Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft
File:                     xGtE1wczJKsoQWNn3gQPDkYzSNE.mft (raw, json)
Hash identifier:          Ap0CRheu7AeFzP7VWEnrNHeWBeflV4UadcnVgJ6G4uA=
Subject key identifier:   FA:DD:68:C4:69:98:78:FD:91:04:2C:2F:4F:CF:8C:82:EF:99:5A:14
Authority key identifier: C4:6B:44:D7:07:33:24:AB:28:41:63:67:DE:04:0F:0E:46:33:48:D1
Certificate issuer:       /CN=c46b44d7073324ab28416367de040f0e463348d1
Certificate serial:       019A4D73F3B5E5D01CD6AA23ED32428F5DE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft
Manifest number:          0F36
Signing time:             Tue 04 Nov 2025 06:00:35 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:35 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:35 +0000
Files and hashes:         1: xGtE1wczJKsoQWNn3gQPDkYzSNE.crl (hash: cgfAB9ABOoyhPeyuycPt3NLPGxEHOFdav902y3ZC32c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:f3:b5:e5:d0:1c:d6:aa:23:ed:32:42:8f:5d:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c46b44d7073324ab28416367de040f0e463348d1
        Validity
            Not Before: Nov  4 06:00:35 2025 GMT
            Not After : Nov  5 06:00:35 2025 GMT
        Subject: CN=fadd68c4699878fd91042c2f4fcf8c82ef995a14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:eb:b4:be:41:99:92:66:d9:1e:b6:d3:81:91:
                    e6:2c:ce:a2:c7:86:0f:82:13:85:cc:55:f5:61:6b:
                    e2:9d:18:9f:07:e6:cc:20:26:19:f1:d1:78:09:e8:
                    eb:e7:93:c5:46:30:d5:d6:7d:77:1d:d0:29:9e:dc:
                    c4:dd:ad:36:4e:0b:33:47:16:22:a1:8f:f4:bf:56:
                    b4:6a:c7:a3:07:0a:86:2a:9c:15:71:1e:cc:a3:f2:
                    b8:a0:3a:98:86:a1:2e:eb:53:6a:7d:04:92:d3:e2:
                    df:25:a5:15:89:09:8b:29:e5:9a:d3:fb:73:ed:29:
                    57:35:02:05:c3:8d:00:35:f8:d7:19:ec:40:ef:3b:
                    ef:88:81:82:31:1c:b6:00:78:6c:fa:c9:5d:81:a7:
                    a2:b7:e2:f2:c9:b0:d4:6f:7b:f2:59:51:06:ec:2b:
                    bc:5e:ba:7e:c9:fb:c7:61:a0:f8:bd:af:49:b6:b5:
                    1e:ee:b7:37:4b:1e:5e:83:6d:8d:68:17:09:8d:c4:
                    c0:a4:42:5c:d1:30:c3:0e:16:fe:1e:0a:e4:4a:0b:
                    5c:28:8c:89:1a:51:2c:8d:42:dd:23:1d:26:fd:48:
                    55:bc:86:14:0c:95:98:6b:f7:68:b2:3f:1b:dc:df:
                    3f:e4:a6:8b:dd:00:b8:e6:25:c5:b1:bc:8f:27:93:
                    8a:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:DD:68:C4:69:98:78:FD:91:04:2C:2F:4F:CF:8C:82:EF:99:5A:14
