Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
File:                     iqrwV67ry_cGh34qqnSjljgL4hU.mft (raw, json)
Hash identifier:          2msjDphGPYCYpTsm4GH28XO9ORy7PKbJAREhaKR/xlM=
Subject key identifier:   96:60:8C:70:FD:BD:D5:F5:F4:09:3F:FF:74:71:E9:83:AE:E0:07:68
Authority key identifier: 8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
Certificate issuer:       /CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Certificate serial:       019A4DAAB48B7A73C6D577212C3E38B59889
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
Manifest number:          049E
Signing time:             Tue 04 Nov 2025 07:00:23 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:23 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:23 +0000
Files and hashes:         1: iqrwV67ry_cGh34qqnSjljgL4hU.crl (hash: gNYi4z2nHNgc6PFZ8e0IO9Lw3p1NLv0fhfbKWXL/zGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:b4:8b:7a:73:c6:d5:77:21:2c:3e:38:b5:98:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aaaf057aeebcbf706877e2aaa74a396380be215
        Validity
            Not Before: Nov  4 07:00:23 2025 GMT
            Not After : Nov  5 07:00:23 2025 GMT
        Subject: CN=96608c70fdbdd5f5f4093fff7471e983aee00768
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:64:5a:8e:96:3f:77:5d:53:09:56:ad:15:19:
                    f9:c4:2d:4d:07:ca:a3:d2:1b:a3:b6:0c:f8:74:3c:
                    57:9d:f8:3f:07:e4:4e:9f:7e:5d:ec:13:a9:39:d1:
                    aa:c0:8b:11:0e:27:7d:c1:24:7d:0d:5c:72:8f:94:
                    c5:29:66:27:31:a4:22:e4:0a:cd:d0:9d:26:a0:3f:
                    5a:d2:ad:cd:8c:cd:e0:f5:a2:ab:8d:14:ba:be:97:
                    04:b8:ad:9c:6a:d2:6c:e6:c5:22:68:20:aa:89:c0:
                    e9:36:5e:a4:12:e0:c5:f8:87:41:e2:a0:e6:8f:59:
                    5e:77:12:de:bc:32:79:bf:9b:a7:01:7a:b7:52:68:
                    92:44:6d:b5:19:43:64:70:12:ad:ae:68:b9:5d:f2:
                    99:a0:3b:1f:03:31:9f:0b:3e:d4:96:dc:e7:30:3c:
                    c3:9f:18:4d:4d:c7:e4:02:25:ff:93:fd:35:e8:90:
                    88:4b:f7:df:a9:95:3d:58:9a:e0:a4:71:5f:85:f6:
                    f4:64:30:92:f3:d3:c6:3c:07:30:45:26:4e:ec:e2:
                    bd:76:94:8d:e0:87:ad:c4:40:08:a4:cf:70:d9:1e:
                    bf:e0:55:6e:24:e1:4a:aa:f8:e3:eb:1b:e1:c5:61:
                    e4:dd:ce:05:6c:c3:72:2a:d8:82:82:17:4f:38:7e:
                    89:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:60:8C:70:FD:BD:D5:F5:F4:09:3F:FF:74:71:E9:83:AE:E0:07:68
            X509v3 Authority Key Identifier:
                keyid:8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:b9:98:66:13:e8:0b:2d:0e:fb:97:e1:d9:d6:ab:46:ed:fb:
         41:c3:86:55:4b:64:59:79:32:ce:9e:ba:fb:68:6f:86:1a:8b:
         08:ae:33:1c:3b:bb:5c:67:49:e9:92:72:7c:0a:34:70:bf:4f:
         ba:e4:0a:7d:14:c7:1c:74:b4:bb:e1:b0:70:19:97:d3:e7:68:
         be:d7:66:ce:d4:42:26:fa:2d:90:ca:b8:ee:3d:bf:96:b2:9c:
         fc:f2:7d:30:27:96:89:58:29:a1:77:67:b8:7c:83:7a:6c:dd:
         b0:88:71:d9:c8:c9:dd:09:ed:53:51:ec:57:af:87:5b:08:f5:
         74:5d:d0:af:d7:08:b8:ac:29:88:d3:4e:54:da:dd:4e:ac:27:
         1b:71:b8:f0:8c:b2:d5:92:12:e2:21:ff:cf:2e:42:b6:c6:d7:
         d8:6b:03:a6:a2:f2:80:ef:ac:40:09:3c:31:26:4f:5c:45:f9:
         50:f9:8c:9e:3a:f8:cf:07:13:d4:c2:73:8f:67:ec:86:32:26:
         41:d5:77:e6:97:dc:5e:d9:a3:79:31:97:78:c5:f5:9e:6b:11:
         81:31:46:a9:5d:0e:77:57:26:f3:b0:86:2d:c6:5f:93:40:cd:
         49:3c:94:e7:73:32:c1:20:e7:45:3e:92:4f:4f:51:e1:1e:25:
         f6:60:53:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqrSLenPG1XchLD44tZiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWFmMDU3YWVlYmNiZjcwNjg3N2UyYWFhNzRhMzk2Mzgw
YmUyMTUwHhcNMjUxMTA0MDcwMDIzWhcNMjUxMTA1MDcwMDIzWjAzMTEwLwYDVQQD
Eyg5NjYwOGM3MGZkYmRkNWY1ZjQwOTNmZmY3NDcxZTk4M2FlZTAwNzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmRajpY/d11TCVatFRn5xC1NB8qj
0hujtgz4dDxXnfg/B+ROn35d7BOpOdGqwIsRDid9wSR9DVxyj5TFKWYnMaQi5ArN
0J0moD9a0q3NjM3g9aKrjRS6vpcEuK2catJs5sUiaCCqicDpNl6kEuDF+IdB4qDm
j1ledxLevDJ5v5unAXq3UmiSRG21GUNkcBKtrmi5XfKZoDsfAzGfCz7UltznMDzD
nxhNTcfkAiX/k/016JCIS/ffqZU9WJrgpHFfhfb0ZDCS89PGPAcwRSZO7OK9dpSN
4IetxEAIpM9w2R6/4FVuJOFKqvjj6xvhxWHk3c4FbMNyKtiCghdPOH6JSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZgjHD9vdX19Ak//3Rx6YOu4AdoMB8GA1UdIwQY
MBaAFIqq8Feu68v3Bod+Kqp0o5Y4C+IVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEt
NTMwOTBiM2JhYTgxLzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEtNTMwOTBiM2JhYTgx
LzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD7mYZhPo
Cy0O+5fh2darRu37QcOGVUtkWXkyzp66+2hvhhqLCK4zHDu7XGdJ6ZJyfAo0cL9P
uuQKfRTHHHS0u+GwcBmX0+dovtdmztRCJvotkMq47j2/lrKc/PJ9MCeWiVgpoXdn
uHyDemzdsIhx2cjJ3QntU1HsV6+HWwj1dF3Qr9cIuKwpiNNOVNrdTqwnG3G48Iyy
1ZIS4iH/zy5CtsbX2GsDpqLygO+sQAk8MSZPXEX5UPmMnjr4zwcT1MJzj2fshjIm
QdV35pfcXtmjeTGXeMX1nmsRgTFGqV0Od1cm87CGLcZfk0DNSTyU53MywSDnRT6S
T09R4R4l9mBTtA==
-----END CERTIFICATE-----