Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
File:                     rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft (raw, json)
Hash identifier:          B9kaksLdUEt6cPYjWW/aVj9jpWvalCZX4nlXRXNf6Gk=
Subject key identifier:   19:19:04:BA:DF:65:41:68:4D:9C:0A:15:35:13:D3:DF:63:6B:6A:D4
Authority key identifier: AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9
Certificate issuer:       /CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
Certificate serial:       019A4EF5092D63592BCCDF8DA0569B49DC56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
Manifest number:          0C0A
Signing time:             Tue 04 Nov 2025 13:01:12 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:12 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:12 +0000
Files and hashes:         1: rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl (hash: 8iQelPeBwyfaoEDXvDoI/TbBRbceondTyzNDcY9ZURY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:09:2d:63:59:2b:cc:df:8d:a0:56:9b:49:dc:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
        Validity
            Not Before: Nov  4 13:01:12 2025 GMT
            Not After : Nov  5 13:01:12 2025 GMT
        Subject: CN=191904badf6541684d9c0a153513d3df636b6ad4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ac:2b:83:fb:b4:c8:5b:76:bb:97:e9:de:c7:
                    58:e6:9a:a5:48:8c:87:55:2f:76:47:aa:64:30:be:
                    b9:51:29:8b:02:5b:41:51:bf:3f:c9:69:2b:81:4e:
                    b6:0e:d5:01:6f:06:00:d5:e4:81:ae:b9:64:77:7a:
                    bc:cb:72:d8:46:78:1b:89:36:af:3e:40:e6:1d:c8:
                    0f:87:41:3f:09:af:78:a6:d0:c9:c2:2c:d4:90:d0:
                    85:c5:07:a0:af:d9:57:a0:c5:ac:8e:ee:46:93:0d:
                    93:0d:5a:e4:7f:93:98:c1:d8:8a:c9:71:c1:7a:57:
                    31:09:c7:dd:e4:8d:a9:75:97:f1:fe:40:7d:2d:ba:
                    19:a5:03:a7:ed:8e:d4:58:bb:fd:17:cf:a3:a0:bc:
                    70:12:5f:f2:39:ba:d5:6d:12:58:3e:a3:d9:bb:03:
                    e5:2e:a4:db:b1:fc:3e:9f:84:84:b1:8b:17:60:67:
                    ae:2f:33:4f:fb:f1:30:c7:b7:c0:98:0b:5e:16:c3:
                    2e:d3:eb:20:73:26:11:a6:31:a8:35:b7:71:4a:7b:
                    f6:12:9b:5a:14:a4:40:2d:b9:ee:8e:bb:7b:df:14:
                    85:07:80:9d:6d:8c:c4:74:ac:2c:07:c7:b8:4a:46:
                    c7:a8:0a:7a:6a:3c:cb:10:2d:b9:0c:48:d7:bb:71:
                    a6:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:19:04:BA:DF:65:41:68:4D:9C:0A:15:35:13:D3:DF:63:6B:6A:D4
            X509v3 Authority Key Identifier:
                keyid:AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:81:fb:a8:ad:54:04:03:cc:20:f7:06:bd:bd:25:c4:8f:0e:
         06:f2:97:8b:e5:23:94:06:12:f5:6e:16:12:64:ca:2e:7f:b6:
         3c:4a:eb:46:c1:b3:a3:0e:f3:20:e2:a1:e5:4d:80:b2:43:65:
         4e:c4:76:63:f2:6a:d4:b8:71:df:c1:87:ec:ab:9e:16:24:4d:
         98:d7:b8:ce:48:6f:52:ac:e8:e9:07:92:e4:bd:a5:06:06:73:
         f8:f6:c4:64:b7:0e:a8:b6:32:f8:55:f5:4c:67:09:5b:6d:f3:
         04:07:3e:f9:70:62:f4:82:41:1b:5a:c1:50:8d:96:1a:41:6a:
         33:d7:47:6c:a0:6f:84:bb:07:1e:80:53:82:cd:d7:4e:64:b0:
         ff:93:63:41:e6:39:02:2b:32:86:04:d4:52:e6:f2:47:1c:80:
         c8:a6:fd:7f:68:25:74:ea:7a:7a:64:4e:95:99:1d:ed:0d:b1:
         5c:c0:13:8c:0e:b9:bb:3c:06:fa:ae:a4:23:a2:8e:e9:08:ad:
         0c:c4:9c:ce:1c:8a:e7:34:f4:fd:8f:d5:12:93:1c:3d:28:7b:
         98:80:65:8a:68:cb:bd:f4:7f:e1:0b:ef:e7:02:75:b7:35:01:
         e7:83:dc:09:e1:65:67:43:2b:4b:a2:52:64:f3:1d:5f:e5:ab:
         0f:ec:49:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9QktY1krzN+NoFabSdxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYzVjN2FiNWI3MjE4MWU0ZTQyMTEzMjIyMTVlOTc3NmI0
OTAwZjkwHhcNMjUxMTA0MTMwMTEyWhcNMjUxMTA1MTMwMTEyWjAzMTEwLwYDVQQD
EygxOTE5MDRiYWRmNjU0MTY4NGQ5YzBhMTUzNTEzZDNkZjYzNmI2YWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6wrg/u0yFt2u5fp3sdY5pqlSIyH
VS92R6pkML65USmLAltBUb8/yWkrgU62DtUBbwYA1eSBrrlkd3q8y3LYRngbiTav
PkDmHcgPh0E/Ca94ptDJwizUkNCFxQegr9lXoMWsju5Gkw2TDVrkf5OYwdiKyXHB
elcxCcfd5I2pdZfx/kB9LboZpQOn7Y7UWLv9F8+joLxwEl/yObrVbRJYPqPZuwPl
LqTbsfw+n4SEsYsXYGeuLzNP+/Ewx7fAmAteFsMu0+sgcyYRpjGoNbdxSnv2Epta
FKRALbnujrt73xSFB4CdbYzEdKwsB8e4SkbHqAp6ajzLEC25DEjXu3GmGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBkZBLrfZUFoTZwKFTUT099ja2rUMB8GA1UdIwQY
MBaAFK7Fx6tbchgeTkIRMiIV6XdrSQD5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgt
MzAyZDkyMjI0Y2IyLzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgtMzAyZDkyMjI0Y2Iy
LzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzYH7qK1U
BAPMIPcGvb0lxI8OBvKXi+UjlAYS9W4WEmTKLn+2PErrRsGzow7zIOKh5U2AskNl
TsR2Y/Jq1Lhx38GH7KueFiRNmNe4zkhvUqzo6QeS5L2lBgZz+PbEZLcOqLYy+FX1
TGcJW23zBAc++XBi9IJBG1rBUI2WGkFqM9dHbKBvhLsHHoBTgs3XTmSw/5NjQeY5
AisyhgTUUubyRxyAyKb9f2gldOp6emROlZkd7Q2xXMATjA65uzwG+q6kI6KO6Qit
DMSczhyK5zT0/Y/VEpMcPSh7mIBlimjLvfR/4Qvv5wJ1tzUB54PcCeFlZ0MrS6JS
ZPMdX+WrD+xJ3A==
-----END CERTIFICATE-----