Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
File:                     1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json)
Hash identifier:          ivYepIG2VR/KaIil5yX/mDspuU4x/Iwx9aS7cRA0X5A=
Subject key identifier:   EC:43:0F:69:1D:C8:A0:B7:2E:83:8B:B7:24:26:D4:E8:14:D0:C3:30
Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21
Certificate issuer:       /CN=d60ce3443860a7f70d43350776909a4810a48621
Certificate serial:       019A50E262A0B0BEEC266FD81B4C0DB6179B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
Manifest number:          0C53
Signing time:             Tue 04 Nov 2025 22:00:04 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:04 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:04 +0000
Files and hashes:         1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: b2AaMlwPFI/1jnl14fdcMcVhQ1Pj99wNN0iq27zOEPM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:62:a0:b0:be:ec:26:6f:d8:1b:4c:0d:b6:17:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621
        Validity
            Not Before: Nov  4 22:00:04 2025 GMT
            Not After : Nov  5 22:00:04 2025 GMT
        Subject: CN=ec430f691dc8a0b72e838bb72426d4e814d0c330
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:58:12:d2:70:5a:de:3e:74:70:5e:30:99:ad:
                    1f:39:53:f6:6d:70:b0:f6:b5:3f:e5:41:b2:9d:0d:
                    93:40:10:ae:c2:54:87:d0:88:f0:1f:89:ad:d6:9d:
                    07:d1:50:24:79:bf:28:ef:42:a7:97:dd:8a:82:5a:
                    b3:ed:ad:24:d2:89:2b:2b:dc:e7:91:f9:13:56:19:
                    a6:a7:96:b1:a4:48:5d:93:a2:21:5b:e1:74:ef:3e:
                    66:09:ee:f8:8e:36:24:5e:ed:7b:4f:0f:f3:b9:24:
                    b2:21:01:41:6c:93:af:dc:c3:43:47:43:84:b0:67:
                    17:0f:58:61:66:ce:a4:4e:bf:f7:3c:2b:f9:66:73:
                    5f:b4:1e:45:a5:82:06:d7:82:1d:c4:ed:45:e6:81:
                    6b:5a:cf:6a:09:fe:4e:70:80:26:b6:65:7b:6b:84:
                    e5:7f:d9:1b:92:b3:2c:44:04:27:87:28:d5:af:ee:
                    06:35:56:72:3e:00:61:a1:7f:6e:15:7d:50:18:e0:
                    57:9a:31:2e:4f:9d:15:6f:39:1f:8e:c4:ed:a4:f7:
                    70:61:4b:83:1b:c0:5c:1e:62:d4:02:f1:2d:bb:7a:
                    ab:c6:ed:c1:16:e3:24:a6:6f:23:6e:db:47:93:24:
                    88:e5:0e:0d:f3:1c:1f:84:86:76:9d:14:d0:b8:99:
                    9f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:43:0F:69:1D:C8:A0:B7:2E:83:8B:B7:24:26:D4:E8:14:D0:C3:30
            X509v3 Authority Key Identifier:
                keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:df:d1:0d:bc:be:fb:f3:00:30:b3:47:bc:ab:3f:77:34:ba:
         04:9c:59:08:0c:4b:e4:b0:e6:33:b9:e8:4a:69:5f:95:5f:6c:
         5a:90:9b:3c:50:4c:24:67:32:1f:54:f5:79:1c:4b:08:8e:d5:
         6f:bd:a1:a6:49:2b:cd:f6:b2:ba:64:63:e4:89:b5:18:fb:f8:
         22:f0:e2:59:02:29:9c:06:18:33:b6:23:48:4a:5a:b8:52:e0:
         59:33:88:55:c9:a1:39:4e:79:dc:2b:f4:57:1e:45:b8:68:2a:
         0a:82:40:df:83:c5:b7:b4:e6:5a:42:84:33:a5:0f:89:db:10:
         81:2e:fd:81:c0:60:e8:83:2b:28:2b:cc:c9:8a:b8:11:ef:67:
         7c:c7:d1:21:bf:ea:04:11:76:8b:6d:ac:c4:c5:0a:04:d6:ba:
         ad:7f:4b:33:52:a1:de:56:e5:39:dc:bf:b9:d9:60:87:4d:98:
         6d:85:e0:92:f3:55:8e:bd:f1:ac:47:67:41:a4:ab:02:9f:0c:
         43:b7:da:c4:b5:44:62:44:41:5c:f9:a3:fe:c0:b9:5a:b5:c1:
         6f:16:38:a8:70:3e:e0:e4:42:72:7b:2e:7e:94:77:e6:2e:0c:
         04:ab:dd:29:34:b3:52:58:f6:b1:f6:4f:ca:07:cc:a8:2a:1d:
         b4:f2:a0:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4mKgsL7sJm/YG0wNthebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh
NDg2MjEwHhcNMjUxMTA0MjIwMDA0WhcNMjUxMTA1MjIwMDA0WjAzMTEwLwYDVQQD
EyhlYzQzMGY2OTFkYzhhMGI3MmU4MzhiYjcyNDI2ZDRlODE0ZDBjMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1gS0nBa3j50cF4wma0fOVP2bXCw
9rU/5UGynQ2TQBCuwlSH0IjwH4mt1p0H0VAkeb8o70Knl92Kglqz7a0k0okrK9zn
kfkTVhmmp5axpEhdk6IhW+F07z5mCe74jjYkXu17Tw/zuSSyIQFBbJOv3MNDR0OE
sGcXD1hhZs6kTr/3PCv5ZnNftB5FpYIG14IdxO1F5oFrWs9qCf5OcIAmtmV7a4Tl
f9kbkrMsRAQnhyjVr+4GNVZyPgBhoX9uFX1QGOBXmjEuT50VbzkfjsTtpPdwYUuD
G8BcHmLUAvEtu3qrxu3BFuMkpm8jbttHkySI5Q4N8xwfhIZ2nRTQuJmfWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxDD2kdyKC3LoOLtyQm1OgU0MMwMB8GA1UdIwQY
MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct
ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk
LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMN/RDby+
+/MAMLNHvKs/dzS6BJxZCAxL5LDmM7noSmlflV9sWpCbPFBMJGcyH1T1eRxLCI7V
b72hpkkrzfayumRj5Im1GPv4IvDiWQIpnAYYM7YjSEpauFLgWTOIVcmhOU553Cv0
Vx5FuGgqCoJA34PFt7TmWkKEM6UPidsQgS79gcBg6IMrKCvMyYq4Ee9nfMfRIb/q
BBF2i22sxMUKBNa6rX9LM1Kh3lblOdy/udlgh02YbYXgkvNVjr3xrEdnQaSrAp8M
Q7faxLVEYkRBXPmj/sC5WrXBbxY4qHA+4ORCcnsufpR35i4MBKvdKTSzUlj2sfZP
ygfMqCodtPKg3g==
-----END CERTIFICATE-----