Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft
File:                     vfyFyRfr69yH36Ne4JvEAoX19Ac.mft (raw, json)
Hash identifier:          MCqchNwqG9D6BT52IhYuEZUm9VsdUFWgCdvX3pzNYvw=
Subject key identifier:   FC:F0:13:38:04:AF:38:91:2E:20:2E:67:8F:8B:99:C1:BD:A3:4D:DA
Authority key identifier: BD:FC:85:C9:17:EB:EB:DC:87:DF:A3:5E:E0:9B:C4:02:85:F5:F4:07
Certificate issuer:       /CN=bdfc85c917ebebdc87dfa35ee09bc40285f5f407
Certificate serial:       019A4D06A2AEFEA48386B9C3F556B1C9F69F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vfyFyRfr69yH36Ne4JvEAoX19Ac.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft
Manifest number:          03CD
Signing time:             Tue 04 Nov 2025 04:01:11 +0000
Manifest this update:     Tue 04 Nov 2025 04:01:11 +0000
Manifest next update:     Wed 05 Nov 2025 04:01:11 +0000
Files and hashes:         1: vfyFyRfr69yH36Ne4JvEAoX19Ac.crl (hash: rSjwD03X/MmrJaovO1n8//nGgX+FehNsMixT+8Mz2ys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vfyFyRfr69yH36Ne4JvEAoX19Ac.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:a2:ae:fe:a4:83:86:b9:c3:f5:56:b1:c9:f6:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdfc85c917ebebdc87dfa35ee09bc40285f5f407
        Validity
            Not Before: Nov  4 04:01:11 2025 GMT
            Not After : Nov  5 04:01:11 2025 GMT
        Subject: CN=fcf0133804af38912e202e678f8b99c1bda34dda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d8:98:c4:8e:b5:81:b6:66:55:4b:8a:70:79:
                    4c:58:77:6c:a3:8a:89:8b:63:95:b7:0e:3f:6e:e1:
                    8c:cd:c3:85:66:7a:43:5c:65:11:31:41:75:d6:f9:
                    75:fb:85:6e:b5:21:34:c8:3f:3b:9b:e8:4f:a4:36:
                    44:24:b6:ab:18:62:83:01:6c:71:34:7f:e3:6d:fd:
                    4c:c8:8b:2d:c9:ef:8c:71:62:c8:46:b9:88:4f:d9:
                    45:ce:41:73:21:bd:2a:b7:33:f0:02:68:66:d5:6f:
                    be:dd:23:b1:a4:da:be:81:bf:ee:d5:98:32:10:cd:
                    98:38:7d:f7:71:ff:0f:60:35:f1:45:dc:67:cf:35:
                    6c:1f:b0:3b:62:1e:ab:94:76:19:5c:5d:71:b5:78:
                    d5:c1:6d:6c:a1:c9:c4:af:c4:8e:5d:f0:5d:8a:cb:
                    e8:17:ac:eb:b7:a9:06:d9:29:f5:2b:74:55:43:cb:
                    3c:a3:c2:14:2f:cb:55:49:76:d0:94:97:c8:07:db:
                    25:cf:29:76:b4:86:39:80:47:9d:f7:eb:2a:7f:86:
                    46:29:92:a4:9e:15:e4:4c:f5:38:07:52:b3:6e:b0:
                    71:b4:a9:3d:ba:6f:22:29:30:18:df:36:6c:b5:e9:
                    c8:aa:0a:3a:6a:d6:a7:22:a0:75:39:ba:64:75:42:
                    67:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:F0:13:38:04:AF:38:91:2E:20:2E:67:8F:8B:99:C1:BD:A3:4D:DA
            X509v3 Authority Key Identifier:
