Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
File:                     7fBEw2PXiOdDNOE24DzH_R5JohY.mft (raw, json)
Hash identifier:          8OM1ZsfzrkLBMVwFcaESO+8+wG0rhhBL10lhruEkDd0=
Subject key identifier:   98:8B:9E:67:64:BD:3D:B4:5C:DA:E5:91:9D:CA:7D:C0:EE:9E:49:BA
Authority key identifier: ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16
Certificate issuer:       /CN=edf044c363d788e74334e136e03cc7fd1e49a216
Certificate serial:       019A4EF472321B8442F3DA37B86A46B914D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
Manifest number:          0983
Signing time:             Tue 04 Nov 2025 13:00:34 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:34 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:34 +0000
Files and hashes:         1: 7fBEw2PXiOdDNOE24DzH_R5JohY.crl (hash: RxP2MwvkDv36fvAhJMyjAo02COAZ1qDZwIdHGI9UqdU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:72:32:1b:84:42:f3:da:37:b8:6a:46:b9:14:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edf044c363d788e74334e136e03cc7fd1e49a216
        Validity
            Not Before: Nov  4 13:00:34 2025 GMT
            Not After : Nov  5 13:00:34 2025 GMT
        Subject: CN=988b9e6764bd3db45cdae5919dca7dc0ee9e49ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7e:39:c0:43:01:6c:72:53:a7:1a:86:a0:12:
                    e0:43:a3:21:ab:e8:fe:78:09:3c:4a:a3:ee:70:72:
                    b2:71:87:ee:72:ef:2e:71:08:5f:c5:68:03:ce:d1:
                    44:46:be:4c:39:b6:28:3b:ad:78:af:a8:f0:90:39:
                    61:e3:19:68:eb:ca:5d:0c:bc:96:4a:c3:56:21:54:
                    30:ab:85:c0:67:a7:6c:81:78:cf:bd:5d:22:1c:61:
                    82:14:9a:f7:03:2d:2c:88:2c:0d:f8:6f:db:78:8b:
                    99:08:a4:29:4f:95:5f:3d:ab:04:f2:ec:fb:60:cf:
                    7e:eb:14:22:65:e1:e5:92:30:a2:70:76:94:b0:9a:
                    e2:56:8d:ea:8f:13:50:22:f4:4b:b3:fb:08:7e:9f:
                    f0:73:da:30:63:27:8d:b7:71:80:01:0a:28:6e:1a:
                    5d:27:7a:dc:af:0a:56:94:ab:7e:30:14:91:91:17:
                    85:fe:a7:d1:3a:70:d6:87:67:ac:17:9b:6d:b4:42:
                    88:73:a7:06:69:52:c3:c5:7c:79:0a:f0:95:50:b5:
                    16:f0:05:88:51:15:d6:47:5d:17:f7:e2:83:1b:5e:
                    6e:ca:8a:1b:ff:f2:67:35:51:1c:5f:e9:bd:4a:05:
                    67:23:89:8f:9e:bb:7e:34:54:f0:ce:52:b7:db:80:
                    92:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:8B:9E:67:64:BD:3D:B4:5C:DA:E5:91:9D:CA:7D:C0:EE:9E:49:BA
            X509v3 Authority Key Identifier:
                keyid:ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:7c:94:2c:af:5c:2c:74:5d:53:cf:a3:35:31:ef:b3:2d:2c:
         84:a0:1a:d0:44:05:a4:70:f2:1e:2d:b6:ac:e9:43:46:53:f2:
         d7:65:fd:62:86:c3:66:ce:a3:bb:f3:25:54:be:50:bd:b5:7b:
         48:49:09:a0:e9:e8:47:85:49:02:25:7a:f5:6d:17:8d:95:15:
         eb:f8:02:e7:f2:99:87:41:91:03:8c:9c:63:c3:24:03:bc:93:
         c2:12:75:81:54:dd:c0:3c:55:b9:7f:c8:91:97:66:9b:3f:9f:
         19:4f:2f:bb:18:e5:02:6f:cf:05:21:0c:ed:2a:69:fe:f3:be:
         50:8e:f6:f5:47:62:a1:fe:76:3e:b9:e7:00:89:9f:fc:19:dc:
         f6:d4:bd:fe:7c:b2:d1:d5:9f:ce:df:b2:d9:d5:8b:3e:2b:38:
         b5:d0:38:dd:cf:5e:52:29:35:4a:7a:d4:54:2b:31:72:67:30:
         58:6e:de:86:d1:cc:99:7d:d7:1a:07:c1:5e:7d:9a:c4:dd:03:
         5c:f2:2c:28:ee:67:8a:05:ef:11:90:4f:36:20:e2:60:c8:b4:
         79:17:1c:46:f4:ca:fb:47:50:a3:f0:63:5d:13:e9:52:a5:1e:
         4a:0b:71:b3:9b:a4:00:90:0b:88:3d:7d:f0:18:68:f2:d8:91:
         0f:ea:c3:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9HIyG4RC89o3uGpGuRTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZjA0NGMzNjNkNzg4ZTc0MzM0ZTEzNmUwM2NjN2ZkMWU0
OWEyMTYwHhcNMjUxMTA0MTMwMDM0WhcNMjUxMTA1MTMwMDM0WjAzMTEwLwYDVQQD
Eyg5ODhiOWU2NzY0YmQzZGI0NWNkYWU1OTE5ZGNhN2RjMGVlOWU0OWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn345wEMBbHJTpxqGoBLgQ6Mhq+j+
eAk8SqPucHKycYfucu8ucQhfxWgDztFERr5MObYoO614r6jwkDlh4xlo68pdDLyW
SsNWIVQwq4XAZ6dsgXjPvV0iHGGCFJr3Ay0siCwN+G/beIuZCKQpT5VfPasE8uz7
YM9+6xQiZeHlkjCicHaUsJriVo3qjxNQIvRLs/sIfp/wc9owYyeNt3GAAQoobhpd
J3rcrwpWlKt+MBSRkReF/qfROnDWh2esF5tttEKIc6cGaVLDxXx5CvCVULUW8AWI
URXWR10X9+KDG15uyoob//JnNVEcX+m9SgVnI4mPnrt+NFTwzlK324CS4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiLnmdkvT20XNrlkZ3KfcDunkm6MB8GA1UdIwQY
MBaAFO3wRMNj14jnQzThNuA8x/0eSaIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQt
MmZlMTU5NGRkYzljLzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQtMmZlMTU5NGRkYzlj
LzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI3yULK9c
LHRdU8+jNTHvsy0shKAa0EQFpHDyHi22rOlDRlPy12X9YobDZs6ju/MlVL5QvbV7
SEkJoOnoR4VJAiV69W0XjZUV6/gC5/KZh0GRA4ycY8MkA7yTwhJ1gVTdwDxVuX/I
kZdmmz+fGU8vuxjlAm/PBSEM7Spp/vO+UI729Udiof52PrnnAImf/Bnc9tS9/nyy
0dWfzt+y2dWLPis4tdA43c9eUik1SnrUVCsxcmcwWG7ehtHMmX3XGgfBXn2axN0D
XPIsKO5nigXvEZBPNiDiYMi0eRccRvTK+0dQo/BjXRPpUqUeSgtxs5ukAJALiD19
8Bho8tiRD+rDxw==
-----END CERTIFICATE-----