Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          ewvYeNWBBilwLu/KJQiuHlUrWzsI29ujTjCrq9ch8/E=
Subject key identifier:   9F:9B:A7:89:FA:CE:96:8E:F8:96:A4:79:DC:EF:B3:9D:A1:AD:6E:72
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       019A4E4FA5528F66DB456825254482BE81E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          0801
Signing time:             Tue 04 Nov 2025 10:00:33 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:33 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:33 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: YpVpwMEd/nPuPo9jBVLtWqBaZ+2UH/w8fUakMG+1Axg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:a5:52:8f:66:db:45:68:25:25:44:82:be:81:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: Nov  4 10:00:33 2025 GMT
            Not After : Nov  5 10:00:33 2025 GMT
        Subject: CN=9f9ba789face968ef896a479dcefb39da1ad6e72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:9a:32:9c:62:63:83:40:fb:e6:1d:12:96:34:
                    41:4c:dc:46:4d:58:f5:0c:0c:d5:ee:85:5c:ec:fe:
                    ac:e7:a9:23:03:a4:33:a6:6a:8f:7c:92:60:92:48:
                    d6:5e:1b:10:da:89:42:a2:c7:a5:2a:3f:95:59:e2:
                    f6:1d:e5:6b:ec:e7:d6:1e:78:95:a1:d6:fa:64:46:
                    b4:cb:16:cd:8f:07:ae:d2:a5:7a:16:05:a3:ae:f5:
                    f6:bc:85:a5:08:a7:16:91:98:d4:67:0a:6d:07:3f:
                    8f:59:6c:8d:f3:5d:da:8d:3a:33:a1:4f:ac:9c:a7:
                    97:77:04:72:ff:55:df:44:55:b9:d0:16:23:4b:a8:
                    5e:5b:d7:26:20:2a:4c:8a:ad:a3:d0:c0:6c:b1:46:
                    5e:e3:30:11:ef:2d:cc:25:27:98:d3:85:f8:92:37:
                    06:63:35:3d:c4:43:24:39:07:24:3b:d5:cd:04:0f:
                    9f:d9:73:ad:56:8e:a6:15:c1:98:eb:f9:61:63:04:
                    06:46:c4:12:c3:52:e7:fc:64:28:1c:0b:c1:41:bb:
                    c9:07:1a:1e:6c:12:7f:3a:2e:57:1c:ce:52:e1:7e:
                    cd:fa:64:66:6c:e8:c9:d0:8f:fd:05:e9:de:0f:eb:
                    5b:d9:d6:f8:26:f8:ed:c9:dd:88:47:f5:61:b5:e3:
                    f5:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:9B:A7:89:FA:CE:96:8E:F8:96:A4:79:DC:EF:B3:9D:A1:AD:6E:72
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:7c:8c:8f:1a:73:e3:bb:ec:2b:14:b4:78:4b:46:ea:51:52:
         6c:27:c0:f4:18:57:57:3e:c3:5a:7c:65:b2:4b:19:36:7f:1e:
         83:1f:c6:98:87:80:2d:f3:4e:5b:12:0c:9f:7d:28:9b:a2:72:
         6e:48:52:8d:29:e7:b8:d2:1f:6e:68:a0:61:f9:ec:bb:d2:04:
         1f:4f:0b:03:22:2a:d2:d4:b3:b5:91:12:4d:dd:7c:0b:cf:59:
         8c:d0:fe:47:10:64:3e:00:38:1a:a3:29:19:53:0e:d7:f2:d9:
         a8:65:9a:a0:de:ea:0e:49:7f:01:ce:55:2f:08:cf:f0:1e:36:
         3d:78:88:1a:74:bd:e3:18:2a:f0:59:24:cb:62:c2:20:ae:06:
         69:2a:0b:4d:45:60:ca:ee:3e:fe:bb:4c:9b:6a:ba:6f:d3:fc:
         63:6d:63:39:f0:5d:e8:36:fa:93:58:d5:d3:cc:6d:d9:64:39:
         98:69:b6:d4:a8:69:ad:f7:46:2d:1e:72:bf:04:e0:23:79:88:
         b1:43:05:23:38:70:4a:43:04:99:a9:db:c4:46:c4:a0:8e:53:
         8d:02:57:e1:4d:2c:ef:0b:2b:64:99:34:6d:7b:e4:8a:ab:e5:
         44:d0:ac:e4:be:57:65:fb:58:d4:42:43:b1:ee:6e:08:54:c1:
         1b:29:0a:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT6VSj2bbRWglJUSCvoHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjUxMTA0MTAwMDMzWhcNMjUxMTA1MTAwMDMzWjAzMTEwLwYDVQQD
Eyg5ZjliYTc4OWZhY2U5NjhlZjg5NmE0NzlkY2VmYjM5ZGExYWQ2ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5poynGJjg0D75h0SljRBTNxGTVj1
DAzV7oVc7P6s56kjA6QzpmqPfJJgkkjWXhsQ2olCoselKj+VWeL2HeVr7OfWHniV
odb6ZEa0yxbNjweu0qV6FgWjrvX2vIWlCKcWkZjUZwptBz+PWWyN813ajTozoU+s
nKeXdwRy/1XfRFW50BYjS6heW9cmICpMiq2j0MBssUZe4zAR7y3MJSeY04X4kjcG
YzU9xEMkOQckO9XNBA+f2XOtVo6mFcGY6/lhYwQGRsQSw1Ln/GQoHAvBQbvJBxoe
bBJ/Oi5XHM5S4X7N+mRmbOjJ0I/9BeneD+tb2db4Jvjtyd2IR/VhteP1aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+bp4n6zpaO+Jakedzvs52hrW5yMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd3yMjxpz
47vsKxS0eEtG6lFSbCfA9BhXVz7DWnxlsksZNn8egx/GmIeALfNOWxIMn30om6Jy
bkhSjSnnuNIfbmigYfnsu9IEH08LAyIq0tSztZESTd18C89ZjND+RxBkPgA4GqMp
GVMO1/LZqGWaoN7qDkl/Ac5VLwjP8B42PXiIGnS94xgq8Fkky2LCIK4GaSoLTUVg
yu4+/rtMm2q6b9P8Y21jOfBd6Db6k1jV08xt2WQ5mGm21KhprfdGLR5yvwTgI3mI
sUMFIzhwSkMEmanbxEbEoI5TjQJX4U0s7wsrZJk0bXvkiqvlRNCs5L5XZftY1EJD
se5uCFTBGykKDQ==
-----END CERTIFICATE-----