Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          iG3CSD3z/gdNQPr0RUhjiJuezKWIOfInlrlMvc71W/s=
Subject key identifier:   EC:CF:70:51:5B:70:AC:23:C4:B8:23:ED:91:5F:91:5D:CF:CE:51:85
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       019A4EF55B22EB502E007B8BFC2143D8679C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          0E6D
Signing time:             Tue 04 Nov 2025 13:01:33 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:33 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:33 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: xeQYWc/CCWLIDf/Nfyo7our7eKcWUWW6vtOYNABbGsU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:5b:22:eb:50:2e:00:7b:8b:fc:21:43:d8:67:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Nov  4 13:01:33 2025 GMT
            Not After : Nov  5 13:01:33 2025 GMT
        Subject: CN=eccf70515b70ac23c4b823ed915f915dcfce5185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:cc:1f:44:fd:5c:c0:12:80:b0:e5:29:a6:9b:
                    88:bd:85:d7:5c:11:84:cb:51:73:3c:d7:43:84:84:
                    d2:93:f6:72:25:ba:2b:06:49:44:c9:3f:79:95:9d:
                    da:2f:f8:ae:76:fc:af:6c:b8:6d:35:cc:49:68:13:
                    da:31:dd:e4:fa:06:5f:94:7e:c2:c7:08:07:2c:a6:
                    e7:6a:ff:74:96:40:08:17:08:30:bd:01:1a:50:d9:
                    81:9a:78:06:3d:fb:e7:9b:f7:8b:ef:b6:6f:c0:1f:
                    8b:3f:24:e7:8a:32:7c:82:09:dc:a2:22:dd:25:3c:
                    25:14:d2:7b:48:2b:6f:1a:93:72:13:e8:ed:2c:ec:
                    7a:f6:80:94:b4:03:24:55:3e:12:79:4d:d6:80:66:
                    0a:35:9e:13:4f:83:d5:be:2c:63:48:c1:ef:46:c6:
                    37:22:1a:13:e1:18:ce:43:de:c8:13:65:0c:f7:e5:
                    89:2a:2e:b9:73:eb:8a:7e:86:57:4e:fd:9e:a7:75:
                    43:dd:63:57:6c:10:77:b0:2f:c3:54:ca:69:9a:5b:
                    e2:ff:9e:54:26:0b:94:68:0c:e6:fe:2f:ba:8f:02:
                    e6:3f:ae:70:f4:05:24:ec:f7:d1:26:9c:8c:6f:e5:
                    a6:15:5d:d4:95:4b:ec:be:e8:4a:a5:ad:b2:ad:3f:
                    a7:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:CF:70:51:5B:70:AC:23:C4:B8:23:ED:91:5F:91:5D:CF:CE:51:85
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:57:a0:96:da:a5:61:41:24:fb:25:4d:fa:01:7c:66:cc:e8:
         7f:66:3b:d0:48:6a:a7:42:d0:8e:b5:f3:be:c5:87:ea:56:54:
         09:0e:0d:50:bb:c6:08:94:2d:e4:65:6c:31:e1:6c:49:a3:bb:
         db:73:c8:cc:29:f0:25:2c:3c:a4:8f:a5:64:0e:bb:81:aa:a4:
         14:8c:20:6e:d3:0f:0b:7b:e9:b6:e2:dc:37:95:b7:80:2d:4f:
         ef:a6:a7:11:b9:9f:ea:b2:9b:86:8c:f3:95:d5:3a:6b:21:49:
         02:f8:3a:eb:2f:b1:d1:47:e9:44:a6:96:00:1a:a5:90:db:31:
         1c:66:dd:91:7e:d4:06:5a:ad:73:50:34:c4:d4:fb:b7:69:ce:
         8a:b2:61:c2:34:15:92:48:f9:f8:5e:03:e4:3a:e0:98:70:be:
         ca:7a:78:f8:fe:70:1b:d8:f7:60:2d:78:5a:83:b6:53:ea:18:
         4e:87:58:b6:6b:8e:f1:79:a7:11:16:61:d7:f9:00:47:05:56:
         d5:81:29:17:0e:cb:b5:41:71:1c:db:63:1f:08:e7:bb:e8:a0:
         ae:7e:cf:7b:53:31:f2:44:7f:a1:71:f3:6a:2c:8e:84:f7:d7:
         06:02:5e:7f:d7:66:01:4d:16:f6:e3:fa:98:a2:8e:a3:71:0f:
         19:03:1d:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Vsi61AuAHuL/CFD2GecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjUxMTA0MTMwMTMzWhcNMjUxMTA1MTMwMTMzWjAzMTEwLwYDVQQD
EyhlY2NmNzA1MTViNzBhYzIzYzRiODIzZWQ5MTVmOTE1ZGNmY2U1MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMwfRP1cwBKAsOUpppuIvYXXXBGE
y1FzPNdDhITSk/ZyJborBklEyT95lZ3aL/iudvyvbLhtNcxJaBPaMd3k+gZflH7C
xwgHLKbnav90lkAIFwgwvQEaUNmBmngGPfvnm/eL77ZvwB+LPyTnijJ8ggncoiLd
JTwlFNJ7SCtvGpNyE+jtLOx69oCUtAMkVT4SeU3WgGYKNZ4TT4PVvixjSMHvRsY3
IhoT4RjOQ97IE2UM9+WJKi65c+uKfoZXTv2ep3VD3WNXbBB3sC/DVMppmlvi/55U
JguUaAzm/i+6jwLmP65w9AUk7PfRJpyMb+WmFV3UlUvsvuhKpa2yrT+n/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzPcFFbcKwjxLgj7ZFfkV3PzlGFMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPlegltql
YUEk+yVN+gF8Zszof2Y70Ehqp0LQjrXzvsWH6lZUCQ4NULvGCJQt5GVsMeFsSaO7
23PIzCnwJSw8pI+lZA67gaqkFIwgbtMPC3vptuLcN5W3gC1P76anEbmf6rKbhozz
ldU6ayFJAvg66y+x0UfpRKaWABqlkNsxHGbdkX7UBlqtc1A0xNT7t2nOirJhwjQV
kkj5+F4D5DrgmHC+ynp4+P5wG9j3YC14WoO2U+oYTodYtmuO8XmnERZh1/kARwVW
1YEpFw7LtUFxHNtjHwjnu+igrn7Pe1Mx8kR/oXHzaiyOhPfXBgJef9dmAU0W9uP6
mKKOo3EPGQMdkQ==
-----END CERTIFICATE-----