Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          a0+H+7E5axJue9QVcB93Uusa0WASM+NuvxpLONQwl7s=
Subject key identifier:   3A:C4:A9:E8:1B:8A:39:D2:36:8E:6A:EC:91:F8:66:EB:AB:74:DE:47
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       019A4DE195F1E944A2125F04F092791C16D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0DEC
Signing time:             Tue 04 Nov 2025 08:00:20 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:20 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:20 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: 2RzdrOiH9+vMvUM9y6rTBRc24OmswtxfqIAkxZseFew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:95:f1:e9:44:a2:12:5f:04:f0:92:79:1c:16:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Nov  4 08:00:20 2025 GMT
            Not After : Nov  5 08:00:20 2025 GMT
        Subject: CN=3ac4a9e81b8a39d2368e6aec91f866ebab74de47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:86:65:98:30:90:b9:db:55:12:87:c5:7b:8b:
                    e0:5a:d4:ce:27:e4:38:c0:14:6c:c2:c4:0f:a8:1b:
                    f6:86:c1:c8:d3:fa:a7:87:7f:f8:dd:a4:71:fd:a2:
                    10:47:df:c6:47:27:b2:62:52:45:60:90:c5:89:1a:
                    ee:d5:2d:54:2f:d1:fd:b7:3a:53:3c:c2:b6:8f:f8:
                    dd:8d:56:5b:bf:af:fa:19:db:92:c9:c7:27:02:ba:
                    72:35:f3:ec:2c:8d:e2:c6:d5:68:ce:96:b9:6d:f8:
                    05:23:60:54:a1:39:0b:e0:2f:92:eb:db:57:dd:f9:
                    7d:19:19:c7:2b:29:43:1c:e7:dd:6b:37:8f:75:ec:
                    cc:7c:81:0b:d8:75:4e:88:f8:92:cc:4a:15:e2:72:
                    51:a2:13:51:43:ca:db:fb:a9:e7:12:82:01:64:df:
                    5f:97:c0:1b:9c:0d:0a:3c:f5:cd:3d:96:b2:ea:61:
                    15:98:a3:cd:a4:b9:da:9b:f8:be:d5:92:5f:f0:b4:
                    c9:53:f1:fa:1b:c7:5e:c0:ff:0c:74:1d:1c:36:78:
                    e3:98:b4:e7:9f:b6:3c:bd:96:a8:45:36:ee:53:f3:
                    a4:0c:a1:c0:f4:5d:b5:fc:f5:51:38:42:d7:bb:9e:
                    4b:23:57:bc:3e:89:8f:85:71:b9:5a:06:31:74:fc:
                    8e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:C4:A9:E8:1B:8A:39:D2:36:8E:6A:EC:91:F8:66:EB:AB:74:DE:47
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:67:ac:19:7a:8e:82:c8:7a:c3:65:19:9e:c1:83:b0:1d:6a:
         b6:ab:28:25:53:38:e4:4d:ed:da:7b:bf:24:0a:22:b9:c5:57:
         0f:4d:23:e3:b6:a4:13:9f:5d:ce:aa:ac:31:5a:54:e2:8a:a4:
         ff:7e:a3:eb:a7:ef:61:f8:f3:60:dd:c4:aa:ba:61:7a:74:02:
         47:32:d9:37:4a:ed:cd:bc:bf:c7:53:ce:a2:99:04:80:44:45:
         a6:85:38:73:ae:a9:b4:c0:4d:4b:8a:da:1d:81:48:06:1f:18:
         71:57:e0:71:bd:66:e0:4b:21:4b:60:65:0e:ce:a9:f2:65:3d:
         f3:e0:ad:32:5d:2a:7b:dd:77:ac:4e:58:ca:8d:51:de:d4:06:
         f3:ec:6c:76:df:6d:54:b9:fa:4f:f2:e1:ed:58:bd:c3:60:d5:
         c8:00:54:29:57:87:c8:77:55:5d:99:c0:1c:0c:63:87:7f:b6:
         9f:99:2c:95:4d:de:8d:e2:ac:18:ea:87:3d:80:6b:9a:71:fc:
         43:8e:47:73:28:54:6e:09:dc:d4:4a:b8:0d:7d:bc:b0:db:0f:
         25:94:ca:a6:3c:5e:b6:c1:5a:1b:72:39:94:08:24:44:a5:ca:
         1c:46:1b:33:84:83:c2:8e:d1:4e:aa:bd:80:18:c4:74:2d:86:
         92:95:b0:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4ZXx6USiEl8E8JJ5HBbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjUxMTA0MDgwMDIwWhcNMjUxMTA1MDgwMDIwWjAzMTEwLwYDVQQD
EygzYWM0YTllODFiOGEzOWQyMzY4ZTZhZWM5MWY4NjZlYmFiNzRkZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IZlmDCQudtVEofFe4vgWtTOJ+Q4
wBRswsQPqBv2hsHI0/qnh3/43aRx/aIQR9/GRyeyYlJFYJDFiRru1S1UL9H9tzpT
PMK2j/jdjVZbv6/6GduSyccnArpyNfPsLI3ixtVozpa5bfgFI2BUoTkL4C+S69tX
3fl9GRnHKylDHOfdazePdezMfIEL2HVOiPiSzEoV4nJRohNRQ8rb+6nnEoIBZN9f
l8AbnA0KPPXNPZay6mEVmKPNpLnam/i+1ZJf8LTJU/H6G8dewP8MdB0cNnjjmLTn
n7Y8vZaoRTbuU/OkDKHA9F21/PVROELXu55LI1e8PomPhXG5WgYxdPyONwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrEqegbijnSNo5q7JH4ZuurdN5HMB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnWesGXqO
gsh6w2UZnsGDsB1qtqsoJVM45E3t2nu/JAoiucVXD00j47akE59dzqqsMVpU4oqk
/36j66fvYfjzYN3EqrphenQCRzLZN0rtzby/x1POopkEgERFpoU4c66ptMBNS4ra
HYFIBh8YcVfgcb1m4EshS2BlDs6p8mU98+CtMl0qe913rE5Yyo1R3tQG8+xsdt9t
VLn6T/Lh7Vi9w2DVyABUKVeHyHdVXZnAHAxjh3+2n5kslU3ejeKsGOqHPYBrmnH8
Q45HcyhUbgnc1Eq4DX28sNsPJZTKpjxetsFaG3I5lAgkRKXKHEYbM4SDwo7RTqq9
gBjEdC2GkpWwdA==
-----END CERTIFICATE-----