Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
File:                     S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft (raw, json)
Hash identifier:          vhYdC6kclHWvQ4a3FhwA21n5oaoHWCLXP2ynqHDZx1Q=
Subject key identifier:   88:1B:C6:D0:00:4C:A8:9A:FC:1E:B0:39:CD:FB:E2:99:DB:01:B6:BA
Authority key identifier: 4B:CC:D0:DB:52:F0:ED:4F:73:A6:81:E3:D3:6A:B6:C2:30:27:7D:3C
Certificate issuer:       /CN=4bccd0db52f0ed4f73a681e3d36ab6c230277d3c
Certificate serial:       019A503E4B8CADACEA4985E6E16506AE7094
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
Manifest number:          0920
Signing time:             Tue 04 Nov 2025 19:00:51 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:51 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:51 +0000
Files and hashes:         1: S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl (hash: Nx6Km6XRf2kIpq2IqMrq2fgjZF7AOTfLZF9p2s51yC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3e:4b:8c:ad:ac:ea:49:85:e6:e1:65:06:ae:70:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4bccd0db52f0ed4f73a681e3d36ab6c230277d3c
        Validity
            Not Before: Nov  4 19:00:51 2025 GMT
            Not After : Nov  5 19:00:51 2025 GMT
        Subject: CN=881bc6d0004ca89afc1eb039cdfbe299db01b6ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:e9:28:48:00:b3:1f:98:6a:22:a0:ed:c8:cd:
                    d6:38:a0:1c:b3:14:3e:88:0c:21:2a:05:9b:57:62:
                    e9:9e:49:5e:73:98:26:b0:ea:b0:a1:93:79:f6:3c:
                    aa:d4:4d:4e:ba:88:8a:05:2d:34:15:68:a1:49:4c:
                    6c:0e:d2:b1:33:28:d0:32:14:7a:5d:95:bb:d0:c0:
                    f8:67:2b:38:36:af:83:18:28:87:92:bb:24:08:04:
                    b2:27:4b:22:3c:a2:69:25:b5:d3:84:3a:70:4c:00:
                    ac:d4:7c:ad:fc:5b:52:e9:3f:e8:57:08:e4:dd:03:
                    8a:38:62:ed:f2:63:3d:16:3e:fe:5a:8d:20:0c:70:
                    d4:98:42:f5:b6:ad:81:d2:73:60:df:b5:12:6d:a5:
                    98:24:cc:a7:b7:9b:41:5e:ad:f8:e6:85:15:86:86:
                    9e:5f:66:8f:23:56:25:f6:1f:0f:af:2c:39:b7:72:
                    32:27:e2:73:23:75:22:7b:c2:55:09:16:9c:91:26:
                    3c:9a:16:c9:4f:c3:8e:1f:c1:34:e5:f7:2b:de:81:
                    9a:86:4d:1d:bc:c7:67:eb:95:0b:b0:10:85:c3:3a:
                    f0:e8:0d:99:68:1c:8c:c8:1b:9c:8c:b4:6e:7a:3a:
                    59:a6:39:9e:1d:bf:fc:83:2a:f5:ae:e1:a7:f1:88:
                    84:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:1B:C6:D0:00:4C:A8:9A:FC:1E:B0:39:CD:FB:E2:99:DB:01:B6:BA