                keyid:BD:FC:85:C9:17:EB:EB:DC:87:DF:A3:5E:E0:9B:C4:02:85:F5:F4:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfyFyRfr69yH36Ne4JvEAoX19Ac.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:f7:e2:a7:dd:c6:2a:4b:01:b1:0f:36:65:3c:79:9c:9c:9d:
         94:aa:08:95:0e:11:51:48:29:fc:b0:90:82:91:48:2e:72:48:
         71:de:8c:d6:07:73:33:c3:57:4e:e2:18:d3:a6:e1:e2:a9:88:
         18:71:a9:ea:28:53:a3:8c:e4:ac:92:8c:92:84:12:97:b5:21:
         82:84:fa:f2:2d:5f:5a:0e:9f:f4:7d:53:0e:c0:01:df:ae:5c:
         9f:bc:d5:e1:55:a3:79:db:a9:aa:91:60:c2:6d:f5:d1:4f:f4:
         5f:9d:28:31:0b:b3:19:92:b4:5e:8e:f3:99:83:82:43:60:ee:
         7a:40:c8:d0:f1:4d:01:31:9d:3d:ac:87:2b:84:33:1f:cc:45:
         66:00:fb:2d:4e:95:98:b1:d4:46:64:99:a7:23:4e:fe:92:1c:
         40:38:2e:79:46:3f:36:2a:59:e5:54:9d:09:08:b9:39:51:18:
         77:d2:0b:80:05:0d:ab:b4:88:4a:6e:ed:b7:d2:7a:49:33:bd:
         2a:9a:0a:68:25:eb:47:44:01:a7:6a:63:f0:2e:1d:57:2e:75:
         15:ce:bd:b1:e6:90:9f:6c:75:8c:9c:7f:a7:ba:f2:4e:d1:4e:
         62:24:87:b3:58:23:58:d7:52:7b:6b:e1:a4:03:f9:d7:d6:a0:
         d1:f4:4b:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBqKu/qSDhrnD9VaxyfafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmM4NWM5MTdlYmViZGM4N2RmYTM1ZWUwOWJjNDAyODVm
NWY0MDcwHhcNMjUxMTA0MDQwMTExWhcNMjUxMTA1MDQwMTExWjAzMTEwLwYDVQQD
EyhmY2YwMTMzODA0YWYzODkxMmUyMDJlNjc4ZjhiOTljMWJkYTM0ZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutiYxI61gbZmVUuKcHlMWHdso4qJ
i2OVtw4/buGMzcOFZnpDXGURMUF11vl1+4VutSE0yD87m+hPpDZEJLarGGKDAWxx
NH/jbf1MyIstye+McWLIRrmIT9lFzkFzIb0qtzPwAmhm1W++3SOxpNq+gb/u1Zgy
EM2YOH33cf8PYDXxRdxnzzVsH7A7Yh6rlHYZXF1xtXjVwW1socnEr8SOXfBdisvo
F6zrt6kG2Sn1K3RVQ8s8o8IUL8tVSXbQlJfIB9slzyl2tIY5gEed9+sqf4ZGKZKk
nhXkTPU4B1KzbrBxtKk9um8iKTAY3zZstenIqgo6atanIqB1ObpkdUJnNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzwEzgErziRLiAuZ4+LmcG9o03aMB8GA1UdIwQY
MBaAFL38hckX6+vch9+jXuCbxAKF9fQHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZ5RnlSZnI2OXlIMzZOZTRKdkVBb1gxOUFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hZDBlMjItMjQ0OS00MWUyLTkzNjct
N2JhZDk0NTdhNDJmLzEvdmZ5RnlSZnI2OXlIMzZOZTRKdkVBb1gxOUFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hZDBlMjItMjQ0OS00MWUyLTkzNjctN2JhZDk0NTdhNDJm
LzEvdmZ5RnlSZnI2OXlIMzZOZTRKdkVBb1gxOUFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivfip93G
KksBsQ82ZTx5nJydlKoIlQ4RUUgp/LCQgpFILnJIcd6M1gdzM8NXTuIY06bh4qmI
GHGp6ihTo4zkrJKMkoQSl7UhgoT68i1fWg6f9H1TDsAB365cn7zV4VWjedupqpFg
wm310U/0X50oMQuzGZK0Xo7zmYOCQ2DuekDI0PFNATGdPayHK4QzH8xFZgD7LU6V
mLHURmSZpyNO/pIcQDgueUY/NipZ5VSdCQi5OVEYd9ILgAUNq7SISm7tt9J6STO9
KpoKaCXrR0QBp2pj8C4dVy51Fc69seaQn2x1jJx/p7ryTtFOYiSHs1gjWNdSe2vh
pAP519ag0fRLzw==
-----END CERTIFICATE-----