Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft
File:                     fPxZzhNuPpOobeVfBdSaWeFcu78.mft (raw, json)
Hash identifier:          Mqk10w8GP8PjsUxFmjQgOwz7oYH/VT+cxe09xyHdEUA=
Subject key identifier:   16:52:C5:1F:C1:3B:75:67:3D:F4:4B:95:92:2C:0F:AA:27:34:E4:A5
Authority key identifier: 7C:FC:59:CE:13:6E:3E:93:A8:6D:E5:5F:05:D4:9A:59:E1:5C:BB:BF
Certificate issuer:       /CN=7cfc59ce136e3e93a86de55f05d49a59e15cbbbf
Certificate serial:       019A503E1DE640BF154F1DCFB855848252EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft
Manifest number:          0AAA
Signing time:             Tue 04 Nov 2025 19:00:39 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:39 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:39 +0000
Files and hashes:         1: fPxZzhNuPpOobeVfBdSaWeFcu78.crl (hash: ksur2cIYKjTfTLixmVl1FhHkl4OmqXj/5QTRGXipxFU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3e:1d:e6:40:bf:15:4f:1d:cf:b8:55:84:82:52:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7cfc59ce136e3e93a86de55f05d49a59e15cbbbf
        Validity
            Not Before: Nov  4 19:00:39 2025 GMT
            Not After : Nov  5 19:00:39 2025 GMT
        Subject: CN=1652c51fc13b75673df44b95922c0faa2734e4a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:2c:39:2e:15:f9:86:a1:37:76:36:ca:c0:df:
                    43:bf:c6:97:38:1a:f9:b4:c5:fa:d0:ae:15:24:66:
                    c3:fe:76:31:05:11:f8:99:21:f8:c8:29:10:8d:3c:
                    26:24:cb:0f:fd:5f:e2:ee:04:73:91:02:0e:e6:4f:
                    d4:e6:1f:13:35:ff:f9:32:7a:1a:78:4c:14:2c:db:
                    9b:46:f4:53:4c:18:06:e9:b1:42:fb:a7:ca:ed:68:
                    20:22:13:e1:8d:e2:25:45:3a:b3:06:21:76:d2:b0:
                    e9:5c:cb:e6:c6:ad:ea:ef:7a:2d:ff:04:51:6f:0a:
                    dd:2f:de:d0:76:83:b5:fb:d8:1f:18:ac:a9:56:30:
                    59:7a:7e:d9:7f:e6:97:44:bb:7f:c2:66:15:e9:8d:
                    b7:b6:48:2e:dd:fa:a9:b6:e1:03:0e:e5:86:d1:aa:
                    0d:71:ef:25:4a:1b:e7:d6:48:55:0f:8f:6c:b0:62:
                    98:d1:a9:a6:25:04:0f:36:24:ba:6f:a5:c2:89:d4:
                    a4:58:5a:db:94:4f:21:c0:b7:4b:4d:a5:21:e5:b1:
                    7b:d9:8e:23:6d:2a:35:0a:a0:cb:d3:08:cf:dc:98:
                    4a:96:c3:27:66:c3:9c:c6:1f:41:92:bc:d4:d5:13:
                    f7:f2:ee:42:96:db:bf:bb:3c:37:3e:70:d2:e2:70:
                    32:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:52:C5:1F:C1:3B:75:67:3D:F4:4B:95:92:2C:0F:AA:27:34:E4:A5
