Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft
File:                     MptRPmVwb8qlQ6EaDkLSixCd87Y.mft (raw, json)
Hash identifier:          KOkoHBWBznFYL+nxWXgXkDgbnVZYvsXKRhr1+zwISKo=
Subject key identifier:   10:65:52:8A:C7:DE:DA:DC:70:91:A4:0D:17:41:0D:E6:90:63:35:E3
Authority key identifier: 32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6
Certificate issuer:       /CN=329b513e65706fcaa543a11a0e42d28b109df3b6
Certificate serial:       019A5119599AAF8B87B2045FE2A29E976EE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft
Manifest number:          141C
Signing time:             Tue 04 Nov 2025 23:00:06 +0000
Manifest this update:     Tue 04 Nov 2025 23:00:06 +0000
Manifest next update:     Wed 05 Nov 2025 23:00:06 +0000
Files and hashes:         1: MptRPmVwb8qlQ6EaDkLSixCd87Y.crl (hash: VmD0/X7cq3eIbObIJ6DKO7DTRmB2ic5EZalfo0lwQsU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:19:59:9a:af:8b:87:b2:04:5f:e2:a2:9e:97:6e:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=329b513e65706fcaa543a11a0e42d28b109df3b6
        Validity
            Not Before: Nov  4 23:00:06 2025 GMT
            Not After : Nov  5 23:00:06 2025 GMT
        Subject: CN=1065528ac7dedadc7091a40d17410de6906335e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f8:a3:85:90:35:8f:4d:0b:16:72:0b:4f:ac:
                    58:38:e7:68:aa:f6:de:fa:33:94:f6:42:bf:b1:29:
                    4b:97:60:64:2e:0c:06:ae:64:3c:83:5a:51:ed:2b:
                    c3:9a:90:b6:1d:ff:65:49:5c:cb:02:70:8f:da:84:
                    37:8b:a2:33:d6:8d:65:c9:ec:40:71:cc:61:2e:6d:
                    10:a7:8a:87:d6:7f:ae:a0:9c:e4:ec:a3:80:5a:09:
                    54:72:e6:24:75:28:89:bf:75:3f:9f:9b:37:6b:70:
                    17:aa:7a:e6:05:eb:5a:cb:c1:a8:ff:11:ba:0c:38:
                    d0:78:b7:4c:03:35:47:c1:d1:78:8a:79:9a:d5:59:
                    87:38:ee:6c:4c:c5:40:4e:eb:09:ae:57:7f:c7:d0:
                    44:b1:aa:34:60:0f:61:a9:46:34:30:23:70:77:76:
                    0a:0b:1a:c5:3f:b1:c1:62:77:11:a4:d9:c0:68:4e:
                    27:ec:17:5c:07:ad:27:75:e0:1d:15:27:05:40:43:
                    07:86:8b:57:e8:5e:05:40:01:ee:b0:cf:36:64:a6:
                    16:85:d1:e1:51:93:83:0d:8f:2f:30:d7:dc:c0:1c:
                    72:33:fb:a0:ae:ac:cd:c5:53:da:67:db:2e:f4:f5:
                    29:36:e3:07:06:ac:cf:73:22:76:79:4f:d5:86:6f:
                    0f:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:65:52:8A:C7:DE:DA:DC:70:91:A4:0D:17:41:0D:E6:90:63:35:E3
            X509v3 Authority Key Identifier:
                keyid:32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:0e:93:8c:33:99:dd:0c:1e:4a:b8:08:27:cc:95:c9:3c:96:
         98:73:58:ed:11:4e:ae:98:9d:e5:30:7c:f6:48:7c:d7:fc:29:
         61:0a:33:f8:38:08:37:cf:15:6a:95:a2:09:4b:f5:76:12:46:
         49:12:4d:c9:c4:ce:54:4d:91:1c:01:dc:39:44:ce:b4:69:fc:
         56:c6:f6:f4:9e:f0:96:fc:08:24:c7:a9:a0:79:c5:f8:68:16:
         81:88:99:ee:23:db:85:06:90:d0:0a:24:8f:24:c6:4f:5d:e7:
         2d:1f:da:6b:32:7b:db:b4:a7:bb:ab:58:d0:9d:c8:ed:df:3a:
         20:43:d3:a6:74:33:e0:c5:01:c8:63:9d:37:a9:69:f4:df:2a:
         dd:73:8d:04:0f:f7:f8:80:2f:9f:37:d7:10:e6:80:31:bf:f8:
         c5:b4:23:fa:7a:77:58:01:00:2a:6f:b9:a7:c7:41:e4:68:0a:
         83:d6:c8:36:60:9f:3b:5b:11:4c:9d:66:31:cc:8c:48:34:45:
         be:2d:78:b2:cc:dd:65:cf:78:e0:12:96:ef:19:46:e8:95:c8:
         de:8a:b4:a2:bd:86:4b:84:70:19:9f:3a:5c:fd:89:ba:cc:be:
         9f:06:b3:cb:cd:b7:4a:b4:f3:9e:d8:e7:e9:26:54:2a:c6:c8:
         fc:8f:d5:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRGVmar4uHsgRf4qKel27jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOWI1MTNlNjU3MDZmY2FhNTQzYTExYTBlNDJkMjhiMTA5
ZGYzYjYwHhcNMjUxMTA0MjMwMDA2WhcNMjUxMTA1MjMwMDA2WjAzMTEwLwYDVQQD
EygxMDY1NTI4YWM3ZGVkYWRjNzA5MWE0MGQxNzQxMGRlNjkwNjMzNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvijhZA1j00LFnILT6xYOOdoqvbe
+jOU9kK/sSlLl2BkLgwGrmQ8g1pR7SvDmpC2Hf9lSVzLAnCP2oQ3i6Iz1o1lyexA
ccxhLm0Qp4qH1n+uoJzk7KOAWglUcuYkdSiJv3U/n5s3a3AXqnrmBetay8Go/xG6
DDjQeLdMAzVHwdF4inma1VmHOO5sTMVATusJrld/x9BEsao0YA9hqUY0MCNwd3YK
CxrFP7HBYncRpNnAaE4n7BdcB60ndeAdFScFQEMHhotX6F4FQAHusM82ZKYWhdHh
UZODDY8vMNfcwBxyM/ugrqzNxVPaZ9su9PUpNuMHBqzPcyJ2eU/Vhm8P4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBBlUorH3trccJGkDRdBDeaQYzXjMB8GA1UdIwQY
MBaAFDKbUT5lcG/KpUOhGg5C0osQnfO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYt
ODE0YTYxMWVjYTYwLzEvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYtODE0YTYxMWVjYTYw
LzEvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWA6TjDOZ
3QweSrgIJ8yVyTyWmHNY7RFOrpid5TB89kh81/wpYQoz+DgIN88VapWiCUv1dhJG
SRJNycTOVE2RHAHcOUTOtGn8Vsb29J7wlvwIJMepoHnF+GgWgYiZ7iPbhQaQ0Aok
jyTGT13nLR/aazJ727Snu6tY0J3I7d86IEPTpnQz4MUByGOdN6lp9N8q3XONBA/3
+IAvnzfXEOaAMb/4xbQj+np3WAEAKm+5p8dB5GgKg9bINmCfO1sRTJ1mMcyMSDRF
vi14sszdZc944BKW7xlG6JXI3oq0or2GS4RwGZ86XP2Jusy+nwazy823SrTzntjn
6SZUKsbI/I/Vcw==
-----END CERTIFICATE-----