Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
File:                     9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft (raw, json)
Hash identifier:          S+4wENvViBkzJeeRzUJg52/Br2sBRg/nx2EllhJtntM=
Subject key identifier:   4E:B5:33:E3:E3:85:D2:89:AB:10:29:D6:49:4A:A6:8F:A0:34:CA:B7
Authority key identifier: F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F
Certificate issuer:       /CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
Certificate serial:       019A4EF5318E11BE564B9A302A6CE4632EA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
Manifest number:          0B19
Signing time:             Tue 04 Nov 2025 13:01:23 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:23 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:23 +0000
Files and hashes:         1: 9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl (hash: DV+dZnsXwlRDWpiKFTXOBEjqgSgBZ15FfMtdM2//hIE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:31:8e:11:be:56:4b:9a:30:2a:6c:e4:63:2e:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
        Validity
            Not Before: Nov  4 13:01:23 2025 GMT
            Not After : Nov  5 13:01:23 2025 GMT
        Subject: CN=4eb533e3e385d289ab1029d6494aa68fa034cab7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:7d:5d:bc:4f:6c:3b:7a:7b:bf:5e:45:70:67:
                    07:2a:7b:62:79:42:f9:be:dc:da:ee:bc:8e:bb:a4:
                    ad:aa:36:bc:0a:a0:00:9e:74:44:33:99:66:61:70:
                    9d:4e:23:55:19:73:24:41:af:77:26:94:ab:85:58:
                    49:7d:01:37:ee:af:aa:6f:89:b9:0b:7a:0d:8a:a4:
                    c4:30:12:48:5b:ab:b6:2b:df:8c:75:04:5d:dc:21:
                    36:dd:e4:ce:e1:ce:6b:23:46:20:08:ce:89:8e:1c:
                    bb:7f:12:d3:04:4e:5c:33:66:d1:0d:d6:3d:32:1b:
                    16:d9:cf:37:97:4d:a7:9e:d3:98:19:56:78:83:3d:
                    19:9b:24:56:71:4c:98:1e:c1:36:a8:75:26:c3:98:
                    7f:ae:d2:dd:f2:ee:13:0f:42:e4:2a:22:50:a5:5e:
                    4f:7b:fa:4c:98:4a:3d:83:d6:3b:23:3e:3e:d0:4b:
                    09:14:a6:58:ef:35:68:08:29:3d:c5:0f:2a:5a:82:
                    56:cf:ac:ac:34:b1:60:3e:f2:bc:25:3e:95:12:0e:
                    59:f5:48:df:4c:4a:81:55:0b:90:2f:1e:1b:22:3d:
                    6d:6c:52:f3:b1:c0:d3:c5:66:23:4e:29:0e:56:22:
                    81:78:73:8c:13:52:09:02:0c:a9:d3:c2:b1:44:2d:
                    41:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:B5:33:E3:E3:85:D2:89:AB:10:29:D6:49:4A:A6:8F:A0:34:CA:B7
            X509v3 Authority Key Identifier:
                keyid:F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:ce:ea:5f:0b:c0:fb:32:74:bd:32:4c:0c:56:28:ed:3d:29:
         ae:8e:cf:9a:a8:06:ab:8c:3a:34:f7:77:3a:4e:80:c2:af:96:
         7c:37:8e:77:e4:7d:6e:7c:e4:03:49:ef:60:c5:02:ed:16:38:
         55:7a:b2:e1:81:71:77:55:c1:cb:24:4c:2c:e0:04:7d:cc:0b:
         aa:13:9d:76:6b:51:2e:82:0b:88:ef:a9:3b:53:1d:8d:cb:1b:
         69:12:3e:d3:0a:19:40:19:b6:52:9b:fe:4d:ea:f1:d0:c5:82:
         22:65:9e:8d:f4:e1:ff:9c:73:47:ff:43:ad:86:d6:6f:c4:fd:
         58:2b:ae:1d:9c:f8:95:36:f1:a4:9e:92:65:5b:7b:4e:e5:b7:
         d9:8e:54:0b:e1:7c:9b:67:24:81:23:45:f5:21:3f:88:a3:60:
         20:11:7f:28:05:12:4d:f3:9f:fb:ee:84:ad:3f:d4:72:92:a8:
         82:4e:d1:41:a6:24:f0:88:ad:d0:50:06:99:5d:43:bd:16:10:
         ae:77:09:84:62:b8:4f:22:ac:10:7d:ae:55:5f:e9:35:21:ff:
         bf:ae:58:0c:7e:c2:7d:7c:4a:18:79:5b:a7:2f:aa:97:d9:2b:
         e1:ab:7f:21:70:45:86:09:67:59:27:bd:c2:60:cc:aa:0c:c2:
         0f:e6:3b:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9TGOEb5WS5owKmzkYy6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWQ1ZTVkYmJhMWVhYjZkMzk1OGU1OTQxODI5YzlkYTFi
MmM2N2YwHhcNMjUxMTA0MTMwMTIzWhcNMjUxMTA1MTMwMTIzWjAzMTEwLwYDVQQD
Eyg0ZWI1MzNlM2UzODVkMjg5YWIxMDI5ZDY0OTRhYTY4ZmEwMzRjYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H1dvE9sO3p7v15FcGcHKntieUL5
vtza7ryOu6Stqja8CqAAnnREM5lmYXCdTiNVGXMkQa93JpSrhVhJfQE37q+qb4m5
C3oNiqTEMBJIW6u2K9+MdQRd3CE23eTO4c5rI0YgCM6Jjhy7fxLTBE5cM2bRDdY9
MhsW2c83l02nntOYGVZ4gz0ZmyRWcUyYHsE2qHUmw5h/rtLd8u4TD0LkKiJQpV5P
e/pMmEo9g9Y7Iz4+0EsJFKZY7zVoCCk9xQ8qWoJWz6ysNLFgPvK8JT6VEg5Z9Ujf
TEqBVQuQLx4bIj1tbFLzscDTxWYjTikOViKBeHOME1IJAgyp08KxRC1BGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE61M+PjhdKJqxAp1klKpo+gNMq3MB8GA1UdIwQY
MBaAFPTtXl27oeq205WOWUGCnJ2hssZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQt
ZGIxYTZiYmNiYjcyLzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQtZGIxYTZiYmNiYjcy
LzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfM7qXwvA
+zJ0vTJMDFYo7T0pro7PmqgGq4w6NPd3Ok6Awq+WfDeOd+R9bnzkA0nvYMUC7RY4
VXqy4YFxd1XByyRMLOAEfcwLqhOddmtRLoILiO+pO1MdjcsbaRI+0woZQBm2Upv+
Terx0MWCImWejfTh/5xzR/9DrYbWb8T9WCuuHZz4lTbxpJ6SZVt7TuW32Y5UC+F8
m2ckgSNF9SE/iKNgIBF/KAUSTfOf++6ErT/UcpKogk7RQaYk8Iit0FAGmV1DvRYQ
rncJhGK4TyKsEH2uVV/pNSH/v65YDH7CfXxKGHlbpy+ql9kr4at/IXBFhglnWSe9
wmDMqgzCD+Y7PA==
-----END CERTIFICATE-----