Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft
File:                     8A5uimGIP2gBZbX0FUhfjw1PWo0.mft (raw, json)
Hash identifier:          6rc5GGCEyqSFHxok2b/a5e6RXGzQecJQs5z1DyOHhco=
Subject key identifier:   12:1C:39:C4:50:19:72:A9:B8:13:EB:72:DD:21:58:ED:B6:86:7B:17
Authority key identifier: F0:0E:6E:8A:61:88:3F:68:01:65:B5:F4:15:48:5F:8F:0D:4F:5A:8D
Certificate issuer:       /CN=f00e6e8a61883f680165b5f415485f8f0d4f5a8d
Certificate serial:       019A4D74545ABA20A4F345301DAFC482AFFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8A5uimGIP2gBZbX0FUhfjw1PWo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft
Manifest number:          1405
Signing time:             Tue 04 Nov 2025 06:01:00 +0000
Manifest this update:     Tue 04 Nov 2025 06:01:00 +0000
Manifest next update:     Wed 05 Nov 2025 06:01:00 +0000
Files and hashes:         1: 8A5uimGIP2gBZbX0FUhfjw1PWo0.crl (hash: LZO8aJ7U9rf7rhXORPhzAfdxKZwQ87AO6FnPu1pUh2w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8A5uimGIP2gBZbX0FUhfjw1PWo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:54:5a:ba:20:a4:f3:45:30:1d:af:c4:82:af:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f00e6e8a61883f680165b5f415485f8f0d4f5a8d
        Validity
            Not Before: Nov  4 06:01:00 2025 GMT
            Not After : Nov  5 06:01:00 2025 GMT
        Subject: CN=121c39c4501972a9b813eb72dd2158edb6867b17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:8f:72:db:dc:b8:02:a9:98:f0:6c:ae:23:97:
                    71:f7:4d:25:95:02:d2:9a:e9:e2:42:04:c3:69:ba:
                    63:2f:d3:12:18:50:5c:4e:7d:bd:ca:a6:d7:43:6c:
                    f0:d0:68:29:18:1e:33:b1:72:5d:73:2f:21:02:78:
                    3f:6a:74:a6:e8:f3:ad:05:09:45:bb:7c:ba:af:d6:
                    80:de:9e:1f:9a:a2:1b:18:40:ae:53:0d:bd:f4:f1:
                    43:27:e3:66:91:28:92:0d:ec:e9:23:c1:b4:84:6c:
                    2c:b5:04:1e:b7:fc:10:db:c4:6a:ec:cf:80:38:e3:
                    a4:07:c1:17:3d:ad:7e:e1:8c:d3:bc:e5:17:eb:92:
                    13:8d:6c:23:16:48:f6:07:12:1b:c8:d6:21:aa:00:
                    d6:70:d3:c5:02:4a:ac:93:1a:59:1c:75:f2:4a:da:
                    cb:00:43:b1:a1:55:f7:7e:75:3c:56:2e:b0:2f:75:
                    9c:cd:ec:65:d5:e1:27:41:d6:ad:fe:5c:d1:49:e5:
                    e5:81:e7:1a:60:87:1c:47:f2:fb:8c:30:9b:c0:3e:
                    58:4e:c0:e9:f3:bc:93:e2:a6:d2:ac:16:9b:5f:13:
                    44:77:d4:e5:67:ae:a6:dc:17:01:c9:63:32:ae:92:
                    a1:ab:10:c2:73:39:b1:e1:25:e7:00:6e:d4:16:1d:
                    9c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:1C:39:C4:50:19:72:A9:B8:13:EB:72:DD:21:58:ED:B6:86:7B:17
            X509v3 Authority Key Identifier:
