Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          CR+6Bkzhw+RhYb40rwlkjdk/t2/oI2hvRqT7hjhRYQs=
Subject key identifier:   B4:CD:D2:8C:2A:69:65:B2:B7:CB:A7:A2:B8:46:8E:EF:F2:F6:87:2F
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019A4E4FCD65BE00927C5BF1D5BED0D349ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          103E
Signing time:             Tue 04 Nov 2025 10:00:43 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:43 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:43 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: IwjryxXIfge/Iq7gQS2c1kIzsj+iHkJt8EybCn/G9QQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:cd:65:be:00:92:7c:5b:f1:d5:be:d0:d3:49:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Nov  4 10:00:43 2025 GMT
            Not After : Nov  5 10:00:43 2025 GMT
        Subject: CN=b4cdd28c2a6965b2b7cba7a2b8468eeff2f6872f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:36:44:65:df:87:5d:d7:8c:6a:de:f3:5d:07:
                    07:2d:71:52:3e:82:ff:22:58:fb:6a:3b:10:3e:21:
                    b1:24:bd:30:17:f5:2b:52:12:51:69:7a:e7:7c:24:
                    e4:54:66:3c:83:83:0c:f5:5a:44:e7:a1:e6:c1:d0:
                    8b:f3:03:02:8c:31:72:c2:3b:b5:a1:03:7f:88:2a:
                    de:7e:51:55:a5:f0:9d:f2:00:b6:86:f1:d2:31:eb:
                    a7:fd:a9:c8:9b:65:b1:bd:27:b3:5d:0d:d2:ed:4f:
                    d7:83:60:b1:ce:42:dc:a6:0d:a7:86:bd:76:ca:27:
                    10:3e:6f:8a:e8:27:38:90:1e:ae:37:83:7d:7d:25:
                    e8:62:51:d2:70:d6:7c:61:b2:62:2d:cf:b5:1a:de:
                    42:46:5d:b7:03:ef:78:88:9b:e9:53:d4:ce:cf:c9:
                    71:a8:cb:6d:f5:a4:ba:c7:0e:c0:83:c4:0b:1d:15:
                    71:c3:d6:1b:b3:a7:27:99:0f:37:9b:44:47:82:be:
                    7d:df:be:c0:36:35:ce:83:0c:54:ab:01:4c:60:23:
                    f0:17:13:6b:72:f4:29:cc:e9:42:f2:c9:05:8c:63:
                    53:ee:5b:de:f4:86:85:0f:50:28:80:a8:ef:08:e6:
                    a9:8e:b9:ba:34:66:d7:3a:0a:4f:cc:81:98:aa:0f:
                    8b:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:CD:D2:8C:2A:69:65:B2:B7:CB:A7:A2:B8:46:8E:EF:F2:F6:87:2F
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:7f:a0:3f:7e:91:fd:fc:1d:57:f1:c6:6b:8b:e3:cd:ac:a0:
         d6:8e:52:72:6f:df:4f:4d:53:49:42:b2:8a:b0:ea:1f:29:ad:
         45:79:d7:86:b7:0d:20:0a:7c:b1:b6:68:69:03:c2:60:ac:20:
         57:fc:3f:e7:67:bd:16:17:c4:32:c3:d0:9b:92:14:32:ae:52:
         10:e2:90:61:01:00:50:eb:47:31:6e:f6:e8:44:ad:c8:1e:2b:
         de:77:c0:43:79:23:a8:40:e3:b8:38:5c:0a:27:00:6a:9a:c5:
         73:da:d6:70:9a:6b:ed:9f:cb:76:fd:6d:a0:10:11:02:4d:61:
         d9:ff:f5:af:05:36:28:4b:8d:a1:47:2b:13:90:02:9e:25:16:
         d4:0b:1c:ca:42:1f:99:b7:40:86:4a:d9:4b:d0:c9:5c:11:7a:
         19:a4:96:95:1b:83:83:39:9b:f9:8c:ad:8b:e7:96:38:88:84:
         e1:50:0a:7e:62:00:16:55:04:9c:c5:8e:a9:80:7e:4f:be:3a:
         8f:d6:5f:a4:19:3b:5d:1e:23:2c:9a:f6:ee:b3:99:14:17:3e:
         10:f6:11:72:12:af:ef:15:51:4c:b4:19:8d:1b:7b:22:a2:04:
         5a:f4:7b:28:dc:96:da:4b:94:8e:f9:2f:4d:82:1f:03:6c:b1:
         7a:fb:1e:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT81lvgCSfFvx1b7Q00ntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjUxMTA0MTAwMDQzWhcNMjUxMTA1MTAwMDQzWjAzMTEwLwYDVQQD
EyhiNGNkZDI4YzJhNjk2NWIyYjdjYmE3YTJiODQ2OGVlZmYyZjY4NzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozZEZd+HXdeMat7zXQcHLXFSPoL/
Ilj7ajsQPiGxJL0wF/UrUhJRaXrnfCTkVGY8g4MM9VpE56HmwdCL8wMCjDFywju1
oQN/iCreflFVpfCd8gC2hvHSMeun/anIm2WxvSezXQ3S7U/Xg2CxzkLcpg2nhr12
yicQPm+K6Cc4kB6uN4N9fSXoYlHScNZ8YbJiLc+1Gt5CRl23A+94iJvpU9TOz8lx
qMtt9aS6xw7Ag8QLHRVxw9Ybs6cnmQ83m0RHgr59377ANjXOgwxUqwFMYCPwFxNr
cvQpzOlC8skFjGNT7lve9IaFD1AogKjvCOapjrm6NGbXOgpPzIGYqg+LHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTN0owqaWWyt8unorhGju/y9ocvMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbH+gP36R
/fwdV/HGa4vjzayg1o5Scm/fT01TSUKyirDqHymtRXnXhrcNIAp8sbZoaQPCYKwg
V/w/52e9FhfEMsPQm5IUMq5SEOKQYQEAUOtHMW726EStyB4r3nfAQ3kjqEDjuDhc
CicAaprFc9rWcJpr7Z/Ldv1toBARAk1h2f/1rwU2KEuNoUcrE5ACniUW1AscykIf
mbdAhkrZS9DJXBF6GaSWlRuDgzmb+Yyti+eWOIiE4VAKfmIAFlUEnMWOqYB+T746
j9ZfpBk7XR4jLJr27rOZFBc+EPYRchKv7xVRTLQZjRt7IqIEWvR7KNyW2kuUjvkv
TYIfA2yxevsebw==
-----END CERTIFICATE-----