Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
File:                     clOCbDGl92CXvNwqL2UZiKE2flM.mft (raw, json)
Hash identifier:          BxeiCVRRkdSHDYcmbL/LIEeh1gki9SspvuowxCFV5tE=
Subject key identifier:   FB:D4:E9:7E:52:05:9F:A7:C1:C6:6C:FA:D9:42:CD:C3:0B:6A:AB:69
Authority key identifier: 72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
Certificate issuer:       /CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Certificate serial:       019A4F623AC097C88E0E16FB2E349DE40A5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
Manifest number:          09E5
Signing time:             Tue 04 Nov 2025 15:00:28 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:28 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:28 +0000
Files and hashes:         1: clOCbDGl92CXvNwqL2UZiKE2flM.crl (hash: y/K1LnxhYJGOOzKR17+E9+YIx1P7vwUVM+5Gex/nKEI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:3a:c0:97:c8:8e:0e:16:fb:2e:34:9d:e4:0a:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7253826c31a5f76097bcdc2a2f651988a1367e53
        Validity
            Not Before: Nov  4 15:00:28 2025 GMT
            Not After : Nov  5 15:00:28 2025 GMT
        Subject: CN=fbd4e97e52059fa7c1c66cfad942cdc30b6aab69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a9:df:55:83:b8:8d:30:69:dc:64:ba:1d:75:
                    02:ac:23:af:3e:60:1f:35:35:45:2f:01:b9:e9:d6:
                    e5:68:12:51:da:cd:5c:f5:80:35:04:da:58:11:b9:
                    e0:bf:96:47:b5:1e:6d:51:f3:8e:ea:63:b6:dd:af:
                    34:3a:62:fa:fe:f6:34:52:83:ba:ab:51:ef:aa:e9:
                    57:3e:50:46:4e:c2:5e:bc:3c:74:fa:2e:b3:38:3c:
                    c3:23:15:74:eb:27:0e:c6:3c:29:62:ed:8c:5d:27:
                    3e:3b:7b:db:38:2f:26:b2:c1:84:38:86:31:63:a5:
                    50:f1:75:68:54:dc:8c:b0:47:d6:60:2d:7b:66:e3:
                    6c:dc:de:71:1d:9a:e4:3a:fc:0e:9a:74:1a:a1:37:
                    63:98:05:f6:f1:39:82:d5:c2:29:cc:6e:bf:be:45:
                    cc:8f:61:0f:40:b2:1c:39:54:ed:75:2a:cb:b8:4d:
                    c4:a2:3f:c0:4e:f0:7b:63:94:8e:58:ff:c1:e0:e0:
                    64:26:61:82:a4:f5:a9:9d:4b:5c:43:cb:bc:49:90:
                    72:2b:fd:94:cf:bd:37:9a:90:fc:af:e1:a3:c1:e8:
                    23:09:ee:c1:0d:e7:03:d0:d0:e5:b2:59:c1:60:ee:
                    71:44:83:22:d7:c4:47:cb:b5:09:83:3f:59:8b:a7:
                    27:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:D4:E9:7E:52:05:9F:A7:C1:C6:6C:FA:D9:42:CD:C3:0B:6A:AB:69
            X509v3 Authority Key Identifier:
                keyid:72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:cc:45:df:ac:39:a1:ec:52:25:70:bc:9b:40:4a:5f:ee:fe:
         71:03:9a:c4:32:a6:fb:bc:44:15:90:e5:16:37:59:c4:e7:7d:
         ee:59:10:4d:9d:d4:ed:ed:38:53:2e:da:fc:dd:f2:b6:14:d9:
         a8:dc:91:fa:73:c9:7a:4b:a0:cb:40:16:81:ee:17:f0:a7:20:
         5b:15:4f:4b:bf:eb:d4:b8:12:19:9c:06:bb:20:31:74:e9:8c:
         f1:dc:02:3b:67:48:e9:0c:c7:13:85:5e:9a:55:d5:bc:33:9a:
         ca:51:67:db:73:33:f8:33:4e:09:27:cf:95:d8:33:91:b3:3d:
         55:52:64:b1:da:9f:f0:51:c7:cc:82:ad:cd:67:ea:60:e6:73:
         e5:52:54:d9:7f:90:86:7c:65:f8:30:3d:8c:63:78:79:21:77:
         21:45:74:a4:06:75:c8:0a:5f:f6:5e:0d:b4:79:35:07:2a:42:
         52:87:25:a0:01:8b:57:84:d8:6c:0a:2d:ed:29:c3:65:6c:ff:
         60:43:6c:a8:fe:43:c6:28:cf:0f:7b:a0:84:fd:45:4b:2f:a2:
         4c:29:9c:f3:96:bc:5a:a5:e9:54:a6:40:ec:59:df:60:2e:9e:
         7b:46:e2:b2:7f:37:00:09:7c:5a:1d:08:66:ec:7f:85:c7:06:
         f1:a3:8a:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYjrAl8iODhb7LjSd5ApfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTM4MjZjMzFhNWY3NjA5N2JjZGMyYTJmNjUxOTg4YTEz
NjdlNTMwHhcNMjUxMTA0MTUwMDI4WhcNMjUxMTA1MTUwMDI4WjAzMTEwLwYDVQQD
EyhmYmQ0ZTk3ZTUyMDU5ZmE3YzFjNjZjZmFkOTQyY2RjMzBiNmFhYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6nfVYO4jTBp3GS6HXUCrCOvPmAf
NTVFLwG56dblaBJR2s1c9YA1BNpYEbngv5ZHtR5tUfOO6mO23a80OmL6/vY0UoO6
q1HvqulXPlBGTsJevDx0+i6zODzDIxV06ycOxjwpYu2MXSc+O3vbOC8mssGEOIYx
Y6VQ8XVoVNyMsEfWYC17ZuNs3N5xHZrkOvwOmnQaoTdjmAX28TmC1cIpzG6/vkXM
j2EPQLIcOVTtdSrLuE3Eoj/ATvB7Y5SOWP/B4OBkJmGCpPWpnUtcQ8u8SZByK/2U
z703mpD8r+GjwegjCe7BDecD0NDlslnBYO5xRIMi18RHy7UJgz9Zi6cnxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvU6X5SBZ+nwcZs+tlCzcMLaqtpMB8GA1UdIwQY
MBaAFHJTgmwxpfdgl7zcKi9lGYihNn5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGIt
ZjNmNTFjMTA3MGI5LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGItZjNmNTFjMTA3MGI5
LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwsxF36w5
oexSJXC8m0BKX+7+cQOaxDKm+7xEFZDlFjdZxOd97lkQTZ3U7e04Uy7a/N3ythTZ
qNyR+nPJekugy0AWge4X8KcgWxVPS7/r1LgSGZwGuyAxdOmM8dwCO2dI6QzHE4Ve
mlXVvDOaylFn23Mz+DNOCSfPldgzkbM9VVJksdqf8FHHzIKtzWfqYOZz5VJU2X+Q
hnxl+DA9jGN4eSF3IUV0pAZ1yApf9l4NtHk1BypCUocloAGLV4TYbAot7SnDZWz/
YENsqP5DxijPD3ughP1FSy+iTCmc85a8WqXpVKZA7FnfYC6ee0bisn83AAl8Wh0I
Zux/hccG8aOKvA==
-----END CERTIFICATE-----