Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c32529-b08b-4235-b9b9-e869b34d2c6a/1/27s70rCfy7vfiVsOOpxaAGRW_aY.mft
File:                     27s70rCfy7vfiVsOOpxaAGRW_aY.mft (raw, json)
Hash identifier:          kcNK7L5U7JIps4NRr61DRg5i15cRntad+lHJA21J8YY=
Subject key identifier:   6C:49:7A:78:AA:F1:78:37:1B:BD:C9:D1:5C:33:41:23:29:9F:48:8F
Authority key identifier: DB:BB:3B:D2:B0:9F:CB:BB:DF:89:5B:0E:3A:9C:5A:00:64:56:FD:A6
Certificate issuer:       /CN=dbbb3bd2b09fcbbbdf895b0e3a9c5a006456fda6
Certificate serial:       019A4E4F49A196A655BAAA9F7154B1058421
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/27s70rCfy7vfiVsOOpxaAGRW_aY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/c32529-b08b-4235-b9b9-e869b34d2c6a/1/27s70rCfy7vfiVsOOpxaAGRW_aY.mft
Manifest number:          0877
Signing time:             Tue 04 Nov 2025 10:00:10 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:10 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:10 +0000
Files and hashes:         1: 27s70rCfy7vfiVsOOpxaAGRW_aY.crl (hash: i7frPGAsNDYBNrvuQi7zirQCB1KX1Fvsp6jiTJSg8jU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/c32529-b08b-4235-b9b9-e869b34d2c6a/1/27s70rCfy7vfiVsOOpxaAGRW_aY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/c32529-b08b-4235-b9b9-e869b34d2c6a/1/27s70rCfy7vfiVsOOpxaAGRW_aY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/27s70rCfy7vfiVsOOpxaAGRW_aY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:49:a1:96:a6:55:ba:aa:9f:71:54:b1:05:84:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbbb3bd2b09fcbbbdf895b0e3a9c5a006456fda6
        Validity
            Not Before: Nov  4 10:00:10 2025 GMT
            Not After : Nov  5 10:00:10 2025 GMT
        Subject: CN=6c497a78aaf178371bbdc9d15c334123299f488f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:4d:27:f3:ec:50:be:7b:4f:ad:ef:64:5f:4d:
                    f8:45:f8:6e:8f:f3:a3:a3:2a:81:fc:52:f3:7d:66:
                    a7:b0:f6:aa:ea:98:6a:19:3e:a6:2b:16:2b:21:55:
                    b8:d9:5a:61:c3:ff:58:23:ac:a6:81:1e:12:2a:a8:
                    ed:6c:79:f0:64:dd:3b:e1:5c:e7:c1:cd:57:a0:ba:
                    5a:c5:00:06:9f:5f:47:1a:ea:06:e3:73:08:a7:2b:
                    87:30:9c:c6:c6:95:12:0c:a7:37:04:c5:db:d1:49:
                    57:45:d9:26:a5:41:c6:32:2d:8e:89:11:54:13:55:
                    5c:a4:cf:2d:7c:ab:34:c8:84:9d:7e:9e:63:75:4f:
                    d5:1e:7a:41:0c:db:32:52:fd:b5:e8:e7:65:3f:e0:
                    cb:77:af:98:e1:1d:6f:f3:2f:49:f9:60:c0:6a:f6:
                    19:1f:e7:c9:be:86:33:9e:e4:a7:af:e2:ee:87:dc:
                    79:a4:c1:92:7d:df:84:8e:5c:b2:79:40:9e:13:65:
                    c3:7d:4c:a8:37:a8:ed:d6:2d:3f:88:8e:5d:fd:24:
                    7b:7a:a9:52:eb:05:46:6a:8f:f5:ca:1a:e3:67:f1:
                    e0:53:b1:3e:3a:bd:a9:8b:a4:e2:74:63:78:ab:1b:
                    a3:af:94:b0:51:ab:1a:54:94:98:3c:f9:5f:ef:54:
                    d5:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:49:7A:78:AA:F1:78:37:1B:BD:C9:D1:5C:33:41:23:29:9F:48:8F
