Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          8vGyJPw5DEgZvazTA65dhm6N1e8oYOKMc26Xuj0fSx0=
Subject key identifier:   AD:11:0E:51:70:AC:5C:D1:36:10:A3:32:87:A5:18:37:BA:AA:59:A0
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       019A4EF4F2E669297A167F895B4CFDA3A4AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0B6F
Signing time:             Tue 04 Nov 2025 13:01:06 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:06 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:06 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: sqdKeFsGIc9wktIq2NOjh/tjpDMFbcrAoyIQDh3iE7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:f2:e6:69:29:7a:16:7f:89:5b:4c:fd:a3:a4:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Nov  4 13:01:06 2025 GMT
            Not After : Nov  5 13:01:06 2025 GMT
        Subject: CN=ad110e5170ac5cd13610a33287a51837baaa59a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:34:6c:cd:f5:72:19:da:10:cd:f1:24:2b:4f:
                    02:ef:2e:84:13:f9:71:ee:b7:eb:5d:a6:a4:0a:6d:
                    11:4f:aa:1c:93:98:5a:13:55:5f:6f:d9:71:fc:fa:
                    8d:08:2a:97:60:bd:77:21:46:3f:88:88:9f:db:8f:
                    ee:dc:8e:db:00:1d:32:c6:df:ca:9a:80:66:9a:fa:
                    38:39:95:f6:f7:74:5a:06:35:13:32:6c:22:e6:93:
                    8a:c4:11:52:e5:3e:19:4a:cf:25:06:9f:66:40:01:
                    b5:79:cb:56:5c:91:17:c6:77:31:51:78:34:32:5b:
                    5e:8e:bd:17:fe:ec:c0:a3:86:4d:19:88:d5:0d:5b:
                    f4:1f:45:9b:22:82:ad:24:45:4a:d7:48:13:25:32:
                    45:a5:a3:92:55:8b:94:4f:01:c3:a7:ed:81:32:70:
                    bd:7b:02:4a:91:cd:56:a7:8e:dc:95:4e:08:5c:0b:
                    9c:d0:cf:f0:c7:e2:b0:8d:51:f1:8f:c3:56:c5:9f:
                    63:c8:e3:eb:bf:5c:51:66:f0:3d:43:ca:b7:41:95:
                    33:7b:b4:a2:36:f3:5a:2a:2d:65:e9:45:b9:76:a8:
                    fe:91:0c:24:4d:33:f8:b8:8d:f8:12:18:81:e9:6a:
                    ad:44:96:aa:21:4e:0a:ee:a0:d3:ef:5a:d9:45:5e:
                    e2:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:11:0E:51:70:AC:5C:D1:36:10:A3:32:87:A5:18:37:BA:AA:59:A0
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:c2:b0:1b:a6:ad:08:d8:ff:66:07:63:a5:7e:b4:5b:61:de:
         27:58:be:73:88:5b:a3:ea:60:80:af:d0:02:1a:93:80:42:6d:
         dc:18:a1:03:f2:cb:3e:4c:2e:ea:ab:d1:40:30:8e:94:41:7e:
         f7:de:19:08:97:36:dc:8c:0e:10:03:2d:30:16:77:03:2b:cd:
         07:79:2b:6d:d6:f4:a3:75:67:d6:72:9b:3f:b4:fd:74:6f:cd:
         37:99:58:7f:dd:37:4d:5e:0d:97:58:6b:46:e4:d5:89:0f:83:
         a6:c1:e1:dc:f7:38:23:c0:9c:07:a7:22:13:bc:e5:5b:0a:04:
         38:da:bf:47:f8:a6:34:7e:fb:51:83:9a:59:fa:82:89:32:67:
         d2:6c:0b:c2:6e:95:b7:e1:32:d6:79:be:a9:de:c7:4f:31:70:
         53:48:1c:00:28:ee:d6:d0:68:0b:b1:4f:de:93:00:be:f8:52:
         8c:54:2d:60:a9:08:86:b0:76:32:5e:5e:d7:fc:22:50:3e:9a:
         b9:bc:53:35:41:64:12:f7:63:d0:41:ef:52:f3:cc:d8:4e:87:
         0e:5c:13:0a:37:d7:4a:23:d7:15:ee:0f:02:c2:88:88:99:5d:
         93:5b:64:a2:6a:87:2f:9b:e8:25:98:03:8d:31:fc:0e:50:eb:
         5a:54:dc:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9PLmaSl6Fn+JW0z9o6SvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjUxMTA0MTMwMTA2WhcNMjUxMTA1MTMwMTA2WjAzMTEwLwYDVQQD
EyhhZDExMGU1MTcwYWM1Y2QxMzYxMGEzMzI4N2E1MTgzN2JhYWE1OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjRszfVyGdoQzfEkK08C7y6EE/lx
7rfrXaakCm0RT6ock5haE1Vfb9lx/PqNCCqXYL13IUY/iIif24/u3I7bAB0yxt/K
moBmmvo4OZX293RaBjUTMmwi5pOKxBFS5T4ZSs8lBp9mQAG1ectWXJEXxncxUXg0
Mltejr0X/uzAo4ZNGYjVDVv0H0WbIoKtJEVK10gTJTJFpaOSVYuUTwHDp+2BMnC9
ewJKkc1Wp47clU4IXAuc0M/wx+KwjVHxj8NWxZ9jyOPrv1xRZvA9Q8q3QZUze7Si
NvNaKi1l6UW5dqj+kQwkTTP4uI34EhiB6WqtRJaqIU4K7qDT71rZRV7ijQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0RDlFwrFzRNhCjMoelGDe6qlmgMB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT8KwG6at
CNj/ZgdjpX60W2HeJ1i+c4hbo+pggK/QAhqTgEJt3BihA/LLPkwu6qvRQDCOlEF+
994ZCJc23IwOEAMtMBZ3AyvNB3krbdb0o3Vn1nKbP7T9dG/NN5lYf903TV4Nl1hr
RuTViQ+DpsHh3Pc4I8CcB6ciE7zlWwoEONq/R/imNH77UYOaWfqCiTJn0mwLwm6V
t+Ey1nm+qd7HTzFwU0gcACju1tBoC7FP3pMAvvhSjFQtYKkIhrB2Ml5e1/wiUD6a
ubxTNUFkEvdj0EHvUvPM2E6HDlwTCjfXSiPXFe4PAsKIiJldk1tkomqHL5voJZgD
jTH8DlDrWlTcMA==
-----END CERTIFICATE-----