Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          wOOLvT3MukA3FXzAS8wbq7MFxHNWxGU4avOAAFq827w=
Subject key identifier:   1E:2C:96:69:CB:F8:E0:2E:ED:AB:A5:73:4E:21:43:6E:EA:33:74:A2
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       019A4FD00ABE8D09278DE00033F94AE579B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          0425
Signing time:             Tue 04 Nov 2025 17:00:25 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:25 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:25 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: L45xx/502ziYLNi1DTQTubq3otxGAwhc92fx0laQgxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:d0:0a:be:8d:09:27:8d:e0:00:33:f9:4a:e5:79:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Nov  4 17:00:25 2025 GMT
            Not After : Nov  5 17:00:25 2025 GMT
        Subject: CN=1e2c9669cbf8e02eedaba5734e21436eea3374a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6b:b4:bb:48:6b:b1:49:07:56:4b:6d:06:e8:
                    f2:7b:e1:08:04:2e:03:27:13:cc:be:d3:2b:57:3c:
                    1e:c4:1c:e1:ce:f4:15:46:a2:b3:5e:c6:25:3b:02:
                    02:99:4f:6f:8e:ba:57:a7:26:d9:ab:31:84:7e:ec:
                    c8:df:46:9a:00:0a:7c:37:cf:a1:1c:63:1a:55:71:
                    09:7b:e2:51:3c:84:3f:d7:1e:b1:a7:ef:cd:e2:5c:
                    69:31:8d:34:45:30:69:7f:eb:59:6b:d1:13:08:e0:
                    61:3f:4f:44:a0:c0:a5:d3:74:76:a2:f2:33:c0:4a:
                    b4:ee:66:ef:46:58:3b:96:db:57:51:b5:8e:78:b6:
                    7b:2e:68:68:27:b1:ab:a4:bb:a3:5c:f9:03:5d:2b:
                    7a:59:dc:73:89:e0:c0:5f:4a:21:45:0b:20:29:8e:
                    c1:fd:fc:ef:d2:a8:e9:bb:1d:a6:85:d8:1a:53:75:
                    d2:d4:ff:3b:91:e4:c6:a8:b7:d3:d1:2e:b2:9c:da:
                    ab:be:83:67:b6:62:a5:66:a4:5c:36:70:a5:87:62:
                    b5:81:c3:e5:6e:b8:eb:81:18:e6:fc:9d:16:cd:4e:
                    9e:65:ba:0c:ac:0b:89:1b:ae:28:d7:88:e5:76:37:
                    03:54:f5:78:9b:40:64:c6:dc:4a:e4:17:67:ae:51:
                    bc:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:2C:96:69:CB:F8:E0:2E:ED:AB:A5:73:4E:21:43:6E:EA:33:74:A2
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:91:3f:3b:38:d9:ed:d1:7d:2c:1b:45:01:8a:a7:1c:10:f8:
         eb:8c:d2:f5:b3:7b:de:e3:b8:8b:42:0d:b3:89:1f:ab:02:3b:
         34:21:20:46:d5:f2:e8:ad:6a:06:30:ba:6f:84:42:11:6f:9f:
         ac:d3:5f:5a:2c:89:72:95:80:6b:8d:2c:76:69:ae:42:b2:6f:
         a8:31:7e:da:2a:52:02:62:72:6a:48:ac:36:49:cd:00:79:70:
         cf:b8:66:9a:e4:81:da:41:91:9f:c3:e0:61:0b:a3:d8:d8:19:
         11:2a:0a:29:80:74:bc:52:3b:4d:c9:e9:ea:80:bd:2a:36:22:
         27:ed:19:51:e5:aa:cf:51:a1:3b:f1:fc:d7:81:38:4c:68:56:
         38:d3:6c:78:74:b1:92:7f:f8:05:15:50:ce:83:1f:b8:ae:9b:
         c3:fd:cf:ee:d6:75:9d:6c:46:48:a2:a7:1a:67:81:a9:f5:36:
         54:67:a6:f0:27:f3:ca:84:26:f8:38:37:ba:9d:de:c4:65:94:
         2d:96:76:21:d2:b1:99:35:fe:71:b6:14:2b:30:6b:e5:ca:aa:
         fe:fb:c9:07:52:31:3d:b8:5f:84:c8:bb:0d:f8:36:a0:a5:b2:
         22:25:e7:55:6c:73:e7:12:a2:36:1b:e8:42:90:c1:3c:6c:41:
         de:52:d9:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0Aq+jQknjeAAM/lK5Xm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUxMTA0MTcwMDI1WhcNMjUxMTA1MTcwMDI1WjAzMTEwLwYDVQQD
EygxZTJjOTY2OWNiZjhlMDJlZWRhYmE1NzM0ZTIxNDM2ZWVhMzM3NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2u0u0hrsUkHVkttBujye+EIBC4D
JxPMvtMrVzwexBzhzvQVRqKzXsYlOwICmU9vjrpXpybZqzGEfuzI30aaAAp8N8+h
HGMaVXEJe+JRPIQ/1x6xp+/N4lxpMY00RTBpf+tZa9ETCOBhP09EoMCl03R2ovIz
wEq07mbvRlg7lttXUbWOeLZ7LmhoJ7GrpLujXPkDXSt6WdxzieDAX0ohRQsgKY7B
/fzv0qjpux2mhdgaU3XS1P87keTGqLfT0S6ynNqrvoNntmKlZqRcNnClh2K1gcPl
brjrgRjm/J0WzU6eZboMrAuJG64o14jldjcDVPV4m0BkxtxK5BdnrlG8nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4slmnL+OAu7aulc04hQ27qM3SiMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeJE/OzjZ
7dF9LBtFAYqnHBD464zS9bN73uO4i0INs4kfqwI7NCEgRtXy6K1qBjC6b4RCEW+f
rNNfWiyJcpWAa40sdmmuQrJvqDF+2ipSAmJyakisNknNAHlwz7hmmuSB2kGRn8Pg
YQuj2NgZESoKKYB0vFI7Tcnp6oC9KjYiJ+0ZUeWqz1GhO/H814E4TGhWONNseHSx
kn/4BRVQzoMfuK6bw/3P7tZ1nWxGSKKnGmeBqfU2VGem8CfzyoQm+Dg3up3exGWU
LZZ2IdKxmTX+cbYUKzBr5cqq/vvJB1IxPbhfhMi7Dfg2oKWyIiXnVWxz5xKiNhvo
QpDBPGxB3lLZmQ==
-----END CERTIFICATE-----