            X509v3 Authority Key Identifier:
                keyid:4B:CC:D0:DB:52:F0:ED:4F:73:A6:81:E3:D3:6A:B6:C2:30:27:7D:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:2f:58:6c:24:d1:6a:be:ad:9f:1c:3c:ce:65:bd:b9:74:f4:
         ff:43:01:ea:c4:9e:6c:db:7c:06:59:32:ef:84:b2:96:92:93:
         f6:f4:bc:1c:a4:e1:fe:17:54:4a:f8:50:b4:61:8a:22:2a:cc:
         dc:e2:d5:61:a9:e8:b7:10:f9:85:3c:91:05:d9:bb:ab:0b:33:
         de:f7:45:20:b0:b4:f4:55:20:d0:02:97:83:11:2b:bb:74:4f:
         04:09:79:fc:aa:45:7f:5f:4d:b2:62:63:d9:13:02:52:f4:14:
         ed:6c:3b:ca:83:09:3b:01:99:ae:05:97:1e:2b:74:f0:77:21:
         83:2a:df:e2:c5:44:0c:d9:51:f7:e7:f2:d9:73:d5:8c:e2:de:
         3b:b9:ce:0b:a9:c9:9f:39:10:bd:87:e3:03:65:ca:93:ff:ca:
         db:4c:0f:09:af:c0:18:67:c0:3a:8e:7d:69:09:91:c6:19:88:
         30:4d:13:d1:47:2b:38:6a:7a:a9:67:65:8f:a9:10:51:79:c4:
         98:ed:81:f4:71:dc:18:fc:02:1a:9f:ca:e8:a6:9b:15:49:37:
         f2:07:f3:5c:d1:b2:b4:3d:a9:75:82:3f:72:c8:d2:bf:a8:de:
         86:4f:65:bc:4a:dd:8c:37:58:82:94:0b:3f:bd:49:ed:c8:42:
         16:1e:eb:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPkuMrazqSYXm4WUGrnCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiY2NkMGRiNTJmMGVkNGY3M2E2ODFlM2QzNmFiNmMyMzAy
NzdkM2MwHhcNMjUxMTA0MTkwMDUxWhcNMjUxMTA1MTkwMDUxWjAzMTEwLwYDVQQD
Eyg4ODFiYzZkMDAwNGNhODlhZmMxZWIwMzljZGZiZTI5OWRiMDFiNmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ukoSACzH5hqIqDtyM3WOKAcsxQ+
iAwhKgWbV2Lpnklec5gmsOqwoZN59jyq1E1OuoiKBS00FWihSUxsDtKxMyjQMhR6
XZW70MD4Zys4Nq+DGCiHkrskCASyJ0siPKJpJbXThDpwTACs1Hyt/FtS6T/oVwjk
3QOKOGLt8mM9Fj7+Wo0gDHDUmEL1tq2B0nNg37USbaWYJMynt5tBXq345oUVhoae
X2aPI1Yl9h8Pryw5t3IyJ+JzI3Uie8JVCRackSY8mhbJT8OOH8E05fcr3oGahk0d
vMdn65ULsBCFwzrw6A2ZaByMyBucjLRuejpZpjmeHb/8gyr1ruGn8YiETQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgbxtAATKia/B6wOc374pnbAba6MB8GA1UdIwQY
MBaAFEvM0NtS8O1Pc6aB49NqtsIwJ308MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80MWNjNTctMDZhNC00NzMyLThiZmMt
ZjNmMTViMTI2NWJiLzEvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80MWNjNTctMDZhNC00NzMyLThiZmMtZjNmMTViMTI2NWJi
LzEvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANy9YbCTR
ar6tnxw8zmW9uXT0/0MB6sSebNt8Blky74SylpKT9vS8HKTh/hdUSvhQtGGKIirM
3OLVYanotxD5hTyRBdm7qwsz3vdFILC09FUg0AKXgxEru3RPBAl5/KpFf19NsmJj
2RMCUvQU7Ww7yoMJOwGZrgWXHit08Hchgyrf4sVEDNlR9+fy2XPVjOLeO7nOC6nJ
nzkQvYfjA2XKk//K20wPCa/AGGfAOo59aQmRxhmIME0T0UcrOGp6qWdlj6kQUXnE
mO2B9HHcGPwCGp/K6KabFUk38gfzXNGytD2pdYI/csjSv6jehk9lvErdjDdYgpQL
P71J7chCFh7r6w==
-----END CERTIFICATE-----