Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
File:                     76psy3hXNGAC5rvEmPiLnobfGAY.mft (raw, json)
Hash identifier:          rL6s+BHErAiEi1ZxmYI3JzC3B1mXDSb5SlED1MopH5U=
Subject key identifier:   9E:17:78:8B:5D:FA:5E:3A:AE:AE:A5:0A:FF:03:22:82:49:39:2E:52
Authority key identifier: EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06
Certificate issuer:       /CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
Certificate serial:       019A4F2B6C4AD85ACCF2B763D839B82F0DBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
Manifest number:          04CF
Signing time:             Tue 04 Nov 2025 14:00:37 +0000
Manifest this update:     Tue 04 Nov 2025 14:00:37 +0000
Manifest next update:     Wed 05 Nov 2025 14:00:37 +0000
Files and hashes:         1: 76psy3hXNGAC5rvEmPiLnobfGAY.crl (hash: Vg03OSYDQ3Dp/hP2nqqjbN4q8kX6Rb8Kejnp25vygUs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:2b:6c:4a:d8:5a:cc:f2:b7:63:d8:39:b8:2f:0d:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
        Validity
            Not Before: Nov  4 14:00:37 2025 GMT
            Not After : Nov  5 14:00:37 2025 GMT
        Subject: CN=9e17788b5dfa5e3aaeaea50aff03228249392e52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:fc:0a:27:a1:b0:83:2f:61:1d:9c:18:e3:f3:
                    f3:1d:f2:2b:87:6c:9f:dd:eb:85:a4:44:9e:bb:05:
                    ee:0c:dc:ad:5a:84:f4:0c:61:13:f2:51:e5:7d:3d:
                    ff:22:88:06:0f:a3:03:37:64:0d:9b:e9:e7:99:69:
                    f7:53:d5:85:3d:dc:6f:c9:4d:77:89:9c:3d:b9:fa:
                    ed:a2:02:de:86:7c:6d:04:ae:b3:3c:48:86:22:8e:
                    cf:f1:2b:af:62:f6:47:a8:bb:72:9e:d1:ff:db:19:
                    e6:e7:90:bb:32:ef:76:1b:4d:ae:9f:3c:b7:53:ac:
                    96:65:d5:b1:6c:00:2d:62:0a:01:cf:a7:85:9f:9c:
                    84:af:f9:43:94:f5:ea:6b:94:08:99:eb:10:b5:88:
                    9c:be:cb:06:aa:26:85:bd:83:77:61:fe:b2:22:7c:
                    8a:19:d5:1f:5a:17:b8:a1:a2:4b:93:06:a5:85:a4:
                    f6:21:2d:d0:22:8b:be:ed:e1:55:39:14:de:b4:3d:
                    31:af:29:a7:b4:26:0d:1f:84:6e:3a:29:d3:36:71:
                    9e:70:ca:c8:9d:47:5b:dc:ae:79:77:74:36:d6:af:
                    2c:78:97:77:b5:2b:c8:4c:5a:3e:bb:a7:45:8c:24:
                    d5:49:85:82:97:a9:40:9a:12:c1:0e:bf:f9:82:87:
                    94:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:17:78:8B:5D:FA:5E:3A:AE:AE:A5:0A:FF:03:22:82:49:39:2E:52
            X509v3 Authority Key Identifier:
                keyid:EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:62:d0:73:17:b7:94:e0:5b:ba:38:1d:e7:ce:5a:df:1c:4a:
         7f:1c:cd:1b:04:d4:d4:54:31:d9:9e:22:43:de:3b:3a:67:dd:
         34:16:34:b9:93:c3:27:04:60:33:70:18:7e:e3:1d:f9:e7:0e:
         72:00:57:d5:2e:f5:86:05:4d:3f:72:02:9d:9b:d9:94:aa:bf:
         01:67:67:10:ab:5c:9c:2f:fa:bd:98:b5:d4:95:1b:76:48:3f:
         27:9c:f4:10:97:7f:be:5f:57:13:84:6d:4b:dd:3b:d2:3d:d5:
         06:3c:c0:cb:a3:37:20:70:d1:54:18:d0:d2:3c:ea:49:ef:44:
         76:f8:43:53:60:f4:f1:46:7a:ec:6f:40:0c:ee:2d:d4:e7:68:
         07:96:98:1c:5d:49:95:a0:84:db:df:0b:88:9a:cd:fd:b8:e9:
         82:ae:23:5a:a2:3d:40:89:7b:b6:c0:c7:34:3f:6f:3e:21:3f:
         bb:fe:83:11:a8:f6:65:56:b5:3c:fb:a0:03:78:ed:f8:52:3f:
         9c:6d:d2:2b:69:87:37:fa:2b:a9:bd:44:69:1f:3b:b6:03:bb:
         d7:11:63:06:45:cb:29:d6:04:f4:36:51:c9:df:cc:80:59:b3:
         3b:b0:3e:0a:29:fd:c1:b4:65:c5:59:5c:2e:af:34:61:d2:98:
         99:fb:14:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPK2xK2FrM8rdj2Dm4Lw27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYWE2Y2NiNzg1NzM0NjAwMmU2YmJjNDk4Zjg4YjllODZk
ZjE4MDYwHhcNMjUxMTA0MTQwMDM3WhcNMjUxMTA1MTQwMDM3WjAzMTEwLwYDVQQD
Eyg5ZTE3Nzg4YjVkZmE1ZTNhYWVhZWE1MGFmZjAzMjI4MjQ5MzkyZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvwKJ6Gwgy9hHZwY4/PzHfIrh2yf
3euFpESeuwXuDNytWoT0DGET8lHlfT3/IogGD6MDN2QNm+nnmWn3U9WFPdxvyU13
iZw9ufrtogLehnxtBK6zPEiGIo7P8SuvYvZHqLtyntH/2xnm55C7Mu92G02unzy3
U6yWZdWxbAAtYgoBz6eFn5yEr/lDlPXqa5QImesQtYicvssGqiaFvYN3Yf6yInyK
GdUfWhe4oaJLkwalhaT2IS3QIou+7eFVORTetD0xrymntCYNH4RuOinTNnGecMrI
nUdb3K55d3Q21q8seJd3tSvITFo+u6dFjCTVSYWCl6lAmhLBDr/5goeU1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4XeItd+l46rq6lCv8DIoJJOS5SMB8GA1UdIwQY
MBaAFO+qbMt4VzRgAua7xJj4i56G3xgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGIt
ZDgyMGY2NWNlZDgxLzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGItZDgyMGY2NWNlZDgx
LzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEGLQcxe3
lOBbujgd585a3xxKfxzNGwTU1FQx2Z4iQ947OmfdNBY0uZPDJwRgM3AYfuMd+ecO
cgBX1S71hgVNP3ICnZvZlKq/AWdnEKtcnC/6vZi11JUbdkg/J5z0EJd/vl9XE4Rt
S9070j3VBjzAy6M3IHDRVBjQ0jzqSe9EdvhDU2D08UZ67G9ADO4t1OdoB5aYHF1J
laCE298LiJrN/bjpgq4jWqI9QIl7tsDHND9vPiE/u/6DEaj2ZVa1PPugA3jt+FI/
nG3SK2mHN/orqb1EaR87tgO71xFjBkXLKdYE9DZRyd/MgFmzO7A+Cin9wbRlxVlc
Lq80YdKYmfsUIg==
-----END CERTIFICATE-----