Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
File:                     vFxHuPnkKkkot2dDFqcap21AHjw.mft (raw, json)
Hash identifier:          zHEnStXkARtBUWDDX1gviitOrpCN0Q5ZuqBR6uCWz+w=
Subject key identifier:   85:D1:FF:84:6B:73:20:71:8A:58:2E:25:74:5E:83:25:8F:17:B5:13
Authority key identifier: BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C
Certificate issuer:       /CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
Certificate serial:       019A4EF52708B4C08A346B1E3D81A8836354
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
Manifest number:          0C9E
Signing time:             Tue 04 Nov 2025 13:01:20 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:20 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:20 +0000
Files and hashes:         1: vFxHuPnkKkkot2dDFqcap21AHjw.crl (hash: 2cqpBpV3rfw0EEnl2RXuY6fbPNEdhpOxI+r/o4U3d8M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:27:08:b4:c0:8a:34:6b:1e:3d:81:a8:83:63:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
        Validity
            Not Before: Nov  4 13:01:20 2025 GMT
            Not After : Nov  5 13:01:20 2025 GMT
        Subject: CN=85d1ff846b7320718a582e25745e83258f17b513
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b2:6d:95:8d:39:89:73:b9:a8:8f:7e:0f:b6:
                    43:dd:a9:59:2f:d2:e3:e4:d5:44:d6:fc:6f:c1:c3:
                    d7:80:d5:d5:f4:84:b2:87:75:c4:ca:22:35:30:51:
                    1a:7f:93:5a:e9:20:68:d3:cc:9a:73:20:c7:2c:83:
                    88:ab:b4:56:e4:d6:87:56:b2:7a:0b:38:17:8a:2f:
                    39:3e:3c:ac:9a:df:08:34:9c:55:ac:e2:88:13:52:
                    a4:ab:63:b4:81:06:44:75:3f:0b:b4:44:43:b3:61:
                    60:a2:87:04:fa:f1:fa:76:41:81:e0:3e:ef:82:a7:
                    93:a2:b6:b3:ea:7a:74:8c:8f:8b:e9:4c:aa:79:bb:
                    a6:da:5d:3f:da:f4:86:3a:41:79:de:75:a6:23:94:
                    cb:b4:8d:97:ed:e0:1f:bf:da:8b:df:83:a4:0a:c3:
                    7a:37:e0:05:04:bf:cd:f8:35:34:cb:1a:f7:1e:a3:
                    b2:16:97:7d:82:48:22:04:c7:54:7b:a9:f4:0c:08:
                    ae:7f:81:c8:17:bb:ee:e8:38:9a:7c:47:d2:fb:1d:
                    f8:51:07:eb:7c:b3:8f:ca:d5:6c:f7:74:f9:5d:ae:
                    21:2f:89:c8:ca:49:4b:58:d8:47:79:87:cd:85:d8:
                    ad:c4:36:52:76:3a:a4:7f:ff:ad:87:4e:77:bd:94:
                    0c:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:D1:FF:84:6B:73:20:71:8A:58:2E:25:74:5E:83:25:8F:17:B5:13
            X509v3 Authority Key Identifier:
                keyid:BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:25:0c:24:36:92:c8:e8:aa:a2:12:02:ba:76:a9:66:76:0b:
         e6:57:7a:e4:c1:a2:a4:c6:ee:58:2a:e4:86:e2:98:e9:93:b1:
         d9:e9:0d:8c:b9:69:ce:60:8a:63:9e:5a:28:aa:a2:f1:a2:f0:
         d2:94:3b:fa:63:ce:9e:df:6a:46:b1:5e:c6:98:3b:1a:f0:a2:
         ed:c3:b1:8c:b5:2e:3e:cb:74:9a:bc:39:77:33:41:f2:7b:f5:
         67:cf:ad:69:ff:47:91:08:24:d0:60:bb:df:1d:62:70:89:f9:
         f0:19:50:ae:b1:a9:63:5b:61:5f:74:7e:02:1e:c6:24:6b:52:
         2b:fc:93:51:c3:d9:dd:c0:50:30:8d:01:fd:18:e2:f3:d5:e0:
         12:08:a6:c5:81:a0:9d:63:de:22:4d:7c:86:a3:78:ab:d0:28:
         9b:31:6f:a6:00:0b:75:e8:bb:a8:79:93:e4:c4:e9:7b:b0:ad:
         e5:04:36:2a:f5:39:54:46:2a:86:40:d9:e5:87:fb:59:dc:42:
         93:ea:21:22:9c:70:a8:fb:25:0f:70:7e:35:2c:66:8b:07:8b:
         30:b0:77:26:98:b3:15:b3:2b:07:54:e3:13:ce:b0:98:93:ba:
         2b:4c:67:ae:ae:e7:6a:48:bd:35:9b:4e:2f:b6:b8:70:03:62:
         cf:ac:8c:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9ScItMCKNGsePYGog2NUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNWM0N2I4ZjllNDJhNDkyOGI3Njc0MzE2YTcxYWE3NmQ0
MDFlM2MwHhcNMjUxMTA0MTMwMTIwWhcNMjUxMTA1MTMwMTIwWjAzMTEwLwYDVQQD
Eyg4NWQxZmY4NDZiNzMyMDcxOGE1ODJlMjU3NDVlODMyNThmMTdiNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbJtlY05iXO5qI9+D7ZD3alZL9Lj
5NVE1vxvwcPXgNXV9ISyh3XEyiI1MFEaf5Na6SBo08yacyDHLIOIq7RW5NaHVrJ6
CzgXii85Pjysmt8INJxVrOKIE1Kkq2O0gQZEdT8LtERDs2FgoocE+vH6dkGB4D7v
gqeToraz6np0jI+L6Uyqebum2l0/2vSGOkF53nWmI5TLtI2X7eAfv9qL34OkCsN6
N+AFBL/N+DU0yxr3HqOyFpd9gkgiBMdUe6n0DAiuf4HIF7vu6DiafEfS+x34UQfr
fLOPytVs93T5Xa4hL4nIyklLWNhHeYfNhditxDZSdjqkf/+th053vZQMswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXR/4RrcyBxilguJXRegyWPF7UTMB8GA1UdIwQY
MBaAFLxcR7j55CpJKLdnQxanGqdtQB48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUt
N2ExOGMxNzkwNzZkLzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUtN2ExOGMxNzkwNzZk
LzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKSUMJDaS
yOiqohICunapZnYL5ld65MGipMbuWCrkhuKY6ZOx2ekNjLlpzmCKY55aKKqi8aLw
0pQ7+mPOnt9qRrFexpg7GvCi7cOxjLUuPst0mrw5dzNB8nv1Z8+taf9HkQgk0GC7
3x1icIn58BlQrrGpY1thX3R+Ah7GJGtSK/yTUcPZ3cBQMI0B/Rji89XgEgimxYGg
nWPeIk18hqN4q9AomzFvpgALdei7qHmT5MTpe7Ct5QQ2KvU5VEYqhkDZ5Yf7WdxC
k+ohIpxwqPslD3B+NSxmiweLMLB3JpizFbMrB1TjE86wmJO6K0xnrq7naki9NZtO
L7a4cANiz6yMvw==
-----END CERTIFICATE-----