                keyid:F0:0E:6E:8A:61:88:3F:68:01:65:B5:F4:15:48:5F:8F:0D:4F:5A:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8A5uimGIP2gBZbX0FUhfjw1PWo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:b6:90:56:d7:b5:f6:9d:b8:46:e0:83:cf:e2:ec:d6:16:43:
         fe:b8:5a:c7:a1:32:8e:28:d0:b9:94:0a:63:d7:68:3a:6f:e1:
         1c:63:5a:2d:7b:25:64:26:a3:51:3b:12:65:22:61:b2:ba:a0:
         75:9c:ca:cb:88:bd:3c:a2:12:f8:26:79:eb:61:d0:9f:9c:86:
         65:09:ee:01:75:b9:eb:84:72:48:65:bf:cd:ad:fe:e1:59:86:
         92:b4:3a:e1:35:3d:6d:4f:5c:03:84:de:d9:93:7e:dd:45:41:
         60:9e:11:ce:20:44:95:80:4f:8d:40:35:61:dd:b4:ea:83:23:
         e4:66:97:85:e8:88:08:ab:31:f4:8b:db:d6:9f:24:3a:35:bb:
         79:2a:7b:37:96:3a:f4:76:47:a0:79:08:62:a7:65:fb:48:1b:
         45:8e:07:f5:34:55:bd:67:c2:03:22:01:8a:fb:da:e3:e8:61:
         fb:a6:2b:52:e5:eb:f2:f3:67:e2:fd:34:8a:b5:9e:35:9a:96:
         65:0e:e2:d7:c4:46:a4:80:b8:7f:b9:ac:47:3e:9d:e9:aa:c7:
         40:79:c4:70:36:b6:bf:08:8a:0d:5c:c0:bb:b4:4f:21:5d:8e:
         27:c9:72:54:35:22:c2:ee:51:1a:37:37:40:fd:16:4a:2b:07:
         66:09:36:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdFRauiCk80UwHa/Egq/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMGU2ZThhNjE4ODNmNjgwMTY1YjVmNDE1NDg1ZjhmMGQ0
ZjVhOGQwHhcNMjUxMTA0MDYwMTAwWhcNMjUxMTA1MDYwMTAwWjAzMTEwLwYDVQQD
EygxMjFjMzljNDUwMTk3MmE5YjgxM2ViNzJkZDIxNThlZGI2ODY3YjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6o9y29y4AqmY8GyuI5dx900llQLS
muniQgTDabpjL9MSGFBcTn29yqbXQ2zw0GgpGB4zsXJdcy8hAng/anSm6POtBQlF
u3y6r9aA3p4fmqIbGECuUw299PFDJ+NmkSiSDezpI8G0hGwstQQet/wQ28Rq7M+A
OOOkB8EXPa1+4YzTvOUX65ITjWwjFkj2BxIbyNYhqgDWcNPFAkqskxpZHHXyStrL
AEOxoVX3fnU8Vi6wL3Wczexl1eEnQdat/lzRSeXlgecaYIccR/L7jDCbwD5YTsDp
87yT4qbSrBabXxNEd9TlZ66m3BcByWMyrpKhqxDCczmx4SXnAG7UFh2c/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIcOcRQGXKpuBPrct0hWO22hnsXMB8GA1UdIwQY
MBaAFPAObophiD9oAWW19BVIX48NT1qNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEE1dWltR0lQMmdCWmJYMEZVaGZqdzFQV28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84NDI4MTUtMTM4YS00M2RhLTg3MmMt
M2NmZjE0ODI4ZGZkLzEvOEE1dWltR0lQMmdCWmJYMEZVaGZqdzFQV28wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS84NDI4MTUtMTM4YS00M2RhLTg3MmMtM2NmZjE0ODI4ZGZk
LzEvOEE1dWltR0lQMmdCWmJYMEZVaGZqdzFQV28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZbaQVte1
9p24RuCDz+Ls1hZD/rhax6EyjijQuZQKY9doOm/hHGNaLXslZCajUTsSZSJhsrqg
dZzKy4i9PKIS+CZ562HQn5yGZQnuAXW564RySGW/za3+4VmGkrQ64TU9bU9cA4Te
2ZN+3UVBYJ4RziBElYBPjUA1Yd206oMj5GaXheiICKsx9Ivb1p8kOjW7eSp7N5Y6
9HZHoHkIYqdl+0gbRY4H9TRVvWfCAyIBivva4+hh+6YrUuXr8vNn4v00irWeNZqW
ZQ7i18RGpIC4f7msRz6d6arHQHnEcDa2vwiKDVzAu7RPIV2OJ8lyVDUiwu5RGjc3
QP0WSisHZgk22A==
-----END CERTIFICATE-----