Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
File:                     RmSgU4XAYmgVApGX6xUGSF09bRw.mft (raw, json)
Hash identifier:          JISafDA9EphPVqt+QbnvLJv+4489dzePjU9e5Ag90YQ=
Subject key identifier:   C7:2C:2D:21:04:EE:AC:9F:EC:B3:33:46:55:88:E6:1D:06:8F:D1:64
Authority key identifier: 46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C
Certificate issuer:       /CN=4664a05385c0626815029197eb1506485d3d6d1c
Certificate serial:       019A541A895FD3A92E3012ADF79C4F5D1BC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
Manifest number:          0865
Signing time:             Wed 05 Nov 2025 13:00:16 +0000
Manifest this update:     Wed 05 Nov 2025 13:00:16 +0000
Manifest next update:     Thu 06 Nov 2025 13:00:16 +0000
Files and hashes:         1: RmSgU4XAYmgVApGX6xUGSF09bRw.crl (hash: HL+M3qlUzHYps4S7IKt/6xSeokqIhDnja4OF2n8dqT0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:1a:89:5f:d3:a9:2e:30:12:ad:f7:9c:4f:5d:1b:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4664a05385c0626815029197eb1506485d3d6d1c
        Validity
            Not Before: Nov  5 13:00:16 2025 GMT
            Not After : Nov  6 13:00:16 2025 GMT
        Subject: CN=c72c2d2104eeac9fecb333465588e61d068fd164
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:21:ba:c3:2d:d3:10:23:32:ef:2a:07:bb:11:
                    97:78:b2:64:fb:86:f5:bf:a0:6c:46:57:98:b7:c2:
                    fd:f8:bf:32:14:b5:41:64:04:a4:84:85:a4:c8:28:
                    21:9f:99:b1:89:12:04:4f:cc:75:63:7e:e1:ea:5f:
                    98:68:40:f2:0e:32:ce:85:75:d2:68:8b:71:8c:33:
                    45:31:91:f2:65:33:5a:9a:f3:5b:f2:b2:5c:e0:09:
                    c1:d9:d5:4c:65:05:d8:47:0c:ed:cb:58:86:6c:13:
                    1e:60:15:6e:03:0e:7c:b4:f1:74:bd:5a:68:f7:74:
                    64:cd:9c:1e:8c:28:4e:82:74:f9:00:2e:bc:f9:be:
                    10:79:6b:b8:43:6c:28:06:73:29:7c:30:8e:cd:e5:
                    c4:21:30:41:9a:a9:13:63:97:8a:51:38:3d:5c:02:
                    8e:27:f0:a3:2e:85:50:98:31:09:d4:ef:6f:ec:e5:
                    8f:20:cb:e5:10:77:d8:73:4b:7a:1d:fe:2c:20:37:
                    4b:2b:fd:03:a4:14:77:e7:9f:57:9a:eb:f6:35:e6:
                    af:74:d7:cc:3b:23:29:ca:c0:cc:66:fa:47:58:2e:
                    87:00:75:7b:2a:17:07:f0:2a:84:44:49:9d:7a:a8:
                    7b:af:80:d5:3f:57:b6:21:a8:3a:b1:32:0a:bd:0c:
                    cb:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:2C:2D:21:04:EE:AC:9F:EC:B3:33:46:55:88:E6:1D:06:8F:D1:64
            X509v3 Authority Key Identifier:
                keyid:46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:e3:61:10:40:69:c5:63:03:98:8f:57:2c:48:b0:78:0c:4d:
         c1:01:b0:67:65:93:c7:84:bd:b0:df:87:e9:45:3e:83:28:94:
         eb:bc:c5:8d:af:d0:82:19:26:fc:8e:5d:19:9b:4f:4b:c9:c2:
         8c:59:a0:25:d3:e5:3a:cd:e3:66:9c:ac:ca:04:cc:8d:a3:19:
         30:b5:20:08:da:56:6b:23:6c:e1:df:b9:4d:b2:6a:d1:5c:4a:
         29:9f:d6:68:bd:da:ca:52:46:12:b9:29:ad:18:23:4d:dc:77:
         6c:62:dd:a1:2f:ab:2c:b9:e5:88:74:19:94:bd:cc:9f:be:a4:
         ef:6f:46:25:6f:2d:cb:c0:b0:48:04:63:bd:bc:c3:36:3d:a1:
         6e:27:e3:bd:f1:2f:97:6b:30:5c:cb:34:e5:83:39:8b:da:da:
         89:27:dc:5e:63:58:dc:64:11:b5:d1:ec:3e:34:d1:51:34:bb:
         a0:21:a4:c1:43:ca:cb:12:9f:6b:48:b4:ca:7f:01:8d:0a:a3:
         c4:42:b5:04:13:42:d8:15:77:34:25:e9:9e:29:9e:9e:f4:09:
         bb:2f:1e:6f:2c:98:9a:db:fd:26:f3:7c:db:98:f3:31:aa:a3:
         b0:7c:1d:a6:de:e9:a0:2b:a7:04:96:0e:33:d4:36:14:45:9a:
         b8:b4:69:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUGolf06kuMBKt95xPXRvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NjRhMDUzODVjMDYyNjgxNTAyOTE5N2ViMTUwNjQ4NWQz
ZDZkMWMwHhcNMjUxMTA1MTMwMDE2WhcNMjUxMTA2MTMwMDE2WjAzMTEwLwYDVQQD
EyhjNzJjMmQyMTA0ZWVhYzlmZWNiMzMzNDY1NTg4ZTYxZDA2OGZkMTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyG6wy3TECMy7yoHuxGXeLJk+4b1
v6BsRleYt8L9+L8yFLVBZASkhIWkyCghn5mxiRIET8x1Y37h6l+YaEDyDjLOhXXS
aItxjDNFMZHyZTNamvNb8rJc4AnB2dVMZQXYRwzty1iGbBMeYBVuAw58tPF0vVpo
93RkzZwejChOgnT5AC68+b4QeWu4Q2woBnMpfDCOzeXEITBBmqkTY5eKUTg9XAKO
J/CjLoVQmDEJ1O9v7OWPIMvlEHfYc0t6Hf4sIDdLK/0DpBR3559Xmuv2NeavdNfM
OyMpysDMZvpHWC6HAHV7KhcH8CqEREmdeqh7r4DVP1e2Iag6sTIKvQzL/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcsLSEE7qyf7LMzRlWI5h0Gj9FkMB8GA1UdIwQY
MBaAFEZkoFOFwGJoFQKRl+sVBkhdPW0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTkt
OWM4NDg1NDgzZDU5LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTktOWM4NDg1NDgzZDU5
LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFONhEEBp
xWMDmI9XLEiweAxNwQGwZ2WTx4S9sN+H6UU+gyiU67zFja/Qghkm/I5dGZtPS8nC
jFmgJdPlOs3jZpysygTMjaMZMLUgCNpWayNs4d+5TbJq0VxKKZ/WaL3aylJGErkp
rRgjTdx3bGLdoS+rLLnliHQZlL3Mn76k729GJW8ty8CwSARjvbzDNj2hbifjvfEv
l2swXMs05YM5i9raiSfcXmNY3GQRtdHsPjTRUTS7oCGkwUPKyxKfa0i0yn8BjQqj
xEK1BBNC2BV3NCXpnimenvQJuy8ebyyYmtv9JvN825jzMaqjsHwdpt7poCunBJYO
M9Q2FEWauLRptQ==
-----END CERTIFICATE-----