Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
File:                     iX81rEgorqlfpdLYBNM6ewz_RYo.mft (raw, json)
Hash identifier:          2G1LvmWl80uk0UkAaN/QfWYfrLO0+vauOMr5KYP5yXk=
Subject key identifier:   FA:8A:A6:F4:F7:A1:0B:B1:71:6A:A4:C8:C0:1D:F2:38:61:AC:71:F5
Authority key identifier: 89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A
Certificate issuer:       /CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
Certificate serial:       019A5074D3EC37FE8A4EF8256533E2C46DC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
Manifest number:          05CF
Signing time:             Tue 04 Nov 2025 20:00:24 +0000
Manifest this update:     Tue 04 Nov 2025 20:00:24 +0000
Manifest next update:     Wed 05 Nov 2025 20:00:24 +0000
Files and hashes:         1: iX81rEgorqlfpdLYBNM6ewz_RYo.crl (hash: +8devMV0tHD0z3m1t9Xlgl0AFGAzWqmw0epkXKv8y1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:74:d3:ec:37:fe:8a:4e:f8:25:65:33:e2:c4:6d:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
        Validity
            Not Before: Nov  4 20:00:24 2025 GMT
            Not After : Nov  5 20:00:24 2025 GMT
        Subject: CN=fa8aa6f4f7a10bb1716aa4c8c01df23861ac71f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:42:29:8c:34:3a:38:c9:83:4b:e1:c5:96:08:
                    b2:fc:f5:3a:e9:37:45:2c:74:5a:92:18:b7:91:ee:
                    c3:61:c2:64:b3:85:71:2d:f9:96:6a:26:fe:21:f0:
                    b7:3f:f5:02:35:d3:22:b5:2b:de:ff:b1:b8:27:62:
                    26:ff:c2:c0:61:a5:30:1a:52:13:62:fa:5e:ff:68:
                    50:6b:25:41:8e:67:ed:0a:ac:67:b3:44:2a:b3:a4:
                    58:23:76:49:6f:02:3b:3b:02:1e:54:dc:bf:ba:af:
                    99:6a:4d:8e:ce:5e:d1:f0:9c:7d:81:75:ff:f9:91:
                    de:05:45:f2:f4:25:34:49:69:7e:72:73:4e:ae:4e:
                    30:a4:2c:e5:71:85:9a:cf:1f:74:79:13:13:77:aa:
                    eb:da:9f:b0:da:39:9a:ed:6c:80:78:1c:aa:bb:15:
                    24:0e:87:ab:d8:f7:db:d2:27:c3:29:9f:0b:32:62:
                    a4:90:82:17:0a:de:5d:75:79:a6:f4:45:1f:73:6f:
                    99:8b:70:99:93:19:19:71:1b:e2:24:8a:2d:e3:1a:
                    f4:bb:e7:c2:f4:1e:a3:cc:02:57:50:64:18:0c:2a:
                    13:c5:18:cd:8c:51:26:82:07:7f:a4:8b:69:73:6b:
                    d4:61:a0:04:d7:91:a6:be:39:52:21:c6:59:2d:7f:
                    8e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:8A:A6:F4:F7:A1:0B:B1:71:6A:A4:C8:C0:1D:F2:38:61:AC:71:F5
            X509v3 Authority Key Identifier:
                keyid:89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:e3:e1:13:fa:10:da:e4:a3:52:1d:c5:6e:9d:81:db:96:2b:
         bd:59:94:08:18:6f:3c:57:c9:93:ff:58:c3:ea:a6:29:ca:cd:
         c0:ee:e0:3a:22:82:27:d7:04:03:3b:a6:c6:e9:cc:b9:97:7b:
         b6:94:03:8d:4a:99:80:6b:75:ca:ca:ba:06:6d:93:a3:19:b1:
         da:08:d7:54:e9:d5:03:06:7a:c1:6f:ca:00:96:4d:7f:76:7f:
         2e:a8:df:16:99:06:18:1a:93:37:02:be:c3:2c:69:be:af:ae:
         fa:b9:d0:4c:95:da:d8:fe:db:f5:15:50:de:e2:c9:6e:35:5c:
         8f:ba:00:48:5d:62:5e:10:06:06:12:3c:d8:b8:49:c1:c5:3f:
         b9:d8:6b:04:a8:b1:a6:8f:e3:02:5a:5c:b6:01:dc:e7:f1:4f:
         16:6d:2b:57:c6:70:17:3d:f7:e3:7d:f0:86:96:e7:81:ad:2f:
         01:8c:85:ca:03:5c:26:f6:bb:4c:30:ad:ed:5c:0f:99:69:61:
         c2:e3:e9:07:f4:c8:a8:73:e9:fb:3d:56:c1:23:d1:b5:99:45:
         b3:f3:e7:32:34:14:05:4e:a4:5a:89:f4:64:f6:f2:83:11:20:
         b5:af:5f:47:29:d5:c0:6f:fc:e4:82:d8:49:16:68:3f:18:34:
         0b:7b:22:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdNPsN/6KTvglZTPixG3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5N2YzNWFjNDgyOGFlYTk1ZmE1ZDJkODA0ZDMzYTdiMGNm
ZjQ1OGEwHhcNMjUxMTA0MjAwMDI0WhcNMjUxMTA1MjAwMDI0WjAzMTEwLwYDVQQD
EyhmYThhYTZmNGY3YTEwYmIxNzE2YWE0YzhjMDFkZjIzODYxYWM3MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukIpjDQ6OMmDS+HFlgiy/PU66TdF
LHRakhi3ke7DYcJks4VxLfmWaib+IfC3P/UCNdMitSve/7G4J2Im/8LAYaUwGlIT
Yvpe/2hQayVBjmftCqxns0Qqs6RYI3ZJbwI7OwIeVNy/uq+Zak2Ozl7R8Jx9gXX/
+ZHeBUXy9CU0SWl+cnNOrk4wpCzlcYWazx90eRMTd6rr2p+w2jma7WyAeByquxUk
Doer2Pfb0ifDKZ8LMmKkkIIXCt5ddXmm9EUfc2+Zi3CZkxkZcRviJIot4xr0u+fC
9B6jzAJXUGQYDCoTxRjNjFEmggd/pItpc2vUYaAE15GmvjlSIcZZLX+OAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqKpvT3oQuxcWqkyMAd8jhhrHH1MB8GA1UdIwQY
MBaAFIl/NaxIKK6pX6XS2ATTOnsM/0WKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYt
YjBlNDEwM2Y0OTYyLzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYtYjBlNDEwM2Y0OTYy
LzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj+PhE/oQ
2uSjUh3Fbp2B25YrvVmUCBhvPFfJk/9Yw+qmKcrNwO7gOiKCJ9cEAzumxunMuZd7
tpQDjUqZgGt1ysq6Bm2Toxmx2gjXVOnVAwZ6wW/KAJZNf3Z/LqjfFpkGGBqTNwK+
wyxpvq+u+rnQTJXa2P7b9RVQ3uLJbjVcj7oASF1iXhAGBhI82LhJwcU/udhrBKix
po/jAlpctgHc5/FPFm0rV8ZwFz33433whpbnga0vAYyFygNcJva7TDCt7VwPmWlh
wuPpB/TIqHPp+z1WwSPRtZlFs/PnMjQUBU6kWon0ZPbygxEgta9fRynVwG/85ILY
SRZoPxg0C3siwQ==
-----END CERTIFICATE-----