Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
File:                     1MiI65YKABkAwnleiq-iaPYC2EI.mft (raw, json)
Hash identifier:          aR7IpuVGgDmvonePc1s8yZpXUr6IKDtmuEk4dVm7H2Y=
Subject key identifier:   0C:B0:A1:3E:25:36:1B:72:16:81:C7:67:AD:BB:6B:23:18:A5:2E:BD
Authority key identifier: D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42
Certificate issuer:       /CN=d4c888eb960a001900c2795e8aafa268f602d842
Certificate serial:       019A50E315C9E4DD6761DFC3740344F3A45E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
Manifest number:          0C1A
Signing time:             Tue 04 Nov 2025 22:00:50 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:50 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:50 +0000
Files and hashes:         1: 1MiI65YKABkAwnleiq-iaPYC2EI.crl (hash: zRIuwJOzKHCIaK0KyntZjE/xR6mZZKLsaTN8Xag7H84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:15:c9:e4:dd:67:61:df:c3:74:03:44:f3:a4:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4c888eb960a001900c2795e8aafa268f602d842
        Validity
            Not Before: Nov  4 22:00:50 2025 GMT
            Not After : Nov  5 22:00:50 2025 GMT
        Subject: CN=0cb0a13e25361b721681c767adbb6b2318a52ebd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:88:0d:14:de:db:b5:43:25:1e:c9:81:6a:cc:
                    f2:35:74:b1:20:f1:49:68:3a:3b:a5:fd:80:48:14:
                    59:2b:43:ac:00:35:04:33:d9:d4:c0:51:12:1f:26:
                    a6:3a:c5:ce:cf:e4:58:cb:33:b8:9a:d2:b1:93:fb:
                    79:ed:19:cb:cd:6f:82:e6:80:78:0c:f7:3a:b8:93:
                    98:b0:d6:ad:f0:d1:e1:66:1b:0c:8f:49:38:65:cb:
                    00:f4:27:eb:47:4b:f8:bc:bf:66:c2:9f:d3:e6:6b:
                    21:e7:e1:2c:76:48:95:2c:ba:09:c0:fe:92:d4:be:
                    96:01:00:b2:9e:5c:9a:92:08:89:23:17:e3:84:b5:
                    2b:ed:18:2f:9e:d3:f6:f9:af:a9:0a:fd:42:cf:f6:
                    9f:88:2d:ad:54:db:41:b3:a4:96:41:fc:d6:e9:e3:
                    ea:2c:4c:cc:f0:81:ad:87:71:4a:68:00:84:1c:8e:
                    7b:5c:75:fb:67:ff:ac:3e:f8:e8:48:11:3f:d6:3c:
                    77:fe:73:24:20:05:7c:f6:c1:61:ad:f5:35:55:03:
                    5b:4f:11:de:0b:b0:20:47:d8:e9:8d:f2:6a:51:9e:
                    e3:71:2b:0c:30:09:ee:6c:01:cb:58:c1:d1:17:3b:
                    ba:72:ca:5f:26:80:d2:0e:e5:0f:8d:3f:f4:fd:39:
                    eb:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:B0:A1:3E:25:36:1B:72:16:81:C7:67:AD:BB:6B:23:18:A5:2E:BD
            X509v3 Authority Key Identifier:
                keyid:D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:fb:03:5a:d7:7e:b6:14:ff:5f:0f:48:93:f9:35:91:21:74:
         49:79:4b:79:a1:c8:6e:78:fd:79:0d:b1:cb:05:62:ca:73:61:
         c0:70:52:83:df:5d:59:68:15:1d:5d:f1:8a:cd:82:d1:bc:1e:
         df:19:eb:e3:44:82:45:a5:d1:dd:7e:62:18:94:aa:8e:d3:d6:
         5e:79:49:ef:01:43:d1:8b:c3:16:85:31:cb:d3:a3:4f:21:96:
         6c:a9:c6:6c:87:ff:a4:4f:ff:08:c4:f0:12:9a:93:77:65:a3:
         9d:bc:70:b7:c9:60:33:71:01:7f:f3:a6:0e:8c:98:7c:72:d9:
         39:61:a0:30:53:77:fe:d4:f1:5b:0f:f0:45:09:c2:9a:35:48:
         a7:75:ff:f6:e9:4d:11:e8:47:ce:28:06:02:2a:00:e7:3e:d2:
         e6:35:3d:4b:aa:f5:29:a4:70:78:12:15:d9:f7:94:6e:9c:85:
         50:79:10:9b:b3:aa:01:a4:e9:df:6a:33:d8:d1:b7:3e:0a:48:
         de:1b:8c:a6:a4:38:9b:7d:7c:f0:51:1e:b1:ff:19:c1:06:b6:
         3a:17:93:54:d4:5d:db:21:5d:89:64:61:da:a4:c1:86:4f:5f:
         29:10:cf:5d:74:54:c0:ca:c8:ef:ab:47:f1:6f:dc:c2:07:8b:
         b2:ea:a4:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4xXJ5N1nYd/DdANE86ReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yzg4OGViOTYwYTAwMTkwMGMyNzk1ZThhYWZhMjY4ZjYw
MmQ4NDIwHhcNMjUxMTA0MjIwMDUwWhcNMjUxMTA1MjIwMDUwWjAzMTEwLwYDVQQD
EygwY2IwYTEzZTI1MzYxYjcyMTY4MWM3NjdhZGJiNmIyMzE4YTUyZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+YgNFN7btUMlHsmBaszyNXSxIPFJ
aDo7pf2ASBRZK0OsADUEM9nUwFESHyamOsXOz+RYyzO4mtKxk/t57RnLzW+C5oB4
DPc6uJOYsNat8NHhZhsMj0k4ZcsA9CfrR0v4vL9mwp/T5msh5+EsdkiVLLoJwP6S
1L6WAQCynlyakgiJIxfjhLUr7RgvntP2+a+pCv1Cz/afiC2tVNtBs6SWQfzW6ePq
LEzM8IGth3FKaACEHI57XHX7Z/+sPvjoSBE/1jx3/nMkIAV89sFhrfU1VQNbTxHe
C7AgR9jpjfJqUZ7jcSsMMAnubAHLWMHRFzu6cspfJoDSDuUPjT/0/TnrowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAywoT4lNhtyFoHHZ627ayMYpS69MB8GA1UdIwQY
MBaAFNTIiOuWCgAZAMJ5Xoqvomj2AthCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEt
MTVkNzY5MWY0YTJhLzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEtMTVkNzY5MWY0YTJh
LzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzPsDWtd+
thT/Xw9Ik/k1kSF0SXlLeaHIbnj9eQ2xywViynNhwHBSg99dWWgVHV3xis2C0bwe
3xnr40SCRaXR3X5iGJSqjtPWXnlJ7wFD0YvDFoUxy9OjTyGWbKnGbIf/pE//CMTw
EpqTd2Wjnbxwt8lgM3EBf/OmDoyYfHLZOWGgMFN3/tTxWw/wRQnCmjVIp3X/9ulN
EehHzigGAioA5z7S5jU9S6r1KaRweBIV2feUbpyFUHkQm7OqAaTp32oz2NG3PgpI
3huMpqQ4m3188FEesf8ZwQa2OheTVNRd2yFdiWRh2qTBhk9fKRDPXXRUwMrI76tH
8W/cwgeLsuqkkQ==
-----END CERTIFICATE-----