Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          WqUsR14vryDZLMXhomikqUOLN8Rde1vMtIgV4+nyOvE=
Subject key identifier:   91:89:84:BF:55:B0:21:C0:60:6F:C7:1F:A5:50:24:C7:CC:16:12:BA
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       019A4F620A03C4B8D22C4FD3083737F7653F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          1444
Signing time:             Tue 04 Nov 2025 15:00:16 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:16 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:16 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: kIBz/ATpG4nvBt382VVeo264QqVE6honMUX/ft96t+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:0a:03:c4:b8:d2:2c:4f:d3:08:37:37:f7:65:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: Nov  4 15:00:16 2025 GMT
            Not After : Nov  5 15:00:16 2025 GMT
        Subject: CN=918984bf55b021c0606fc71fa55024c7cc1612ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:a6:e4:16:d3:85:57:50:f4:36:dc:e4:b0:3e:
                    86:22:2f:20:9a:49:d8:aa:e4:51:e2:e8:f8:a9:7c:
                    4d:a1:ff:c2:45:aa:2c:b5:de:87:a5:cc:92:c4:99:
                    f5:e3:b0:8a:d7:4a:28:57:a3:9c:b2:c6:8d:ab:9c:
                    a6:9e:71:5a:c0:57:87:24:b4:4d:cb:17:5e:fd:40:
                    ec:19:05:32:26:a3:a4:54:39:a6:70:2e:d8:be:da:
                    8e:a2:42:91:ba:24:4e:1d:76:89:14:3c:d8:1f:6d:
                    f2:2b:19:ee:61:d7:a1:2c:01:60:c8:90:a6:b9:01:
                    a3:ee:dd:87:ee:60:7b:bd:b1:c9:41:1c:e1:e9:8f:
                    c7:b5:51:1a:98:69:9a:8c:b6:c4:6a:be:f4:eb:1c:
                    05:7a:19:69:e9:e5:b2:60:b7:bf:81:29:73:ba:c5:
                    58:b1:39:64:41:1e:51:a6:56:d6:36:f1:cf:52:ee:
                    c1:f7:e3:78:1a:ce:5c:26:f6:33:08:38:89:f5:c5:
                    90:94:c9:07:1c:30:1c:1a:5d:7d:84:81:5f:20:ec:
                    82:18:45:ef:ac:b4:87:02:f0:59:77:8b:30:0d:f8:
                    b9:cc:ba:aa:98:51:bd:bb:c9:7d:e7:68:de:c0:8d:
                    84:41:e5:fb:17:07:87:24:28:99:d0:7b:51:0b:00:
                    e8:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:89:84:BF:55:B0:21:C0:60:6F:C7:1F:A5:50:24:C7:CC:16:12:BA
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:9f:ca:61:af:cb:bc:b3:0d:56:10:d3:84:7e:3c:01:2e:d5:
         29:9c:28:10:28:dd:df:63:90:43:bd:07:cc:5b:bb:e4:54:3b:
         8e:b0:87:87:46:d0:37:e0:d3:88:37:f4:83:32:50:ef:8f:b7:
         a8:1d:48:40:2e:2f:b6:d4:62:6d:21:ef:ae:57:ed:52:94:3c:
         fa:3e:3d:80:94:39:40:7f:b9:8c:a3:c4:a0:71:45:5c:6b:1a:
         ef:d4:ff:df:50:5f:f3:53:e5:2c:01:a5:d6:80:11:6a:6a:67:
         f9:0f:3a:76:8d:84:2a:91:75:ba:45:ec:4a:e7:78:90:8e:17:
         04:ca:62:f9:14:66:d9:6b:95:d1:39:ff:c3:04:c5:ce:c8:8f:
         83:87:e3:30:37:d3:07:81:5b:39:53:31:36:4f:4b:2c:b6:c0:
         b8:39:6b:cd:76:d4:e6:16:bc:ad:4c:f1:86:69:11:10:07:6e:
         b0:0d:6a:92:10:d4:c7:aa:6f:90:68:c8:3c:5b:aa:f3:da:e9:
         af:98:da:f7:f6:53:dd:0f:8e:9d:3a:1a:bd:87:7a:cf:08:18:
         fa:27:d5:74:2c:59:dc:6a:f8:38:2c:a9:b7:83:ed:94:c4:25:
         ac:1c:a3:9f:a4:86:e2:c4:c6:53:26:b1:7c:eb:d3:de:5b:0e:
         c6:26:bc:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYgoDxLjSLE/TCDc392U/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjUxMTA0MTUwMDE2WhcNMjUxMTA1MTUwMDE2WjAzMTEwLwYDVQQD
Eyg5MTg5ODRiZjU1YjAyMWMwNjA2ZmM3MWZhNTUwMjRjN2NjMTYxMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9abkFtOFV1D0NtzksD6GIi8gmknY
quRR4uj4qXxNof/CRaostd6HpcySxJn147CK10ooV6OcssaNq5ymnnFawFeHJLRN
yxde/UDsGQUyJqOkVDmmcC7YvtqOokKRuiROHXaJFDzYH23yKxnuYdehLAFgyJCm
uQGj7t2H7mB7vbHJQRzh6Y/HtVEamGmajLbEar706xwFehlp6eWyYLe/gSlzusVY
sTlkQR5RplbWNvHPUu7B9+N4Gs5cJvYzCDiJ9cWQlMkHHDAcGl19hIFfIOyCGEXv
rLSHAvBZd4swDfi5zLqqmFG9u8l952jewI2EQeX7FweHJCiZ0HtRCwDoGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGJhL9VsCHAYG/HH6VQJMfMFhK6MB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi5/KYa/L
vLMNVhDThH48AS7VKZwoECjd32OQQ70HzFu75FQ7jrCHh0bQN+DTiDf0gzJQ74+3
qB1IQC4vttRibSHvrlftUpQ8+j49gJQ5QH+5jKPEoHFFXGsa79T/31Bf81PlLAGl
1oARampn+Q86do2EKpF1ukXsSud4kI4XBMpi+RRm2WuV0Tn/wwTFzsiPg4fjMDfT
B4FbOVMxNk9LLLbAuDlrzXbU5ha8rUzxhmkREAdusA1qkhDUx6pvkGjIPFuq89rp
r5ja9/ZT3Q+OnToavYd6zwgY+ifVdCxZ3Gr4OCypt4PtlMQlrByjn6SG4sTGUyax
fOvT3lsOxia86Q==
-----END CERTIFICATE-----