Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
File:                     j31CCyNDzZHsI_UImoNC6J1tkWU.mft (raw, json)
Hash identifier:          uOvFMhDo8N7saQqVGJHxIUOwWehUFVQSEte2lPLMnBs=
Subject key identifier:   8A:E6:06:7F:BD:AD:96:DE:62:25:5C:74:49:7A:7D:A3:41:38:95:B2
Authority key identifier: 8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65
Certificate issuer:       /CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
Certificate serial:       019A4EF52F2C9A8F83A1484702645A263956
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
Manifest number:          1073
Signing time:             Tue 04 Nov 2025 13:01:22 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:22 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:22 +0000
Files and hashes:         1: j31CCyNDzZHsI_UImoNC6J1tkWU.crl (hash: WmG8pCmq3mg4iC2ji6feT1yY48VCkwdIB8yVIP6oXgE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:2f:2c:9a:8f:83:a1:48:47:02:64:5a:26:39:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
        Validity
            Not Before: Nov  4 13:01:22 2025 GMT
            Not After : Nov  5 13:01:22 2025 GMT
        Subject: CN=8ae6067fbdad96de62255c74497a7da3413895b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f1:d0:e5:52:fd:e1:3c:2c:38:fd:34:8e:f4:
                    d8:d1:5e:44:0e:de:e1:fd:85:f5:ab:24:a0:d8:81:
                    04:fd:19:11:99:e2:f7:72:b0:5e:3f:20:4f:cb:4f:
                    16:f4:4e:1f:c1:ad:50:cb:14:ef:4e:e9:48:bc:ee:
                    d3:e3:2c:1a:ce:f4:6f:58:ef:f3:b4:ae:ca:45:b4:
                    a4:23:2d:ae:86:73:ca:11:a9:cc:75:a9:de:87:a2:
                    c7:e6:d2:da:18:5e:23:04:62:21:26:56:b2:18:03:
                    bc:dd:4a:c7:62:6f:63:77:14:64:70:7b:37:52:24:
                    57:52:b2:5a:0c:01:bb:22:0f:87:7e:96:5a:e5:10:
                    3f:b9:e1:b1:d6:18:6e:d2:6a:10:9f:40:bf:d1:7e:
                    6e:54:c6:48:5e:f4:70:be:6e:7c:87:d5:20:7e:80:
                    bf:de:20:e9:0c:35:1a:41:81:8a:f0:9f:54:6e:14:
                    08:f9:e0:24:c6:51:45:75:3e:2e:54:fe:b6:d3:61:
                    dc:63:ad:72:de:06:1d:19:5f:af:ae:b6:0b:61:65:
                    d7:cb:21:8c:f1:6a:6a:54:c2:ed:03:e6:72:c2:50:
                    96:4b:9b:36:01:a3:dc:20:c8:70:ec:bc:70:62:f6:
                    41:11:5b:71:ef:30:14:b6:68:e7:bb:1c:60:8c:32:
                    f0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:E6:06:7F:BD:AD:96:DE:62:25:5C:74:49:7A:7D:A3:41:38:95:B2
            X509v3 Authority Key Identifier:
                keyid:8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:fd:8b:6b:5e:09:33:73:48:22:27:71:78:87:35:57:00:00:
         09:f6:39:ca:69:fd:27:17:9a:76:b1:c1:62:ec:1d:18:d3:13:
         c8:14:80:d5:02:cf:ce:47:7c:ea:b5:ac:1b:d1:ab:1f:c1:48:
         07:2e:fe:c4:53:b0:80:1b:e0:c2:38:9b:33:c9:66:e5:e6:26:
         55:53:98:8d:29:6a:39:22:c9:6d:7f:2d:9a:72:dd:c6:8a:1d:
         b8:ed:f2:49:b5:14:1d:0b:b8:9b:2e:75:ad:ad:02:8d:45:b7:
         2b:a0:4d:6a:fc:f4:bf:79:f9:e5:21:79:f6:1c:12:f8:a3:81:
         72:93:9e:9d:f5:37:28:7f:a3:65:41:6f:bc:3a:8d:25:d5:b7:
         81:df:d8:67:85:ea:68:02:3e:1c:25:11:57:29:29:68:d4:bf:
         d5:bc:f2:a4:ac:c0:d5:6e:2a:bd:09:d3:3f:f0:0f:73:65:b5:
         c3:1b:25:5b:ee:48:14:4d:a4:80:83:87:d3:e0:21:e5:33:65:
         22:aa:7f:03:91:ac:0a:5d:6f:9c:9e:e2:03:b8:e4:ef:c5:9d:
         11:93:fb:d2:de:e3:65:44:d1:ad:4b:1a:b5:ae:71:2b:9c:49:
         5f:6f:a3:b6:bb:28:d4:1f:6e:c2:5a:41:64:96:b8:ad:2b:50:
         9b:38:ba:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9S8smo+DoUhHAmRaJjlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Q0MjBiMjM0M2NkOTFlYzIzZjUwODlhODM0MmU4OWQ2
ZDkxNjUwHhcNMjUxMTA0MTMwMTIyWhcNMjUxMTA1MTMwMTIyWjAzMTEwLwYDVQQD
Eyg4YWU2MDY3ZmJkYWQ5NmRlNjIyNTVjNzQ0OTdhN2RhMzQxMzg5NWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfHQ5VL94TwsOP00jvTY0V5EDt7h
/YX1qySg2IEE/RkRmeL3crBePyBPy08W9E4fwa1QyxTvTulIvO7T4ywazvRvWO/z
tK7KRbSkIy2uhnPKEanMdaneh6LH5tLaGF4jBGIhJlayGAO83UrHYm9jdxRkcHs3
UiRXUrJaDAG7Ig+HfpZa5RA/ueGx1hhu0moQn0C/0X5uVMZIXvRwvm58h9UgfoC/
3iDpDDUaQYGK8J9UbhQI+eAkxlFFdT4uVP6202HcY61y3gYdGV+vrrYLYWXXyyGM
8WpqVMLtA+ZywlCWS5s2AaPcIMhw7LxwYvZBEVtx7zAUtmjnuxxgjDLwWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrmBn+9rZbeYiVcdEl6faNBOJWyMB8GA1UdIwQY
MBaAFI99QgsjQ82R7CP1CJqDQuidbZFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEt
YzVlMTcyMmEwYzY4LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEtYzVlMTcyMmEwYzY4
LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0P2La14J
M3NIIidxeIc1VwAACfY5ymn9JxeadrHBYuwdGNMTyBSA1QLPzkd86rWsG9GrH8FI
By7+xFOwgBvgwjibM8lm5eYmVVOYjSlqOSLJbX8tmnLdxooduO3ySbUUHQu4my51
ra0CjUW3K6BNavz0v3n55SF59hwS+KOBcpOenfU3KH+jZUFvvDqNJdW3gd/YZ4Xq
aAI+HCURVykpaNS/1bzypKzA1W4qvQnTP/APc2W1wxslW+5IFE2kgIOH0+Ah5TNl
Iqp/A5GsCl1vnJ7iA7jk78WdEZP70t7jZUTRrUsata5xK5xJX2+jtrso1B9uwlpB
ZJa4rStQmzi6RA==
-----END CERTIFICATE-----