Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
File:                     8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json)
Hash identifier:          1J1iA7r9FSLOBziwaMtZRSsZsDezy6wqQH6XCqR6cUM=
Subject key identifier:   9D:AF:85:98:D9:74:D6:F9:AB:1C:99:10:90:95:F6:76:25:48:5F:3D
Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59
Certificate issuer:       /CN=f10317f24d71a516d75043be90f5abe3fa1c9259
Certificate serial:       019A4F62B7D9D3F9D92436A7E74B8BD5B3E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
Manifest number:          12C1
Signing time:             Tue 04 Nov 2025 15:01:00 +0000
Manifest this update:     Tue 04 Nov 2025 15:01:00 +0000
Manifest next update:     Wed 05 Nov 2025 15:01:00 +0000
Files and hashes:         1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: IJkeJ5J1zncUtuODJpOFVGDnbJxTtDY74tIIxraoBgk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:b7:d9:d3:f9:d9:24:36:a7:e7:4b:8b:d5:b3:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259
        Validity
            Not Before: Nov  4 15:01:00 2025 GMT
            Not After : Nov  5 15:01:00 2025 GMT
        Subject: CN=9daf8598d974d6f9ab1c99109095f67625485f3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a5:06:da:73:30:21:39:f4:c7:d0:32:2c:f4:
                    6a:67:a7:38:0f:4c:19:c0:66:7c:cf:1e:e1:4f:e9:
                    2e:50:7a:95:d1:f9:7f:8d:3a:88:8a:51:26:72:ba:
                    69:75:c8:44:af:e0:ef:5f:bb:e8:d0:f3:88:48:d6:
                    13:67:1a:7d:d0:bf:70:07:24:7d:17:f2:41:74:93:
                    57:83:6d:da:40:24:fa:53:df:7c:5f:0c:1c:a4:64:
                    e1:a8:f1:99:c4:f0:74:60:f0:48:a5:30:f6:3f:b5:
                    65:0d:6f:88:a0:b1:49:90:ab:dc:43:2c:bc:e4:6f:
                    51:4f:8d:89:84:4c:e1:4d:ba:0a:a1:3f:76:40:fa:
                    8e:69:da:a3:84:d8:7d:57:6f:f9:7a:78:47:0a:57:
                    bc:cd:12:71:3e:a6:00:32:bc:a7:be:6c:42:78:b9:
                    10:2b:69:8c:c3:1e:d8:3c:0d:03:a4:89:13:de:fa:
                    2e:67:ff:0b:41:bf:2c:0c:70:67:a8:8d:fe:8a:05:
                    5a:5f:8e:7c:37:2b:84:09:fe:06:31:2d:9a:9f:d6:
                    fc:d8:5b:0a:e7:3f:07:79:63:5c:bd:1b:6a:e3:60:
                    96:e3:52:2b:14:28:7c:aa:c7:de:90:28:4e:0b:c9:
                    96:9e:bd:e1:85:11:d2:62:27:e0:af:54:b0:74:d2:
                    76:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:AF:85:98:D9:74:D6:F9:AB:1C:99:10:90:95:F6:76:25:48:5F:3D
            X509v3 Authority Key Identifier:
                keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:78:71:5a:e6:c3:0a:2b:97:8d:33:2c:be:2b:66:28:31:60:
         51:0c:d3:e6:95:ea:b1:49:29:cf:61:cb:92:14:8e:cc:7a:0f:
         c1:b1:1d:f0:06:9c:8a:fc:8c:b1:25:b3:ee:01:15:7c:41:55:
         fc:c5:2c:93:42:9a:59:26:13:68:f0:3f:a8:dc:ba:cf:39:bb:
         eb:19:cc:cf:ab:91:e2:17:ac:32:08:42:8c:ae:10:d4:e3:9d:
         ef:90:ef:73:d5:9d:20:c1:1f:d9:cf:bc:2d:6a:2a:ae:d2:30:
         c6:11:9f:c3:88:79:7c:21:52:c6:fa:d2:06:8f:e0:8d:a8:dd:
         61:97:3e:e6:e1:88:6a:fb:fb:63:aa:7d:ee:c5:3d:bd:d0:46:
         04:52:bc:4b:ca:13:d7:ee:a9:88:a6:f5:79:00:9c:6b:27:79:
         5e:a0:eb:ae:84:c1:18:06:6e:54:27:5d:d7:9a:9a:c2:a4:96:
         e8:1f:9d:b9:ab:6f:bb:fc:43:f9:2e:4a:a1:bd:0e:d7:6d:e4:
         9f:36:5c:99:f9:6b:6f:e5:4d:a7:09:83:61:d7:e7:aa:c8:5a:
         af:56:62:06:04:73:41:0b:c0:71:a7:33:54:61:73:db:7e:74:
         69:6e:6b:a1:10:f3:a9:b2:8b:f1:aa:06:09:99:6f:5d:8e:c1:
         5f:cc:c3:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYrfZ0/nZJDan50uL1bPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx
YzkyNTkwHhcNMjUxMTA0MTUwMTAwWhcNMjUxMTA1MTUwMTAwWjAzMTEwLwYDVQQD
Eyg5ZGFmODU5OGQ5NzRkNmY5YWIxYzk5MTA5MDk1ZjY3NjI1NDg1ZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKUG2nMwITn0x9AyLPRqZ6c4D0wZ
wGZ8zx7hT+kuUHqV0fl/jTqIilEmcrppdchEr+DvX7vo0POISNYTZxp90L9wByR9
F/JBdJNXg23aQCT6U998XwwcpGThqPGZxPB0YPBIpTD2P7VlDW+IoLFJkKvcQyy8
5G9RT42JhEzhTboKoT92QPqOadqjhNh9V2/5enhHCle8zRJxPqYAMrynvmxCeLkQ
K2mMwx7YPA0DpIkT3vouZ/8LQb8sDHBnqI3+igVaX458NyuECf4GMS2an9b82FsK
5z8HeWNcvRtq42CW41IrFCh8qsfekChOC8mWnr3hhRHSYifgr1SwdNJ28QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2vhZjZdNb5qxyZEJCV9nYlSF89MB8GA1UdIwQY
MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt
NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx
LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY3hxWubD
CiuXjTMsvitmKDFgUQzT5pXqsUkpz2HLkhSOzHoPwbEd8AacivyMsSWz7gEVfEFV
/MUsk0KaWSYTaPA/qNy6zzm76xnMz6uR4hesMghCjK4Q1OOd75Dvc9WdIMEf2c+8
LWoqrtIwxhGfw4h5fCFSxvrSBo/gjajdYZc+5uGIavv7Y6p97sU9vdBGBFK8S8oT
1+6piKb1eQCcayd5XqDrroTBGAZuVCdd15qawqSW6B+duatvu/xD+S5Kob0O123k
nzZcmflrb+VNpwmDYdfnqshar1ZiBgRzQQvAcaczVGFz2350aW5roRDzqbKL8aoG
CZlvXY7BX8zDCA==
-----END CERTIFICATE-----