Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft
File:                     Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft (raw, json)
Hash identifier:          8bcgqbz17A0u38Sv4coryjJGRsaeJTOTc6OuLqNFbM0=
Subject key identifier:   DF:C3:59:16:30:B9:68:61:D9:E3:00:EC:69:A2:5D:D0:63:86:A7:87
Authority key identifier: 49:BA:74:C8:CB:E1:E2:7F:AC:A5:C6:7E:89:D3:F6:23:C1:F0:9A:5E
Certificate issuer:       /CN=49ba74c8cbe1e27faca5c67e89d3f623c1f09a5e
Certificate serial:       019A4C611A75F670917FD792974AA3EC8480
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sbp0yMvh4n-spcZ-idP2I8Hwml4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft
Manifest number:          11A1
Signing time:             Tue 04 Nov 2025 01:00:23 +0000
Manifest this update:     Tue 04 Nov 2025 01:00:23 +0000
Manifest next update:     Wed 05 Nov 2025 01:00:23 +0000
Files and hashes:         1: Sbp0yMvh4n-spcZ-idP2I8Hwml4.crl (hash: KOjbIkzFTNfry4liQAdK2yD5Q1DKy3xweqxUGuqIvHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sbp0yMvh4n-spcZ-idP2I8Hwml4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 01:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4c:61:1a:75:f6:70:91:7f:d7:92:97:4a:a3:ec:84:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49ba74c8cbe1e27faca5c67e89d3f623c1f09a5e
        Validity
            Not Before: Nov  4 01:00:23 2025 GMT
            Not After : Nov  5 01:00:23 2025 GMT
        Subject: CN=dfc3591630b96861d9e300ec69a25dd06386a787
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:4b:02:19:58:62:b6:fc:80:01:d4:ea:77:8c:
                    85:c0:49:85:01:ff:26:62:34:7c:a7:e3:a9:d2:cd:
                    ee:38:0a:88:18:d1:73:b4:14:05:4b:f6:e1:2e:dd:
                    93:32:b4:98:34:72:b0:f4:8e:04:d0:43:5a:84:20:
                    55:99:16:f4:1d:70:95:30:9f:46:78:a2:58:9c:d5:
                    ef:44:58:d8:46:2f:9e:7d:83:1b:6a:d0:4b:c8:ef:
                    fa:99:37:d4:58:aa:f8:5f:7b:f8:df:3a:e7:b4:c1:
                    9e:65:83:f5:c0:01:fc:00:f1:12:52:1f:b6:f4:87:
                    66:6f:83:a8:4a:83:29:0a:0b:7f:ab:4d:18:e1:8f:
                    c2:28:1e:e3:47:29:29:a9:4c:99:47:7c:e6:d9:69:
                    6d:33:00:54:17:47:45:1f:da:ac:db:e1:cc:dc:c9:
                    be:e9:ed:cd:9e:08:e9:07:76:34:62:a6:ed:90:a4:
                    92:63:fb:86:7a:27:9a:4f:19:8e:5e:5a:1d:5e:26:
                    92:12:eb:6d:f1:e8:96:27:66:9d:92:fb:26:dc:cf:
                    34:c5:96:25:5d:35:a4:eb:f2:6f:52:8c:17:72:f8:
                    36:49:0c:3e:7b:64:b0:ba:a1:2b:8b:c5:47:52:95:
                    cf:50:5f:bb:54:78:53:a2:78:57:83:50:24:a7:96:
                    cd:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:C3:59:16:30:B9:68:61:D9:E3:00:EC:69:A2:5D:D0:63:86:A7:87