            X509v3 Authority Key Identifier:
                keyid:7C:FC:59:CE:13:6E:3E:93:A8:6D:E5:5F:05:D4:9A:59:E1:5C:BB:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:03:d4:e5:e0:1f:ee:45:1e:9c:9c:4c:bf:d8:ba:82:95:34:
         10:c0:57:5a:18:dd:51:10:f9:03:d5:d0:73:02:0a:70:76:6a:
         cd:15:b3:a8:52:8a:7c:11:02:76:57:a4:1a:94:9d:84:f1:42:
         12:61:75:52:48:e5:8a:8e:25:8c:a8:3b:fe:a2:41:24:0e:fe:
         64:29:54:9d:e9:9a:98:4c:00:ad:43:c8:df:7a:ec:0d:2b:da:
         80:08:e3:0b:a1:92:e5:d8:94:62:0a:ac:0b:0a:56:b9:e6:53:
         62:4f:f3:0c:07:e9:b5:5a:27:0f:60:15:1e:9f:d0:aa:e0:60:
         15:b8:c1:91:c3:fe:56:f4:8e:29:59:37:82:5f:7b:00:ea:2b:
         79:dc:24:9e:fe:6b:c0:c6:3f:e5:27:60:1c:32:ce:ac:bd:ec:
         67:5f:b7:d7:06:6f:f8:86:c1:04:bb:86:0b:3c:57:74:70:7f:
         dd:b1:60:ec:be:39:83:8e:9e:03:32:82:71:8e:df:20:42:63:
         ff:47:e3:be:81:de:ec:b0:5c:f0:ea:97:7c:a9:74:ba:58:88:
         98:2e:53:30:ec:51:21:37:e1:1b:4e:7e:8c:7a:19:13:81:5d:
         a1:58:23:a4:73:be:1b:d7:c1:57:83:cb:13:41:b1:d9:e3:17:
         e6:62:4e:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPh3mQL8VTx3PuFWEglLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZmM1OWNlMTM2ZTNlOTNhODZkZTU1ZjA1ZDQ5YTU5ZTE1
Y2JiYmYwHhcNMjUxMTA0MTkwMDM5WhcNMjUxMTA1MTkwMDM5WjAzMTEwLwYDVQQD
EygxNjUyYzUxZmMxM2I3NTY3M2RmNDRiOTU5MjJjMGZhYTI3MzRlNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSw5LhX5hqE3djbKwN9Dv8aXOBr5
tMX60K4VJGbD/nYxBRH4mSH4yCkQjTwmJMsP/V/i7gRzkQIO5k/U5h8TNf/5Mnoa
eEwULNubRvRTTBgG6bFC+6fK7WggIhPhjeIlRTqzBiF20rDpXMvmxq3q73ot/wRR
bwrdL97QdoO1+9gfGKypVjBZen7Zf+aXRLt/wmYV6Y23tkgu3fqptuEDDuWG0aoN
ce8lShvn1khVD49ssGKY0ammJQQPNiS6b6XCidSkWFrblE8hwLdLTaUh5bF72Y4j
bSo1CqDL0wjP3JhKlsMnZsOcxh9BkrzU1RP38u5Cltu/uzw3PnDS4nAygQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZSxR/BO3VnPfRLlZIsD6onNOSlMB8GA1UdIwQY
MBaAFHz8Wc4Tbj6TqG3lXwXUmlnhXLu/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xYWNkM2YtNmYyMi00MzFjLWEwM2Mt
ODA4OTVmODhmNWQ1LzEvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xYWNkM2YtNmYyMi00MzFjLWEwM2MtODA4OTVmODhmNWQ1
LzEvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKAPU5eAf
7kUenJxMv9i6gpU0EMBXWhjdURD5A9XQcwIKcHZqzRWzqFKKfBECdlekGpSdhPFC
EmF1Ukjlio4ljKg7/qJBJA7+ZClUnemamEwArUPI33rsDSvagAjjC6GS5diUYgqs
CwpWueZTYk/zDAfptVonD2AVHp/QquBgFbjBkcP+VvSOKVk3gl97AOoredwknv5r
wMY/5SdgHDLOrL3sZ1+31wZv+IbBBLuGCzxXdHB/3bFg7L45g46eAzKCcY7fIEJj
/0fjvoHe7LBc8OqXfKl0uliImC5TMOxRITfhG05+jHoZE4FdoVgjpHO+G9fBV4PL
E0Gx2eMX5mJOWw==
-----END CERTIFICATE-----