Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
File:                     rfjUKjroBc6WqpT66fW0QG_0VZk.mft (raw, json)
Hash identifier:          blie6eVAsdfLeiQJ0jh/+zQWgPzPCcILbPBYWgKqPdI=
Subject key identifier:   F2:35:2F:FB:68:3E:14:48:F3:1D:80:9E:11:F1:04:14:46:E3:A6:1F
Authority key identifier: AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
Certificate issuer:       /CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Certificate serial:       019A4DAB146F840C2C9CBAA5464F7CFAA329
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
Manifest number:          0473
Signing time:             Tue 04 Nov 2025 07:00:48 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:48 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:48 +0000
Files and hashes:         1: rfjUKjroBc6WqpT66fW0QG_0VZk.crl (hash: 9zOMPj+axkAvrt1my488pYJrz14WG1AAE8gNRaoS6Zs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:ab:14:6f:84:0c:2c:9c:ba:a5:46:4f:7c:fa:a3:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
        Validity
            Not Before: Nov  4 07:00:48 2025 GMT
            Not After : Nov  5 07:00:48 2025 GMT
        Subject: CN=f2352ffb683e1448f31d809e11f1041446e3a61f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e4:84:ed:60:15:72:56:c2:ee:ad:e4:e2:2c:
                    79:4c:da:87:78:82:e0:20:a0:6b:57:34:3b:f2:82:
                    52:f8:ec:83:3a:90:1c:c5:b6:ed:f4:4f:e3:1d:58:
                    37:c1:40:a9:1e:be:1c:1a:51:24:4a:c8:31:5e:e9:
                    a3:48:b6:8d:72:63:fa:5f:94:36:33:5b:c0:39:0c:
                    b4:b5:d0:02:16:95:74:7b:52:9e:2c:b7:8e:7d:20:
                    b4:6b:9b:d9:f2:dd:e2:0d:be:72:42:8d:f3:20:b9:
                    06:0e:c4:07:bc:0f:4e:d6:6d:4e:71:73:68:af:cc:
                    bb:63:1c:f6:23:11:88:e0:02:74:3c:a1:61:ad:a1:
                    11:b0:0b:07:4c:e1:7c:75:7c:0b:8e:af:4a:a4:9f:
                    74:e1:72:38:85:a9:92:52:49:d4:ab:fc:44:7b:19:
                    30:63:c0:48:34:b5:f8:f8:a8:a7:ce:1c:d1:b2:57:
                    b1:c3:22:7f:e1:73:00:13:ea:9c:12:ea:6a:02:0e:
                    7b:26:4b:f2:41:76:05:df:38:12:82:cb:fa:49:d0:
                    05:3e:e7:db:84:93:47:e8:78:1d:37:05:ef:1d:e5:
                    dd:f5:52:a6:fd:3b:48:1c:e8:d1:ca:57:b5:69:1d:
                    55:45:7f:dc:34:c6:43:32:c5:d4:50:b6:79:9d:ba:
                    61:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:35:2F:FB:68:3E:14:48:F3:1D:80:9E:11:F1:04:14:46:E3:A6:1F
            X509v3 Authority Key Identifier:
                keyid:AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:92:b8:e3:f9:90:4b:88:6e:3f:52:b5:57:fb:7e:99:6b:3c:
         e5:ed:58:d6:b6:c9:ba:5b:6b:96:01:c8:79:b7:68:b8:9a:bb:
         a9:04:41:28:27:1f:59:82:d5:ae:88:84:f1:08:b2:fd:19:38:
         60:ef:f4:ae:df:bb:54:45:0c:20:09:03:89:81:2c:7a:b6:75:
         4a:22:02:3a:20:36:18:54:be:00:3e:b5:37:bd:88:bd:2a:92:
         7f:84:33:7d:e3:27:d6:d3:64:79:e9:38:17:c9:d8:8c:74:48:
         87:e2:ae:38:c3:40:ee:89:f6:67:66:34:61:a3:81:98:0a:23:
         9e:e0:28:ea:cd:05:c0:8e:6d:94:2a:ba:86:9c:5f:72:8d:41:
         57:d3:b7:9e:83:dc:4d:16:78:8f:41:b3:05:3c:65:bf:d4:cd:
         fa:10:c4:10:d3:91:c9:f9:8b:36:11:f7:6a:e9:35:d2:91:d9:
         6b:d1:97:be:c9:21:9c:59:2f:96:8f:d5:16:a6:12:db:36:cb:
         46:89:5b:7d:0d:11:95:60:7e:2b:ea:68:54:eb:2d:39:0c:64:
         30:74:0b:74:05:82:7a:6a:91:12:b3:99:2f:e7:35:ea:a2:ee:
         46:77:5c:2d:88:ad:a2:d0:00:45:18:32:6b:ca:c3:4f:b0:3a:
         78:c4:f2:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqxRvhAwsnLqlRk98+qMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjhkNDJhM2FlODA1Y2U5NmFhOTRmYWU5ZjViNDQwNmZm
NDU1OTkwHhcNMjUxMTA0MDcwMDQ4WhcNMjUxMTA1MDcwMDQ4WjAzMTEwLwYDVQQD
EyhmMjM1MmZmYjY4M2UxNDQ4ZjMxZDgwOWUxMWYxMDQxNDQ2ZTNhNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquSE7WAVclbC7q3k4ix5TNqHeILg
IKBrVzQ78oJS+OyDOpAcxbbt9E/jHVg3wUCpHr4cGlEkSsgxXumjSLaNcmP6X5Q2
M1vAOQy0tdACFpV0e1KeLLeOfSC0a5vZ8t3iDb5yQo3zILkGDsQHvA9O1m1OcXNo
r8y7Yxz2IxGI4AJ0PKFhraERsAsHTOF8dXwLjq9KpJ904XI4hamSUknUq/xEexkw
Y8BINLX4+KinzhzRslexwyJ/4XMAE+qcEupqAg57JkvyQXYF3zgSgsv6SdAFPufb
hJNH6HgdNwXvHeXd9VKm/TtIHOjRyle1aR1VRX/cNMZDMsXUULZ5nbphaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPI1L/toPhRI8x2AnhHxBBRG46YfMB8GA1UdIwQY
MBaAFK341Co66AXOlqqU+un1tEBv9FWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAt
YTc3OWI5OTNkZjU4LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAtYTc3OWI5OTNkZjU4
LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj5K44/mQ
S4huP1K1V/t+mWs85e1Y1rbJultrlgHIebdouJq7qQRBKCcfWYLVroiE8Qiy/Rk4
YO/0rt+7VEUMIAkDiYEserZ1SiICOiA2GFS+AD61N72IvSqSf4QzfeMn1tNkeek4
F8nYjHRIh+KuOMNA7on2Z2Y0YaOBmAojnuAo6s0FwI5tlCq6hpxfco1BV9O3noPc
TRZ4j0GzBTxlv9TN+hDEENORyfmLNhH3auk10pHZa9GXvskhnFkvlo/VFqYS2zbL
RolbfQ0RlWB+K+poVOstOQxkMHQLdAWCemqRErOZL+c16qLuRndcLYitotAARRgy
a8rDT7A6eMTyJg==
-----END CERTIFICATE-----