Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft
File:                     sCBx_ye9CehFJRchNknb9nvK1dE.mft (raw, json)
Hash identifier:          GVLIKGzqTdpkPl4VtOpiPJKaveeii5tODgziO+y2DHY=
Subject key identifier:   21:35:2E:5C:D4:56:F1:9E:15:EC:F5:9C:44:25:57:1B:45:99:1E:4E
Authority key identifier: B0:20:71:FF:27:BD:09:E8:45:25:17:21:36:49:DB:F6:7B:CA:D5:D1
Certificate issuer:       /CN=b02071ff27bd09e8452517213649dbf67bcad5d1
Certificate serial:       019A4EF48489EC28E3659DD7D41E750D23A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sCBx_ye9CehFJRchNknb9nvK1dE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft
Manifest number:          0399
Signing time:             Tue 04 Nov 2025 13:00:38 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:38 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:38 +0000
Files and hashes:         1: sCBx_ye9CehFJRchNknb9nvK1dE.crl (hash: xg0VhhgMT0iQ7gB1Dbvsi8wAbMyNmpsCzJ/faLBGSm8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sCBx_ye9CehFJRchNknb9nvK1dE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:84:89:ec:28:e3:65:9d:d7:d4:1e:75:0d:23:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b02071ff27bd09e8452517213649dbf67bcad5d1
        Validity
            Not Before: Nov  4 13:00:38 2025 GMT
            Not After : Nov  5 13:00:38 2025 GMT
        Subject: CN=21352e5cd456f19e15ecf59c4425571b45991e4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:cc:07:66:7b:e6:63:4b:31:12:55:5f:ba:ac:
                    c2:5f:6f:de:8b:3d:9d:5f:2c:f4:93:b7:d2:f0:c5:
                    29:94:29:e0:f2:31:5c:c5:84:21:7d:a7:a2:ab:d5:
                    52:42:b4:9d:b0:ee:b1:d7:20:31:b3:cd:11:d9:29:
                    8c:38:92:3f:33:a5:f3:14:e9:95:f8:aa:e8:e8:54:
                    af:be:e4:af:dc:b0:64:30:52:08:ee:4f:00:96:fd:
                    30:2d:95:5d:63:09:e2:c2:f3:4f:1a:65:35:49:fa:
                    c4:d2:bf:9e:1f:6d:2f:5d:96:f4:ef:5e:3c:90:63:
                    e0:6f:90:a4:af:2f:40:28:9b:72:60:18:c7:3b:30:
                    b1:df:54:d2:1b:b3:67:1e:9e:62:1c:82:00:0b:03:
                    9e:85:a9:e6:ad:93:41:e3:fc:5b:e8:4c:c9:1f:50:
                    f1:08:ba:8e:c9:1c:25:51:29:02:b4:0a:c3:1d:96:
                    fe:a0:6b:8a:17:31:b8:e4:26:49:9b:78:e1:8b:23:
                    04:62:e9:08:2e:aa:c1:ad:10:5c:31:7a:43:41:68:
                    6a:08:0b:7e:6f:c9:1a:e4:25:7c:35:01:19:29:fa:
                    3a:8a:fa:9e:c3:7b:3a:9d:82:d9:8d:e9:ac:8e:4f:
                    1a:52:c3:3c:ad:10:84:d0:43:ef:c5:11:b0:9c:b5:
                    0a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:35:2E:5C:D4:56:F1:9E:15:EC:F5:9C:44:25:57:1B:45:99:1E:4E
            X509v3 Authority Key Identifier:
