Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
File:                     IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json)
Hash identifier:          k7LMZkqicJY6+CvTiM+8LqgFPA3m7XE9yQpm3PbIpGM=
Subject key identifier:   0F:58:3B:66:FE:7E:3B:66:BB:49:76:83:3C:50:35:CA:5D:15:7E:C3
Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30
Certificate issuer:       /CN=20f75069bd56efc5170383ed31cad22464fdf030
Certificate serial:       019A4F98E4F8B7CC3CA588A48E81034A9F96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
Manifest number:          04BC
Signing time:             Tue 04 Nov 2025 16:00:11 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:11 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:11 +0000
Files and hashes:         1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: YG2FFqxObieC1qoP30Oq/aXjZSUJO3MOb75d7wANAeY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:98:e4:f8:b7:cc:3c:a5:88:a4:8e:81:03:4a:9f:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030
        Validity
            Not Before: Nov  4 16:00:11 2025 GMT
            Not After : Nov  5 16:00:11 2025 GMT
        Subject: CN=0f583b66fe7e3b66bb4976833c5035ca5d157ec3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:52:69:bd:5b:78:65:bf:a1:cf:a8:c4:45:8d:
                    8a:d1:19:18:95:49:3e:51:e7:7b:9c:d8:fb:cf:f5:
                    b3:f2:c1:7f:cc:c9:67:90:ac:63:81:8c:c3:5c:7d:
                    f6:49:0d:3f:b0:2d:a0:b4:38:a9:b9:64:d1:67:5c:
                    7a:12:62:f4:f2:26:ff:7d:b0:39:44:00:3e:5c:b5:
                    e9:0a:8d:d3:6c:4e:db:fc:8b:52:18:42:6b:9e:22:
                    37:02:e7:5a:53:56:10:a1:4b:69:9e:7e:c8:fc:d9:
                    24:57:22:7f:55:6d:b1:0d:3c:c4:19:4a:cd:e1:48:
                    7b:76:a9:ee:08:a2:32:eb:48:bf:70:8d:56:4b:f9:
                    10:3c:8a:a4:f7:0d:e1:f8:14:09:e7:39:f6:e3:bd:
                    4b:e5:ec:95:1d:dc:9e:25:c4:d0:f9:dd:d9:6d:93:
                    bb:cc:58:8b:a4:e6:24:a4:2b:d0:35:29:d8:a1:dd:
                    9d:e6:91:56:20:56:52:23:60:5c:28:35:7f:6d:c8:
                    0e:30:5b:49:d4:f4:01:22:0e:00:40:64:0c:4c:08:
                    5a:97:02:91:80:7b:9e:35:8e:03:d4:da:e4:3c:fd:
                    5c:4b:f9:d3:a6:11:4d:e1:19:cd:d7:17:6e:94:ee:
                    d0:95:b0:2f:6c:2e:80:36:cd:fe:cf:96:de:f2:78:
                    b6:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:58:3B:66:FE:7E:3B:66:BB:49:76:83:3C:50:35:CA:5D:15:7E:C3
            X509v3 Authority Key Identifier:
                keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:f8:83:20:b5:17:74:dd:8c:66:ac:73:ba:f9:0f:1e:3a:30:
         45:61:ab:3c:49:bd:f7:11:c9:b2:0c:6a:29:49:9a:4f:88:b5:
         6d:7a:3d:eb:2b:11:34:7e:d3:03:46:4b:0f:bf:14:21:1c:3f:
         80:07:99:54:fb:27:3d:ea:e1:df:24:5f:e6:4b:e8:e3:d0:14:
         5b:a8:36:5b:4d:82:9f:c3:7c:47:b5:00:2d:cf:64:0e:34:d8:
         53:f4:b5:18:60:9b:1b:4c:61:c6:1d:64:95:f9:e9:99:65:a5:
         4e:9a:33:d5:70:76:fb:b3:b5:d6:d9:69:93:b7:03:f2:91:04:
         b5:84:ec:c3:bf:c3:9c:a3:3d:8f:a5:3f:1b:f1:b7:da:de:07:
         c2:3b:fd:d3:89:19:1d:67:46:f6:d8:5f:e1:ed:cc:6e:bf:ac:
         7f:49:8f:1a:08:70:a5:02:ca:de:7d:6a:d3:19:0d:3c:cf:1d:
         6f:ea:8f:ff:75:cd:47:c3:49:7b:60:6b:89:8d:cd:2a:70:f4:
         68:42:09:18:46:7c:59:e9:79:d0:0a:f5:d1:4e:af:4f:af:93:
         f2:1e:5e:96:e4:22:f1:a4:8d:77:27:d4:0e:6b:42:60:16:d3:
         1e:fc:4a:9f:e7:b8:fe:47:43:4b:7d:c4:6a:72:82:72:d3:aa:
         f5:97:c2:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmOT4t8w8pYikjoEDSp+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm
ZGYwMzAwHhcNMjUxMTA0MTYwMDExWhcNMjUxMTA1MTYwMDExWjAzMTEwLwYDVQQD
EygwZjU4M2I2NmZlN2UzYjY2YmI0OTc2ODMzYzUwMzVjYTVkMTU3ZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lJpvVt4Zb+hz6jERY2K0RkYlUk+
Ued7nNj7z/Wz8sF/zMlnkKxjgYzDXH32SQ0/sC2gtDipuWTRZ1x6EmL08ib/fbA5
RAA+XLXpCo3TbE7b/ItSGEJrniI3AudaU1YQoUtpnn7I/NkkVyJ/VW2xDTzEGUrN
4Uh7dqnuCKIy60i/cI1WS/kQPIqk9w3h+BQJ5zn2471L5eyVHdyeJcTQ+d3ZbZO7
zFiLpOYkpCvQNSnYod2d5pFWIFZSI2BcKDV/bcgOMFtJ1PQBIg4AQGQMTAhalwKR
gHueNY4D1NrkPP1cS/nTphFN4RnN1xdulO7QlbAvbC6ANs3+z5be8ni2SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9YO2b+fjtmu0l2gzxQNcpdFX7DMB8GA1UdIwQY
MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt
Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5
LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAePiDILUX
dN2MZqxzuvkPHjowRWGrPEm99xHJsgxqKUmaT4i1bXo96ysRNH7TA0ZLD78UIRw/
gAeZVPsnPerh3yRf5kvo49AUW6g2W02Cn8N8R7UALc9kDjTYU/S1GGCbG0xhxh1k
lfnpmWWlTpoz1XB2+7O11tlpk7cD8pEEtYTsw7/DnKM9j6U/G/G32t4Hwjv904kZ
HWdG9thf4e3Mbr+sf0mPGghwpQLK3n1q0xkNPM8db+qP/3XNR8NJe2BriY3NKnD0
aEIJGEZ8Wel50Ar10U6vT6+T8h5eluQi8aSNdyfUDmtCYBbTHvxKn+e4/kdDS33E
anKCctOq9ZfCDA==
-----END CERTIFICATE-----