Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
File:                     I0AYtVE7d50uHjrBqGpZO92XTKc.mft (raw, json)
Hash identifier:          jywEShcU3BCaphpy91P+GdqQM96wOWfjsgB/7kHkAbY=
Subject key identifier:   7B:D2:B0:04:47:9A:C5:17:6A:16:C3:22:8B:DF:E6:53:C4:27:AB:05
Authority key identifier: 23:40:18:B5:51:3B:77:9D:2E:1E:3A:C1:A8:6A:59:3B:DD:97:4C:A7
Certificate issuer:       /CN=234018b5513b779d2e1e3ac1a86a593bdd974ca7
Certificate serial:       019A4F623CE196B9D3BE60B541C0BA9E377A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
Manifest number:          02EE
Signing time:             Tue 04 Nov 2025 15:00:29 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:29 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:29 +0000
Files and hashes:         1: I0AYtVE7d50uHjrBqGpZO92XTKc.crl (hash: JsEzVJchYE89HXflWfL8gFLFR6bx5H03EYXZeViCelY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:3c:e1:96:b9:d3:be:60:b5:41:c0:ba:9e:37:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=234018b5513b779d2e1e3ac1a86a593bdd974ca7
        Validity
            Not Before: Nov  4 15:00:29 2025 GMT
            Not After : Nov  5 15:00:29 2025 GMT
        Subject: CN=7bd2b004479ac5176a16c3228bdfe653c427ab05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:0f:d8:41:6b:fb:4b:a7:7e:26:8b:b6:e7:28:
                    36:83:dc:fd:fc:21:5c:b0:6f:99:ef:dc:e2:ab:5a:
                    9b:b2:7d:3d:ef:d8:9c:6a:c3:27:54:ea:12:57:72:
                    68:3c:a5:62:83:4c:a5:48:5d:84:d5:ee:65:e9:8f:
                    24:c5:b4:c3:02:6f:fb:b6:c8:88:69:a6:92:33:27:
                    ea:1a:3c:f3:ac:0b:35:39:46:a5:e3:83:68:fc:c7:
                    74:eb:f2:2b:1d:22:99:1a:93:d8:ed:4a:92:9a:d1:
                    f7:7a:3e:b6:d9:98:20:35:78:4c:62:3d:a6:90:50:
                    03:1d:0c:e3:62:6c:2e:9d:f0:21:64:50:be:5b:77:
                    45:cb:42:b4:a3:69:51:8e:00:60:61:fb:0b:2d:38:
                    cc:6e:b7:62:84:db:0a:26:7e:22:26:10:39:55:a5:
                    e7:55:c1:ee:44:71:79:26:24:cc:df:eb:bc:9f:90:
                    97:19:fd:84:dd:98:6d:02:74:2d:33:11:8f:dd:44:
                    01:71:e7:d1:98:dd:57:2a:7e:73:08:15:a2:de:ed:
                    af:1d:8c:76:20:a8:55:40:af:cb:93:e8:88:77:18:
                    fa:89:85:55:ef:1a:3f:91:2c:17:51:ba:b2:ab:1b:
                    05:6a:e6:50:9d:bd:5d:dd:dc:09:4a:64:dc:d1:30:
                    ec:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:D2:B0:04:47:9A:C5:17:6A:16:C3:22:8B:DF:E6:53:C4:27:AB:05