            X509v3 Authority Key Identifier:
                keyid:C4:6B:44:D7:07:33:24:AB:28:41:63:67:DE:04:0F:0E:46:33:48:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:36:c1:11:3d:5d:9f:04:eb:0c:40:04:90:a6:18:52:bf:f7:
         a8:b3:61:34:ae:8e:7b:a1:a0:41:54:11:f0:77:71:66:d3:99:
         2f:36:b2:84:63:f6:90:ee:25:0a:70:2f:cb:1d:4b:7a:61:6e:
         ab:44:59:50:57:9c:6c:c6:c6:b5:26:72:31:16:2e:e6:f9:5a:
         af:c4:08:6b:ef:2a:1e:0f:f6:1f:d7:30:52:7e:9d:b8:d9:f4:
         13:60:a4:3e:67:11:19:e6:a5:70:26:f0:41:04:f2:d0:60:3e:
         7d:89:4a:88:b3:2f:2c:0d:14:f3:cb:c1:5c:3f:95:fc:3a:9f:
         37:4d:e4:af:1e:9e:59:11:c3:ae:6d:2d:99:29:fb:5c:a0:63:
         14:6f:87:67:dc:dc:ea:24:05:89:60:0b:9a:64:6e:77:09:40:
         b9:cd:fc:ff:00:bf:66:4e:b7:cc:d8:d4:51:99:62:a1:b4:17:
         e0:b4:bd:6f:20:92:57:5a:e9:8f:1c:9a:4f:bb:db:8c:33:0c:
         9f:a2:e7:6c:ce:03:2c:82:80:d8:1e:9c:21:47:5b:35:89:6a:
         99:63:f2:70:d8:8e:57:23:99:62:5f:30:e9:19:cb:ce:08:3d:
         96:8c:5e:57:e5:f7:23:d3:44:2c:60:1c:a4:4c:b0:7a:fa:6e:
         13:95:c2:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc/O15dAc1qoj7TJCj13kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NmI0NGQ3MDczMzI0YWIyODQxNjM2N2RlMDQwZjBlNDYz
MzQ4ZDEwHhcNMjUxMTA0MDYwMDM1WhcNMjUxMTA1MDYwMDM1WjAzMTEwLwYDVQQD
EyhmYWRkNjhjNDY5OTg3OGZkOTEwNDJjMmY0ZmNmOGM4MmVmOTk1YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+u0vkGZkmbZHrbTgZHmLM6ix4YP
ghOFzFX1YWvinRifB+bMICYZ8dF4Cejr55PFRjDV1n13HdApntzE3a02TgszRxYi
oY/0v1a0asejBwqGKpwVcR7Mo/K4oDqYhqEu61NqfQSS0+LfJaUViQmLKeWa0/tz
7SlXNQIFw40ANfjXGexA7zvviIGCMRy2AHhs+sldgaeit+LyybDUb3vyWVEG7Cu8
Xrp+yfvHYaD4va9JtrUe7rc3Sx5eg22NaBcJjcTApEJc0TDDDhb+HgrkSgtcKIyJ
GlEsjULdIx0m/UhVvIYUDJWYa/dosj8b3N8/5KaL3QC45iXFsbyPJ5OKIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrdaMRpmHj9kQQsL0/PjILvmVoUMB8GA1UdIwQY
MBaAFMRrRNcHMySrKEFjZ94EDw5GM0jRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81NDk3NzQtMGI3ZS00Yjg4LTg5ODEt
MWYwYWFjMTQ5NWFjLzEveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81NDk3NzQtMGI3ZS00Yjg4LTg5ODEtMWYwYWFjMTQ5NWFj
LzEveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYzbBET1d
nwTrDEAEkKYYUr/3qLNhNK6Oe6GgQVQR8HdxZtOZLzayhGP2kO4lCnAvyx1LemFu
q0RZUFecbMbGtSZyMRYu5vlar8QIa+8qHg/2H9cwUn6duNn0E2CkPmcRGealcCbw
QQTy0GA+fYlKiLMvLA0U88vBXD+V/DqfN03krx6eWRHDrm0tmSn7XKBjFG+HZ9zc
6iQFiWALmmRudwlAuc38/wC/Zk63zNjUUZliobQX4LS9byCSV1rpjxyaT7vbjDMM
n6LnbM4DLIKA2B6cIUdbNYlqmWPycNiOVyOZYl8w6RnLzgg9loxeV+X3I9NELGAc
pEywevpuE5XCOA==
-----END CERTIFICATE-----