Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
File:                     JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json)
Hash identifier:          hEP1l9RQ31h7CRbHzLNbgDXj90JfoSMOYxe7Ztp6ky8=
Subject key identifier:   0D:2F:18:73:98:2C:3B:BD:A7:59:FA:6D:B9:97:46:7C:D5:91:69:C0
Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27
Certificate issuer:       /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
Certificate serial:       019A5187594B610F109C54A51E52B0E058B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
Manifest number:          08AE
Signing time:             Wed 05 Nov 2025 01:00:15 +0000
Manifest this update:     Wed 05 Nov 2025 01:00:15 +0000
Manifest next update:     Thu 06 Nov 2025 01:00:15 +0000
Files and hashes:         1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: R0MaZTvVmYk/YGvxCon/4Eu6UvPxmvCD9dHYLGa0+lM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:87:59:4b:61:0f:10:9c:54:a5:1e:52:b0:e0:58:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
        Validity
            Not Before: Nov  5 01:00:15 2025 GMT
            Not After : Nov  6 01:00:15 2025 GMT
        Subject: CN=0d2f1873982c3bbda759fa6db997467cd59169c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:44:c2:af:d3:77:04:bb:fe:ab:5c:bc:49:20:
                    cc:f0:ca:13:8d:b5:f2:e4:78:93:7d:44:ad:12:6d:
                    06:c1:76:e2:01:e5:f6:07:54:5b:6d:0c:d1:a5:1f:
                    0b:a1:29:d6:3f:8a:9a:1d:7c:84:17:f1:48:9c:5c:
                    97:5c:73:09:53:52:ee:fc:93:92:77:37:dc:49:26:
                    36:79:d2:94:7d:af:a1:19:9b:7c:75:1c:59:22:a6:
                    8a:21:cb:6f:0e:f9:88:ac:c6:57:b3:53:8b:24:1b:
                    b7:39:cf:c7:c0:30:87:b3:99:97:9b:ca:f3:d5:a2:
                    79:fb:ef:a8:5b:3d:22:6e:cf:77:7a:32:14:6f:ee:
                    09:34:b8:42:30:da:82:4d:67:0d:70:20:8b:1a:0e:
                    c9:8f:b9:f7:c9:2e:42:e8:2b:44:a4:99:24:d6:9b:
                    47:55:0e:b7:c5:40:d8:29:85:98:52:00:78:86:db:
                    4d:50:e3:c3:05:f4:1a:30:c4:44:a8:54:01:c9:37:
                    2e:c4:e7:df:7a:4a:9e:5b:78:a1:40:95:ff:6f:71:
                    7d:2d:9a:1d:d3:88:b4:fa:ec:95:e6:56:7f:10:7d:
                    78:b5:f5:d7:af:1c:06:0a:e7:ca:83:ff:92:99:0a:
                    8d:47:7d:79:dd:48:04:81:73:a1:50:1d:c0:80:44:
                    08:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:2F:18:73:98:2C:3B:BD:A7:59:FA:6D:B9:97:46:7C:D5:91:69:C0
            X509v3 Authority Key Identifier:
                keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:a8:d2:bc:9d:02:e8:1d:2c:bf:02:2b:86:fd:57:3a:53:61:
         04:ba:fa:5d:83:c9:f1:ea:5d:bd:e5:7b:e9:ef:70:35:6c:2b:
         6a:c3:58:45:1d:3a:39:d0:a0:9e:c7:cc:ed:84:2a:95:cb:92:
         ff:b9:c2:86:3d:51:88:94:bf:9f:a7:a8:92:35:4c:91:b4:1a:
         f9:0c:b5:45:2d:00:d0:ec:b0:4b:27:9d:ac:ee:a0:5c:d6:68:
         4f:89:c3:c4:63:8e:73:10:38:df:7b:c1:03:2f:ac:5f:a2:18:
         ee:5f:6c:18:c7:ec:6a:0f:17:6f:81:67:0a:b5:b0:9d:ce:92:
         24:84:b3:2a:33:41:98:e3:d8:a4:38:25:06:36:c3:e1:b0:91:
         66:79:77:d0:ca:44:3b:9e:d5:3f:d9:e1:ff:1e:f2:91:53:78:
         44:81:d2:53:54:e2:85:5d:ce:2c:b1:4f:d5:38:24:5a:b4:44:
         72:f8:14:fa:bf:0e:54:af:b6:ed:5f:2c:9d:67:f2:27:a3:7a:
         30:0f:05:d3:f4:67:36:4a:c9:3c:fd:41:2f:f1:3d:48:a2:c7:
         dd:f3:fa:b2:7b:c8:89:13:47:b1:d0:05:54:29:61:0f:78:db:
         05:3f:86:39:21:e2:f5:8e:9c:6f:90:f2:6a:62:70:4b:27:e5:
         6d:31:5b:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh1lLYQ8QnFSlHlKw4FiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh
N2JkMjcwHhcNMjUxMTA1MDEwMDE1WhcNMjUxMTA2MDEwMDE1WjAzMTEwLwYDVQQD
EygwZDJmMTg3Mzk4MmMzYmJkYTc1OWZhNmRiOTk3NDY3Y2Q1OTE2OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoETCr9N3BLv+q1y8SSDM8MoTjbXy
5HiTfUStEm0GwXbiAeX2B1RbbQzRpR8LoSnWP4qaHXyEF/FInFyXXHMJU1Lu/JOS
dzfcSSY2edKUfa+hGZt8dRxZIqaKIctvDvmIrMZXs1OLJBu3Oc/HwDCHs5mXm8rz
1aJ5+++oWz0ibs93ejIUb+4JNLhCMNqCTWcNcCCLGg7Jj7n3yS5C6CtEpJkk1ptH
VQ63xUDYKYWYUgB4httNUOPDBfQaMMREqFQByTcuxOffekqeW3ihQJX/b3F9LZod
04i0+uyV5lZ/EH14tfXXrxwGCufKg/+SmQqNR3153UgEgXOhUB3AgEQITwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0vGHOYLDu9p1n6bbmXRnzVkWnAMB8GA1UdIwQY
MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt
MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk
LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX6jSvJ0C
6B0svwIrhv1XOlNhBLr6XYPJ8epdveV76e9wNWwrasNYRR06OdCgnsfM7YQqlcuS
/7nChj1RiJS/n6eokjVMkbQa+Qy1RS0A0OywSyedrO6gXNZoT4nDxGOOcxA433vB
Ay+sX6IY7l9sGMfsag8Xb4FnCrWwnc6SJISzKjNBmOPYpDglBjbD4bCRZnl30MpE
O57VP9nh/x7ykVN4RIHSU1TihV3OLLFP1TgkWrREcvgU+r8OVK+27V8snWfyJ6N6
MA8F0/RnNkrJPP1BL/E9SKLH3fP6snvIiRNHsdAFVClhD3jbBT+GOSHi9Y6cb5Dy
amJwSyflbTFb/w==
-----END CERTIFICATE-----