            X509v3 Authority Key Identifier:
                keyid:23:40:18:B5:51:3B:77:9D:2E:1E:3A:C1:A8:6A:59:3B:DD:97:4C:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:45:03:3f:cd:4f:47:c5:40:93:6a:46:67:eb:98:a5:88:20:
         1c:df:ee:26:ad:db:b8:b5:c2:44:99:a1:c2:5f:50:6a:dd:d2:
         01:06:b6:e3:6a:86:43:29:7e:26:dd:54:a5:f4:ab:92:04:c3:
         ad:80:7d:9a:c3:15:1a:57:9f:65:3e:38:6c:82:52:7f:3b:04:
         e2:1e:a3:8c:aa:b1:a2:5c:74:af:b7:66:ed:f6:fb:c0:71:73:
         bf:18:09:e7:23:98:6c:4f:43:9a:98:6a:ad:a8:d6:72:41:b5:
         b0:e2:52:43:1a:74:a7:44:54:0f:3c:3f:d6:eb:c1:6e:6f:32:
         db:81:21:85:b0:49:a3:1b:c9:84:76:9a:35:9e:db:68:07:72:
         12:a2:f1:b9:76:f0:87:d5:4c:bd:b2:c9:75:ec:c6:9c:ea:56:
         a7:b1:1d:53:e0:6b:ae:5f:36:13:12:b8:b2:5e:8b:90:83:a8:
         5a:6f:bf:a9:78:9e:a1:3c:63:fa:66:df:8c:2c:dd:6a:78:fd:
         39:fa:f9:15:5a:88:71:ca:a4:c6:19:34:48:5d:0a:1c:89:ef:
         c6:57:e7:e4:56:5b:44:3b:e7:bc:16:cf:3b:f7:8d:23:12:0c:
         cd:2d:97:06:4e:f7:e2:2a:47:88:ee:46:13:ad:af:09:01:2d:
         aa:40:f5:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYjzhlrnTvmC1QcC6njd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDAxOGI1NTEzYjc3OWQyZTFlM2FjMWE4NmE1OTNiZGQ5
NzRjYTcwHhcNMjUxMTA0MTUwMDI5WhcNMjUxMTA1MTUwMDI5WjAzMTEwLwYDVQQD
Eyg3YmQyYjAwNDQ3OWFjNTE3NmExNmMzMjI4YmRmZTY1M2M0MjdhYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6A/YQWv7S6d+Jou25yg2g9z9/CFc
sG+Z79ziq1qbsn0979icasMnVOoSV3JoPKVig0ylSF2E1e5l6Y8kxbTDAm/7tsiI
aaaSMyfqGjzzrAs1OUal44No/Md06/IrHSKZGpPY7UqSmtH3ej622ZggNXhMYj2m
kFADHQzjYmwunfAhZFC+W3dFy0K0o2lRjgBgYfsLLTjMbrdihNsKJn4iJhA5VaXn
VcHuRHF5JiTM3+u8n5CXGf2E3ZhtAnQtMxGP3UQBcefRmN1XKn5zCBWi3u2vHYx2
IKhVQK/Lk+iIdxj6iYVV7xo/kSwXUbqyqxsFauZQnb1d3dwJSmTc0TDs+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvSsARHmsUXahbDIovf5lPEJ6sFMB8GA1UdIwQY
MBaAFCNAGLVRO3edLh46wahqWTvdl0ynMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9iMTgwODAtZTNjOS00MTE0LWExNzQt
YzNkNmM3YzhiYThhLzEvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9iMTgwODAtZTNjOS00MTE0LWExNzQtYzNkNmM3YzhiYThh
LzEvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO0UDP81P
R8VAk2pGZ+uYpYggHN/uJq3buLXCRJmhwl9Qat3SAQa242qGQyl+Jt1UpfSrkgTD
rYB9msMVGlefZT44bIJSfzsE4h6jjKqxolx0r7dm7fb7wHFzvxgJ5yOYbE9Dmphq
rajWckG1sOJSQxp0p0RUDzw/1uvBbm8y24EhhbBJoxvJhHaaNZ7baAdyEqLxuXbw
h9VMvbLJdezGnOpWp7EdU+Brrl82ExK4sl6LkIOoWm+/qXieoTxj+mbfjCzdanj9
Ofr5FVqIccqkxhk0SF0KHInvxlfn5FZbRDvnvBbPO/eNIxIMzS2XBk734ipHiO5G
E62vCQEtqkD10Q==
-----END CERTIFICATE-----