Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
File:                     xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json)
Hash identifier:          HxmeFm+kEVCW/TU5jGsKD917Apk+7XiI5xipcQwZndU=
Subject key identifier:   3A:D4:81:15:26:20:23:18:CC:55:17:A0:B5:9A:E8:52:5A:82:BB:4A
Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
Certificate issuer:       /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Certificate serial:       019A533EDED04B4DFC72C1C6F7482B171FE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
Manifest number:          1480
Signing time:             Wed 05 Nov 2025 09:00:20 +0000
Manifest this update:     Wed 05 Nov 2025 09:00:20 +0000
Manifest next update:     Thu 06 Nov 2025 09:00:20 +0000
Files and hashes:         1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: 4Nea1Mt/g8sVyzTtB7DmwwO7Y8l/gZwnTr7KGAMpoBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 09:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:53:3e:de:d0:4b:4d:fc:72:c1:c6:f7:48:2b:17:1f:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
        Validity
            Not Before: Nov  5 09:00:20 2025 GMT
            Not After : Nov  6 09:00:20 2025 GMT
        Subject: CN=3ad4811526202318cc5517a0b59ae8525a82bb4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:dc:e5:fe:75:43:7b:8c:db:8b:f2:ce:9e:1a:
                    f3:3c:45:a4:6c:e1:7d:54:3b:24:40:e3:4e:f9:be:
                    62:47:ae:f4:4d:0b:c3:b2:c4:c5:52:28:e1:53:cb:
                    09:cf:ee:e3:e3:75:41:89:fb:92:d0:8a:f2:82:99:
                    a0:0d:34:0a:44:4e:70:a3:f2:eb:1c:0d:21:f0:8d:
                    e1:d3:07:ca:d3:4a:9f:13:4c:50:c4:d9:26:79:eb:
                    fc:f8:ba:4e:51:24:9d:f9:fc:f1:cb:82:f5:88:18:
                    a3:fa:ac:18:e8:db:34:b6:15:de:5b:7f:4f:1b:59:
                    88:c0:c7:63:36:67:75:bd:03:ba:07:34:0d:ef:f2:
                    13:5b:38:9f:cd:d8:0d:dd:05:56:f1:2b:7f:26:cd:
                    4e:8b:bf:b5:f2:f9:e9:82:42:f7:4b:6d:3a:4c:b5:
                    4a:30:43:ed:bd:74:8f:6a:b5:9a:3d:a8:c3:60:de:
                    f0:1c:a8:e3:d1:49:76:39:61:79:80:4d:ae:77:75:
                    ef:37:42:38:a0:f0:3f:62:bc:bc:61:19:c3:ed:a8:
                    0b:43:51:b6:af:d6:d1:ee:cb:5e:8f:3b:b6:37:76:
                    0a:6f:e0:b2:37:9c:5f:c2:61:eb:00:15:ae:84:2a:
                    2d:33:a6:34:2f:f8:70:84:ed:a2:67:55:70:65:a3:
                    d1:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:D4:81:15:26:20:23:18:CC:55:17:A0:B5:9A:E8:52:5A:82:BB:4A
            X509v3 Authority Key Identifier:
                keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:bc:5f:ac:4f:ca:77:91:69:58:29:6e:04:f9:43:68:3a:f6:
         dd:04:e8:1d:4d:c4:9b:e9:c4:f3:f0:35:74:a0:84:43:8e:63:
         d4:15:4d:a6:8e:87:de:04:df:91:7e:f6:85:48:1a:23:45:0a:
         7f:ba:91:5b:4d:09:5d:a8:16:88:10:c4:e0:d7:1a:2d:42:ef:
         f8:83:db:db:db:2a:c8:46:6d:98:b2:a9:c0:46:67:79:52:29:
         53:4c:64:02:68:bd:a2:dc:3d:57:de:7d:70:68:ec:29:76:0c:
         15:84:7d:20:76:1c:91:fe:59:ab:c9:0f:14:25:15:cd:ad:84:
         93:21:22:3a:c2:24:49:dd:09:eb:7d:b5:67:ae:e1:fc:56:cc:
         ae:e3:57:5a:fa:f3:f3:57:a7:58:35:8d:7b:d8:03:b1:eb:05:
         86:1c:90:a8:1c:72:38:0d:96:ae:54:47:ec:ed:63:cb:e9:0c:
         95:fb:e5:53:93:56:3b:e7:4a:57:be:0a:10:d8:45:2b:85:3b:
         c5:29:ae:9e:56:40:43:d1:ec:2d:97:bc:7f:82:ba:d2:97:28:
         6f:69:a5:ba:41:18:48:b8:a5:fa:0a:be:b9:f2:e6:95:50:29:
         c8:d4:db:64:39:70:44:e7:aa:0e:ef:4e:3a:81:bb:a4:4f:e3:
         72:55:a5:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTPt7QS038csHG90grFx/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0
MGNiODIwHhcNMjUxMTA1MDkwMDIwWhcNMjUxMTA2MDkwMDIwWjAzMTEwLwYDVQQD
EygzYWQ0ODExNTI2MjAyMzE4Y2M1NTE3YTBiNTlhZTg1MjVhODJiYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutzl/nVDe4zbi/LOnhrzPEWkbOF9
VDskQONO+b5iR670TQvDssTFUijhU8sJz+7j43VBifuS0IrygpmgDTQKRE5wo/Lr
HA0h8I3h0wfK00qfE0xQxNkmeev8+LpOUSSd+fzxy4L1iBij+qwY6Ns0thXeW39P
G1mIwMdjNmd1vQO6BzQN7/ITWzifzdgN3QVW8St/Js1Oi7+18vnpgkL3S206TLVK
MEPtvXSParWaPajDYN7wHKjj0Ul2OWF5gE2ud3XvN0I4oPA/Yry8YRnD7agLQ1G2
r9bR7stejzu2N3YKb+CyN5xfwmHrABWuhCotM6Y0L/hwhO2iZ1VwZaPRDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrUgRUmICMYzFUXoLWa6FJagrtKMB8GA1UdIwQY
MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt
ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0
LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdbxfrE/K
d5FpWCluBPlDaDr23QToHU3Em+nE8/A1dKCEQ45j1BVNpo6H3gTfkX72hUgaI0UK
f7qRW00JXagWiBDE4NcaLULv+IPb29sqyEZtmLKpwEZneVIpU0xkAmi9otw9V959
cGjsKXYMFYR9IHYckf5Zq8kPFCUVza2EkyEiOsIkSd0J6321Z67h/FbMruNXWvrz
81enWDWNe9gDsesFhhyQqBxyOA2WrlRH7O1jy+kMlfvlU5NWO+dKV74KENhFK4U7
xSmunlZAQ9HsLZe8f4K60pcob2mlukEYSLil+gq+ufLmlVApyNTbZDlwROeqDu9O
OoG7pE/jclWlqg==
-----END CERTIFICATE-----