            X509v3 Authority Key Identifier:
                keyid:49:BA:74:C8:CB:E1:E2:7F:AC:A5:C6:7E:89:D3:F6:23:C1:F0:9A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sbp0yMvh4n-spcZ-idP2I8Hwml4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:d0:9d:22:90:73:e0:4a:a9:3b:9b:e4:29:cf:24:b5:14:00:
         32:7e:62:b4:60:9f:b2:d0:c1:19:a9:11:9c:f7:0c:22:b7:c7:
         57:c5:0a:2b:57:88:04:b4:c6:aa:b2:15:36:f0:78:6c:b0:e2:
         4c:fe:5a:39:b6:99:60:ab:54:cc:67:34:3f:e6:7e:17:38:11:
         68:e4:25:22:a0:86:80:b1:66:29:1e:97:fe:d0:ea:e0:ff:9d:
         31:a8:78:13:79:f7:aa:5e:87:6f:89:8a:8f:2e:fa:ba:6e:0b:
         c6:9e:92:60:3b:cb:27:f4:ca:bb:4a:ca:a8:29:75:bf:94:c6:
         b6:53:95:c1:ca:fd:ae:95:5b:c0:bb:2d:30:40:f2:ea:78:8c:
         1f:38:41:80:89:7e:4e:cb:62:d4:ca:ce:31:51:5c:e5:79:cc:
         9d:6e:4f:2f:d6:25:70:56:c7:14:27:2d:8e:d9:e9:67:61:9b:
         9a:53:c7:6d:78:d6:ea:f2:12:c9:ff:57:01:4d:9a:dc:e0:9b:
         22:1f:29:5b:c0:9f:a0:6b:3b:a6:12:ba:28:6b:db:bd:17:e7:
         88:54:67:5f:43:9c:04:4a:27:17:d4:dc:74:a0:0e:ab:9e:89:
         f4:54:ff:d0:2a:a1:18:32:78:c3:24:d4:98:57:5d:1e:de:26:
         54:c2:3a:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYRp19nCRf9eSl0qj7ISAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YmE3NGM4Y2JlMWUyN2ZhY2E1YzY3ZTg5ZDNmNjIzYzFm
MDlhNWUwHhcNMjUxMTA0MDEwMDIzWhcNMjUxMTA1MDEwMDIzWjAzMTEwLwYDVQQD
EyhkZmMzNTkxNjMwYjk2ODYxZDllMzAwZWM2OWEyNWRkMDYzODZhNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0sCGVhitvyAAdTqd4yFwEmFAf8m
YjR8p+Op0s3uOAqIGNFztBQFS/bhLt2TMrSYNHKw9I4E0ENahCBVmRb0HXCVMJ9G
eKJYnNXvRFjYRi+efYMbatBLyO/6mTfUWKr4X3v43zrntMGeZYP1wAH8APESUh+2
9Idmb4OoSoMpCgt/q00Y4Y/CKB7jRykpqUyZR3zm2WltMwBUF0dFH9qs2+HM3Mm+
6e3NngjpB3Y0YqbtkKSSY/uGeieaTxmOXlodXiaSEutt8eiWJ2adkvsm3M80xZYl
XTWk6/JvUowXcvg2SQw+e2SwuqEri8VHUpXPUF+7VHhTonhXg1Akp5bNzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/DWRYwuWhh2eMA7GmiXdBjhqeHMB8GA1UdIwQY
MBaAFEm6dMjL4eJ/rKXGfonT9iPB8JpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2JwMHlNdmg0bi1zcGNaLWlkUDJJOEh3bWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9lNzM2ZmEtODFjOC00NzVmLWE3M2Ut
MmJiMGUxYzBlM2VmLzEvU2JwMHlNdmg0bi1zcGNaLWlkUDJJOEh3bWw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9lNzM2ZmEtODFjOC00NzVmLWE3M2UtMmJiMGUxYzBlM2Vm
LzEvU2JwMHlNdmg0bi1zcGNaLWlkUDJJOEh3bWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC9CdIpBz
4EqpO5vkKc8ktRQAMn5itGCfstDBGakRnPcMIrfHV8UKK1eIBLTGqrIVNvB4bLDi
TP5aObaZYKtUzGc0P+Z+FzgRaOQlIqCGgLFmKR6X/tDq4P+dMah4E3n3ql6Hb4mK
jy76um4Lxp6SYDvLJ/TKu0rKqCl1v5TGtlOVwcr9rpVbwLstMEDy6niMHzhBgIl+
Tsti1MrOMVFc5XnMnW5PL9YlcFbHFCctjtnpZ2GbmlPHbXjW6vISyf9XAU2a3OCb
Ih8pW8CfoGs7phK6KGvbvRfniFRnX0OcBEonF9TcdKAOq56J9FT/0CqhGDJ4wyTU
mFddHt4mVMI61w==
-----END CERTIFICATE-----