Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
File:                     D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft (raw, json)
Hash identifier:          p7aP2AlabCV8IwjiHT43O9WX7/ZcTSeQE/o5jbYhrG0=
Subject key identifier:   9F:93:00:4E:63:99:69:4A:1A:21:41:CE:6D:16:5E:F7:0C:4D:78:90
Authority key identifier: 0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB
Certificate issuer:       /CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
Certificate serial:       019A52D1C38BBE5B8D41FEB8EBCA799E5EFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
Manifest number:          0C1A
Signing time:             Wed 05 Nov 2025 07:01:09 +0000
Manifest this update:     Wed 05 Nov 2025 07:01:09 +0000
Manifest next update:     Thu 06 Nov 2025 07:01:09 +0000
Files and hashes:         1: D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl (hash: 9ZXqOogou5DmERcrzJMsLlh5bPxbycE5C5074aIIZvI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:c3:8b:be:5b:8d:41:fe:b8:eb:ca:79:9e:5e:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
        Validity
            Not Before: Nov  5 07:01:09 2025 GMT
            Not After : Nov  6 07:01:09 2025 GMT
        Subject: CN=9f93004e6399694a1a2141ce6d165ef70c4d7890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:8e:1b:86:b9:b4:5b:c3:61:41:44:a0:b3:34:
                    f1:3a:c8:92:f5:ba:ff:06:81:3a:67:9e:7e:a0:19:
                    a2:ef:70:a5:35:3d:08:76:c9:b1:92:fc:34:bf:4a:
                    9b:4e:86:2f:7f:55:c6:47:34:58:8e:95:ee:ba:51:
                    e2:0e:ff:46:35:67:50:66:9d:ff:eb:81:f5:ec:4b:
                    d1:3a:bb:99:46:b9:b1:a3:55:9e:2e:f5:7d:bf:73:
                    81:7f:36:b2:2d:47:b6:7d:5b:f0:d9:47:2a:cf:18:
                    82:ed:d7:aa:72:94:86:9a:76:c3:6d:98:eb:62:23:
                    e0:a0:31:50:f4:32:b7:ea:1e:a5:52:99:11:af:ac:
                    ac:ff:f1:a5:6f:f6:ff:05:6d:29:85:d9:07:4f:3f:
                    64:45:97:b9:fc:90:fc:50:61:42:d8:01:54:75:25:
                    9a:76:a2:8d:a2:cd:af:c8:7d:43:12:b6:9a:13:3f:
                    dc:97:ea:fb:32:b5:21:c2:17:ec:7c:5c:30:e1:87:
                    8e:13:c4:ae:03:c4:04:5f:93:d7:57:bf:f0:e1:6a:
                    55:0b:e7:87:f9:33:a5:72:f3:21:35:aa:8a:e3:fe:
                    d5:96:f2:a7:1e:f5:06:08:31:d2:c4:7a:34:42:e6:
                    21:dd:92:b1:ce:7c:c5:39:51:70:42:5e:c8:0a:45:
                    e8:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:93:00:4E:63:99:69:4A:1A:21:41:CE:6D:16:5E:F7:0C:4D:78:90
            X509v3 Authority Key Identifier:
                keyid:0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:f1:13:77:53:2e:e8:d4:e7:d7:e8:12:eb:de:96:7e:72:b3:
         a7:d6:09:e2:ee:b9:96:32:9d:70:4a:c9:f3:37:03:fb:d8:61:
         0f:42:ee:bf:c7:ce:29:2f:74:d6:8c:38:f0:f9:90:4d:da:44:
         55:17:fb:ec:91:e8:5e:d2:0a:5b:a0:74:1a:fe:5c:0a:b5:1a:
         8f:20:43:19:22:e0:b8:22:b6:a3:c9:ef:29:8d:97:3a:39:31:
         64:c5:3c:b5:12:ee:48:97:29:a6:8b:44:93:1e:93:09:b3:46:
         94:70:27:89:d1:60:83:34:1c:0f:12:a3:dc:ff:bb:7a:60:c3:
         49:c4:fa:8f:b0:e1:09:aa:1e:60:95:a0:92:f3:b8:a2:4d:6e:
         41:89:aa:34:10:ee:0c:8a:f4:0b:ac:3e:73:58:f9:48:c3:a2:
         56:b7:64:ab:79:34:94:42:12:d3:b0:7b:3c:d9:7a:6d:0b:b9:
         ba:2e:1d:3f:c7:8e:85:a8:46:14:2d:4a:8a:72:71:50:e2:4b:
         d4:d5:30:d1:c3:02:a6:80:b2:0e:67:39:ff:9c:4c:1a:b2:46:
         5c:c7:af:6a:2b:64:32:cd:ca:f1:a9:35:5e:ce:09:06:13:f9:
         c5:dd:34:c2:3d:a7:44:c2:1d:0c:cf:b8:4e:72:ae:c9:51:e0:
         b7:02:00:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0cOLvluNQf6468p5nl7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDljNDlhNzVjZjZlMjQ4YzliNTFjNzA1NGRiMmY4ZDlk
Y2VkY2IwHhcNMjUxMTA1MDcwMTA5WhcNMjUxMTA2MDcwMTA5WjAzMTEwLwYDVQQD
Eyg5ZjkzMDA0ZTYzOTk2OTRhMWEyMTQxY2U2ZDE2NWVmNzBjNGQ3ODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo4bhrm0W8NhQUSgszTxOsiS9br/
BoE6Z55+oBmi73ClNT0Idsmxkvw0v0qbToYvf1XGRzRYjpXuulHiDv9GNWdQZp3/
64H17EvROruZRrmxo1WeLvV9v3OBfzayLUe2fVvw2UcqzxiC7deqcpSGmnbDbZjr
YiPgoDFQ9DK36h6lUpkRr6ys//Glb/b/BW0phdkHTz9kRZe5/JD8UGFC2AFUdSWa
dqKNos2vyH1DEraaEz/cl+r7MrUhwhfsfFww4YeOE8SuA8QEX5PXV7/w4WpVC+eH
+TOlcvMhNaqK4/7VlvKnHvUGCDHSxHo0QuYh3ZKxznzFOVFwQl7ICkXonwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+TAE5jmWlKGiFBzm0WXvcMTXiQMB8GA1UdIwQY
MBaAFA9JxJp1z24kjJtRxwVNsvjZ3O3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYt
ZDgwMDc3ZTEyYjVkLzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYtZDgwMDc3ZTEyYjVk
LzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGPETd1Mu
6NTn1+gS696WfnKzp9YJ4u65ljKdcErJ8zcD+9hhD0Luv8fOKS901ow48PmQTdpE
VRf77JHoXtIKW6B0Gv5cCrUajyBDGSLguCK2o8nvKY2XOjkxZMU8tRLuSJcppotE
kx6TCbNGlHAnidFggzQcDxKj3P+7emDDScT6j7DhCaoeYJWgkvO4ok1uQYmqNBDu
DIr0C6w+c1j5SMOiVrdkq3k0lEIS07B7PNl6bQu5ui4dP8eOhahGFC1KinJxUOJL
1NUw0cMCpoCyDmc5/5xMGrJGXMevaitkMs3K8ak1Xs4JBhP5xd00wj2nRMIdDM+4
TnKuyVHgtwIAaQ==
-----END CERTIFICATE-----