d8:
                    8f:cb:06:40:5e:51:89:d1:c0:b3:7c:3f:41:3f:0a:
                    d9:3c:c8:1b:d6:ab:e1:97:38:2f:98:e4:ae:04:7f:
                    f1:d5:ba:b8:5a:17:b3:3f:1b:85:ee:1d:bf:fb:f2:
                    88:e3:51:f7:24:2a:8d:13:6f:15:31:83:29:38:50:
                    5f:ee:da:06:80:ea:0d:23:98:27:25:76:f8:60:b7:
                    56:a2:60:1a:12:63:3d:70:6c:54:8c:0e:37:fc:f7:
                    df:47:68:1d:a8:b9:b0:c5:dc:ae:63:a6:bf:77:7b:
                    0e:ae:d4:fe:3a:ad:69:69:30:31:e8:aa:ad:a0:f6:
                    c5:e6:96:12:a6:c8:19:ef:8a:c9:c2:14:f0:74:ed:
                    1b:52:29:68:8e:78:89:b7:e4:a3:89:1c:ed:3b:9a:
                    fb:22:bc:44:6d:77:39:4d:2b:68:92:ce:2c:f0:c1:
                    7f:3e:85:19:be:ab:4a:1a:6d:8e:e6:ae:31:1c:7a:
                    81:99:61:8d:ab:af:f0:d5:e0:0c:b6:6a:89:f7:44:
                    83:0a:71:40:09:99:6b:ea:e0:ae:a1:91:9f:c3:a9:
                    bb:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:21:FB:55:E3:31:76:28:9F:FC:1C:A4:66:60:CE:7C:A6:E5:45:A4
            X509v3 Authority Key Identifier:
                keyid:FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:08:d9:2f:a9:f4:e6:40:5d:1e:ba:b3:c2:02:fa:89:68:f0:
         62:ba:6f:d6:f7:a8:1e:fe:fc:a1:bb:7a:e0:56:05:5e:94:49:
         17:94:af:6b:08:f9:69:0c:05:a4:47:29:18:cf:18:e0:a7:b3:
         f7:8c:d2:ca:8d:7c:1e:69:bb:ba:d8:5b:46:92:99:60:02:d0:
         c1:10:ba:e3:7a:9d:dc:e9:30:0b:25:92:9a:ea:ed:b2:01:11:
         65:9c:ad:50:a5:7a:a7:91:fb:4f:d8:35:ae:85:c7:64:db:56:
         eb:40:fc:49:67:34:dc:9b:61:a4:34:ae:6e:7e:91:e6:c3:8f:
         ba:ad:01:73:9b:0d:cc:a3:19:4b:37:1c:ef:a2:98:bd:f4:7b:
         89:0f:5d:bf:39:c1:69:21:31:98:06:45:11:da:22:d7:fc:2a:
         2a:95:e0:5c:05:28:67:9a:99:96:a6:54:83:d7:fa:fd:c7:a6:
         af:3e:7d:e2:f8:3d:07:0a:ef:c5:94:55:9a:fd:6b:32:b6:1f:
         1e:a0:08:52:77:48:b4:36:2e:b5:dd:ec:70:56:ec:57:17:17:
         03:b0:c3:2b:32:1e:84:07:90:7d:ff:ee:da:15:bd:b6:ef:e9:
         26:e2:f1:6f:5a:df:09:70:3d:d0:4e:30:77:6e:23:11:01:75:
         5e:0c:2b:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUE/K5/Z5tju2BAwnePflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzg1YTYxNjM5OGU0MTZjNzBkY2IzMjI1NjZmOTNlM2Qy
ZmJmMTMwHhcNMjUxMTA1MDAwMDA5WhcNMjUxMTA2MDAwMDA5WjAzMTEwLwYDVQQD
EygwMjIxZmI1NWUzMzE3NjI4OWZmYzFjYTQ2NjYwY2U3Y2E2ZTU0NWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSDChtNaVBG+bdIKkVGl1r59Rmdo
owwCqIJgJ8e96Fy08b+wNWquWJcPetiPywZAXlGJ0cCzfD9BPwrZPMgb1qvhlzgv
mOSuBH/x1bq4WhezPxuF7h2/+/KI41H3JCqNE28VMYMpOFBf7toGgOoNI5gnJXb4
YLdWomAaEmM9cGxUjA43/PffR2gdqLmwxdyuY6a/d3sOrtT+Oq1paTAx6KqtoPbF
5pYSpsgZ74rJwhTwdO0bUilojniJt+SjiRztO5r7IrxEbXc5TStoks4s8MF/PoUZ
vqtKGm2O5q4xHHqBmWGNq6/w1eAMtmqJ90SDCnFACZlr6uCuoZGfw6m7oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIh+1XjMXYon/wcpGZgznym5UWkMB8GA1UdIwQY
MBaAFP04WmFjmOQWxw3LMiVm+T49L78TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMt
MzQzMDRmNWNkYTk4LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMtMzQzMDRmNWNkYTk4
LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOwjZL6n0
5kBdHrqzwgL6iWjwYrpv1veoHv78obt64FYFXpRJF5Svawj5aQwFpEcpGM8Y4Kez
94zSyo18Hmm7uthbRpKZYALQwRC643qd3OkwCyWSmurtsgERZZytUKV6p5H7T9g1
roXHZNtW60D8SWc03JthpDSubn6R5sOPuq0Bc5sNzKMZSzcc76KYvfR7iQ9dvznB
aSExmAZFEdoi1/wqKpXgXAUoZ5qZlqZUg9f6/cemrz594vg9BwrvxZRVmv1rMrYf
HqAIUndItDYutd3scFbsVxcXA7DDKzIehAeQff/u2hW9tu/pJuLxb1rfCXA90E4w
d24jEQF1XgwrWg==
-----END CERTIFICATE-----