                keyid:B0:20:71:FF:27:BD:09:E8:45:25:17:21:36:49:DB:F6:7B:CA:D5:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCBx_ye9CehFJRchNknb9nvK1dE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:3a:ee:ea:27:22:33:56:d1:9c:e5:b8:69:6f:40:03:8b:82:
         a6:a2:bd:ac:02:87:4f:ed:69:bc:96:af:ee:c2:8f:06:a1:7f:
         dc:ab:0a:a3:58:46:d2:17:86:30:2e:8c:b8:b2:e4:e9:80:64:
         8f:6d:09:4e:32:12:0a:b8:37:9e:d9:2c:65:05:c5:d3:b2:ad:
         a9:02:c9:d2:1a:c5:1e:71:bb:98:02:76:06:dc:ac:91:38:a4:
         5b:70:eb:11:aa:60:64:de:5e:ed:42:bc:b1:65:e0:c4:a0:c5:
         71:7f:b2:c5:7f:e8:74:d5:89:01:9a:71:9b:3a:19:5e:c6:35:
         de:9a:d5:38:60:58:1e:73:bb:88:25:65:3c:0c:5e:e5:13:40:
         6a:d9:d6:9b:b9:30:dc:35:b5:b2:58:c8:9c:3e:d7:69:80:9a:
         96:b1:ca:66:07:e2:5d:39:55:32:c6:bf:b2:f0:13:4f:63:96:
         5d:61:20:b2:70:a2:99:00:ae:41:76:f5:da:aa:68:d9:84:dc:
         74:42:64:e6:b3:d6:09:5c:81:c7:c1:81:a4:51:12:bb:a6:44:
         74:6c:dc:51:97:43:54:5f:94:4d:6e:4a:bb:41:be:80:6d:ca:
         99:ea:e5:e7:5d:39:da:0b:df:83:b1:13:54:f8:ae:cd:6f:7b:
         9f:12:c9:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9ISJ7CjjZZ3X1B51DSOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMjA3MWZmMjdiZDA5ZTg0NTI1MTcyMTM2NDlkYmY2N2Jj
YWQ1ZDEwHhcNMjUxMTA0MTMwMDM4WhcNMjUxMTA1MTMwMDM4WjAzMTEwLwYDVQQD
EygyMTM1MmU1Y2Q0NTZmMTllMTVlY2Y1OWM0NDI1NTcxYjQ1OTkxZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhswHZnvmY0sxElVfuqzCX2/eiz2d
Xyz0k7fS8MUplCng8jFcxYQhfaeiq9VSQrSdsO6x1yAxs80R2SmMOJI/M6XzFOmV
+Kro6FSvvuSv3LBkMFII7k8Alv0wLZVdYwniwvNPGmU1SfrE0r+eH20vXZb07148
kGPgb5Ckry9AKJtyYBjHOzCx31TSG7NnHp5iHIIACwOehanmrZNB4/xb6EzJH1Dx
CLqOyRwlUSkCtArDHZb+oGuKFzG45CZJm3jhiyMEYukILqrBrRBcMXpDQWhqCAt+
b8ka5CV8NQEZKfo6ivqew3s6nYLZjemsjk8aUsM8rRCE0EPvxRGwnLUKmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCE1LlzUVvGeFez1nEQlVxtFmR5OMB8GA1UdIwQY
MBaAFLAgcf8nvQnoRSUXITZJ2/Z7ytXRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NCeF95ZTlDZWhGSlJjaE5rbmI5bnZLMWRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81NjZkYmEtODE3OS00YzEzLTlkM2Yt
YmM4OTVmNzMxNjk1LzEvc0NCeF95ZTlDZWhGSlJjaE5rbmI5bnZLMWRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81NjZkYmEtODE3OS00YzEzLTlkM2YtYmM4OTVmNzMxNjk1
LzEvc0NCeF95ZTlDZWhGSlJjaE5rbmI5bnZLMWRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdDru6ici
M1bRnOW4aW9AA4uCpqK9rAKHT+1pvJav7sKPBqF/3KsKo1hG0heGMC6MuLLk6YBk
j20JTjISCrg3ntksZQXF07KtqQLJ0hrFHnG7mAJ2BtyskTikW3DrEapgZN5e7UK8
sWXgxKDFcX+yxX/odNWJAZpxmzoZXsY13prVOGBYHnO7iCVlPAxe5RNAatnWm7kw
3DW1sljInD7XaYCalrHKZgfiXTlVMsa/svATT2OWXWEgsnCimQCuQXb12qpo2YTc
dEJk5rPWCVyBx8GBpFESu6ZEdGzcUZdDVF+UTW5Ku0G+gG3Kmerl51052gvfg7ET
VPiuzW97nxLJBw==
-----END CERTIFICATE-----