Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
File:                     FSj8hxfpGa4HJhquKNjIRWTIpxI.mft (raw, json)
Hash identifier:          8rnL9tFT0BG8r1Gjb5j1hu15tC1d/Utlu8BVlI97vZM=
Subject key identifier:   E7:8A:96:9D:8D:73:74:4E:9B:85:4F:FA:DA:E5:3F:DE:55:E4:C0:19
Authority key identifier: 15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12
Certificate issuer:       /CN=1528fc8717e919ae07261aae28d8c84564c8a712
Certificate serial:       019A4DAAF5847C87AB0ABEE1B5A3B37C01D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
Manifest number:          106C
Signing time:             Tue 04 Nov 2025 07:00:40 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:40 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:40 +0000
Files and hashes:         1: FSj8hxfpGa4HJhquKNjIRWTIpxI.crl (hash: xSpq7UPdKDtFyzFT4SpLTT+Q/afWASMPrObTPfHnHu0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:f5:84:7c:87:ab:0a:be:e1:b5:a3:b3:7c:01:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1528fc8717e919ae07261aae28d8c84564c8a712
        Validity
            Not Before: Nov  4 07:00:40 2025 GMT
            Not After : Nov  5 07:00:40 2025 GMT
        Subject: CN=e78a969d8d73744e9b854ffadae53fde55e4c019
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d2:b2:9e:31:54:12:3b:39:a4:06:0e:15:91:
                    48:42:f5:3d:b9:df:d1:19:c0:ea:3f:62:a0:a2:c4:
                    03:a3:63:e7:da:89:b2:f2:aa:ab:10:1e:e8:1b:96:
                    b7:46:25:e3:30:d9:11:6c:c9:f3:95:89:84:dd:c9:
                    1e:32:41:5b:ef:66:da:67:d2:4d:2b:5e:14:8a:e3:
                    eb:b1:37:fa:66:9b:4a:12:57:7d:76:86:88:cb:aa:
                    1a:4b:fc:eb:cf:3a:43:59:23:b2:83:f2:d6:1b:34:
                    fa:ed:f4:2c:99:28:af:50:59:d4:77:69:67:2e:25:
                    af:07:ab:a1:90:b0:e1:a2:77:c8:1a:82:0b:ea:c6:
                    d3:05:4c:af:3d:dd:a7:7b:28:61:03:f8:f2:5f:4b:
                    f0:c0:b3:65:e0:57:74:83:05:6e:46:dc:bf:11:06:
                    2f:ce:26:68:7c:0e:f3:3a:32:05:46:ae:c7:e7:8e:
                    fe:37:b4:fa:74:20:5c:8e:c1:72:59:d5:89:28:5d:
                    8c:39:b5:68:5b:07:12:55:cf:da:06:8a:d1:c5:f0:
                    63:cd:78:d0:13:52:bf:83:f6:15:b6:87:0f:49:5d:
                    2b:27:d2:dd:37:a2:9b:d1:39:85:10:5d:df:ba:21:
                    af:39:4b:41:6e:12:03:44:ed:77:ca:9f:9e:f7:4c:
                    c6:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:8A:96:9D:8D:73:74:4E:9B:85:4F:FA:DA:E5:3F:DE:55:E4:C0:19
            X509v3 Authority Key Identifier:
                keyid:15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:57:7a:80:c8:8d:ba:10:08:a9:f4:e9:08:39:d5:39:bc:2b:
         6b:53:b0:f5:64:e5:bf:e2:55:cc:49:e0:7d:ee:8d:09:8c:d4:
         cb:20:ce:9f:65:dc:d6:35:bd:86:ca:06:66:95:5a:ee:49:80:
         12:84:51:fc:d7:88:d6:fe:67:34:bd:40:a1:59:1a:db:33:63:
         64:ab:34:4d:8a:23:d3:6e:10:78:e4:bc:36:cc:b5:9b:7a:0d:
         9f:a2:98:8b:73:e9:50:7a:33:c6:42:e1:21:0a:02:d0:3e:b1:
         62:3c:aa:f0:c8:b6:5d:17:f7:8b:59:47:dc:40:b7:80:7d:b9:
         96:9c:f5:24:36:b5:9f:79:ab:89:31:b7:b9:91:0b:cd:d1:41:
         69:ec:c4:47:30:f8:db:0f:7d:c4:19:91:68:b5:e4:0e:df:69:
         af:3f:3c:c6:be:f6:26:46:99:3c:04:a8:d1:da:41:6a:51:40:
         6f:88:28:e5:3f:87:48:62:b8:d9:6b:ca:5d:3a:b6:56:36:ff:
         9a:cf:91:1b:67:24:a5:0d:ed:d0:f8:70:69:81:64:5b:a4:7f:
         d3:65:24:99:54:f1:ea:02:28:80:49:d4:ba:11:ce:43:95:46:
         ae:42:c3:e3:7b:a9:0b:90:d0:2d:c7:6d:6b:01:23:88:3a:9a:
         64:34:56:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqvWEfIerCr7htaOzfAHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MjhmYzg3MTdlOTE5YWUwNzI2MWFhZTI4ZDhjODQ1NjRj
OGE3MTIwHhcNMjUxMTA0MDcwMDQwWhcNMjUxMTA1MDcwMDQwWjAzMTEwLwYDVQQD
EyhlNzhhOTY5ZDhkNzM3NDRlOWI4NTRmZmFkYWU1M2ZkZTU1ZTRjMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdKynjFUEjs5pAYOFZFIQvU9ud/R
GcDqP2KgosQDo2Pn2omy8qqrEB7oG5a3RiXjMNkRbMnzlYmE3ckeMkFb72baZ9JN
K14UiuPrsTf6ZptKEld9doaIy6oaS/zrzzpDWSOyg/LWGzT67fQsmSivUFnUd2ln
LiWvB6uhkLDhonfIGoIL6sbTBUyvPd2neyhhA/jyX0vwwLNl4Fd0gwVuRty/EQYv
ziZofA7zOjIFRq7H547+N7T6dCBcjsFyWdWJKF2MObVoWwcSVc/aBorRxfBjzXjQ
E1K/g/YVtocPSV0rJ9LdN6Kb0TmFEF3fuiGvOUtBbhIDRO13yp+e90zGOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOeKlp2Nc3ROm4VP+trlP95V5MAZMB8GA1UdIwQY
MBaAFBUo/IcX6RmuByYarijYyEVkyKcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTkt
NjcxMDcyZjkxYTEzLzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTktNjcxMDcyZjkxYTEz
LzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc1d6gMiN
uhAIqfTpCDnVObwra1Ow9WTlv+JVzEngfe6NCYzUyyDOn2Xc1jW9hsoGZpVa7kmA
EoRR/NeI1v5nNL1AoVka2zNjZKs0TYoj024QeOS8Nsy1m3oNn6KYi3PpUHozxkLh
IQoC0D6xYjyq8Mi2XRf3i1lH3EC3gH25lpz1JDa1n3mriTG3uZELzdFBaezERzD4
2w99xBmRaLXkDt9prz88xr72JkaZPASo0dpBalFAb4go5T+HSGK42WvKXTq2Vjb/
ms+RG2ckpQ3t0PhwaYFkW6R/02UkmVTx6gIogEnUuhHOQ5VGrkLD43upC5DQLcdt
awEjiDqaZDRWCA==
-----END CERTIFICATE-----