            X509v3 Authority Key Identifier:
                keyid:DB:BB:3B:D2:B0:9F:CB:BB:DF:89:5B:0E:3A:9C:5A:00:64:56:FD:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27s70rCfy7vfiVsOOpxaAGRW_aY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c32529-b08b-4235-b9b9-e869b34d2c6a/1/27s70rCfy7vfiVsOOpxaAGRW_aY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c32529-b08b-4235-b9b9-e869b34d2c6a/1/27s70rCfy7vfiVsOOpxaAGRW_aY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:1a:2c:ce:57:16:cb:3b:1e:8f:3a:b9:2b:80:11:c9:02:11:
         d7:3e:d2:19:1a:01:be:6f:a1:f7:c8:07:d4:7d:0c:e3:1a:b2:
         54:95:c0:4e:0e:c1:ec:03:fe:2b:d3:51:81:6e:d2:bc:e5:a4:
         7e:90:ba:ed:e8:46:54:82:94:76:9c:0d:78:06:5d:af:01:84:
         33:63:77:7f:1b:94:26:02:e2:df:72:80:b3:f4:ba:f3:b4:7c:
         c4:10:1d:d8:6d:b0:45:c7:09:a9:c4:dd:06:7e:b1:07:aa:d9:
         70:1b:ed:ff:51:db:08:0a:80:63:c5:34:97:b1:84:29:cc:82:
         0b:57:22:5e:59:84:6d:c1:f8:c8:d6:16:48:bd:e2:f0:e8:74:
         dc:85:ae:32:b1:69:99:92:50:f0:fd:f8:18:87:1b:01:86:4a:
         9c:05:6c:f5:79:f6:2d:62:af:8b:e4:6e:9a:a7:6c:02:03:82:
         b3:62:30:83:01:6d:3b:46:5c:31:f9:d5:f9:a2:b6:8a:e0:ef:
         fd:27:5c:f6:84:6d:39:ed:77:5d:58:6a:f9:55:ba:82:5a:e0:
         ca:59:ab:ff:61:6a:31:ee:23:e0:2e:f5:ba:6c:f7:cd:44:09:
         05:22:22:1d:10:cf:8a:db:30:b9:d1:fb:3d:c2:35:66:5e:b3:
         6a:f1:b5:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT0mhlqZVuqqfcVSxBYQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYmIzYmQyYjA5ZmNiYmJkZjg5NWIwZTNhOWM1YTAwNjQ1
NmZkYTYwHhcNMjUxMTA0MTAwMDEwWhcNMjUxMTA1MTAwMDEwWjAzMTEwLwYDVQQD
Eyg2YzQ5N2E3OGFhZjE3ODM3MWJiZGM5ZDE1YzMzNDEyMzI5OWY0ODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA800n8+xQvntPre9kX034Rfhuj/Oj
oyqB/FLzfWansPaq6phqGT6mKxYrIVW42Vphw/9YI6ymgR4SKqjtbHnwZN074Vzn
wc1XoLpaxQAGn19HGuoG43MIpyuHMJzGxpUSDKc3BMXb0UlXRdkmpUHGMi2OiRFU
E1VcpM8tfKs0yISdfp5jdU/VHnpBDNsyUv216OdlP+DLd6+Y4R1v8y9J+WDAavYZ
H+fJvoYznuSnr+Luh9x5pMGSfd+EjlyyeUCeE2XDfUyoN6jt1i0/iI5d/SR7eqlS
6wVGao/1yhrjZ/HgU7E+Or2pi6TidGN4qxujr5SwUasaVJSYPPlf71TVtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGxJeniq8Xg3G73J0VwzQSMpn0iPMB8GA1UdIwQY
MBaAFNu7O9Kwn8u734lbDjqcWgBkVv2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdzNzByQ2Z5N3ZmaVZzT09weGFBR1JXX2FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMzI1MjktYjA4Yi00MjM1LWI5Yjkt
ZTg2OWIzNGQyYzZhLzEvMjdzNzByQ2Z5N3ZmaVZzT09weGFBR1JXX2FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMzI1MjktYjA4Yi00MjM1LWI5YjktZTg2OWIzNGQyYzZh
LzEvMjdzNzByQ2Z5N3ZmaVZzT09weGFBR1JXX2FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQxoszlcW
yzsejzq5K4ARyQIR1z7SGRoBvm+h98gH1H0M4xqyVJXATg7B7AP+K9NRgW7SvOWk
fpC67ehGVIKUdpwNeAZdrwGEM2N3fxuUJgLi33KAs/S687R8xBAd2G2wRccJqcTd
Bn6xB6rZcBvt/1HbCAqAY8U0l7GEKcyCC1ciXlmEbcH4yNYWSL3i8Oh03IWuMrFp
mZJQ8P34GIcbAYZKnAVs9Xn2LWKvi+RumqdsAgOCs2IwgwFtO0ZcMfnV+aK2iuDv
/Sdc9oRtOe13XVhq+VW6glrgylmr/2FqMe4j4C71umz3zUQJBSIiHRDPitswudH7
PcI1Zl6zavG1NQ==
-----END CERTIFICATE-----