Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
File:                     gGM2o7hr9zon3dkGZn6tp1tHxJk.mft (raw, json)
Hash identifier:          AW3ZIhs+Bq+f78ECJGAgfJxydqiV+pwFLmv3hEJN/f8=
Subject key identifier:   F7:03:4C:C9:53:31:B5:92:98:02:AA:01:28:DE:BF:CD:5C:A7:74:D3
Authority key identifier: 80:63:36:A3:B8:6B:F7:3A:27:DD:D9:06:66:7E:AD:A7:5B:47:C4:99
Certificate issuer:       /CN=806336a3b86bf73a27ddd906667eada75b47c499
Certificate serial:       019A4DE1709EF7AF9B52BB6BFDFDD7C7F388
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
Manifest number:          0CA9
Signing time:             Tue 04 Nov 2025 08:00:10 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:10 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:10 +0000
Files and hashes:         1: gGM2o7hr9zon3dkGZn6tp1tHxJk.crl (hash: jnKNzOA3txSV8fnYjWDOLtq+kCcaje4hXg6UbHi23tA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:70:9e:f7:af:9b:52:bb:6b:fd:fd:d7:c7:f3:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=806336a3b86bf73a27ddd906667eada75b47c499
        Validity
            Not Before: Nov  4 08:00:10 2025 GMT
            Not After : Nov  5 08:00:10 2025 GMT
        Subject: CN=f7034cc95331b5929802aa0128debfcd5ca774d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:79:d2:d3:da:f3:8b:68:c3:3c:fc:6e:9e:6f:
                    0e:81:7b:7e:3f:c3:c7:8d:58:d7:15:e9:f3:e5:03:
                    7e:b2:7c:37:ba:a0:ff:bf:cc:37:31:0f:9b:12:84:
                    bc:20:4b:65:e5:a2:89:cf:d2:f5:7a:07:36:67:3f:
                    6d:01:24:32:c0:4b:3b:92:db:07:a8:81:a1:81:3c:
                    58:ba:1a:dd:39:4a:93:32:32:fc:e8:8a:4b:46:a4:
                    90:e6:13:61:fb:f8:59:b7:e6:88:bd:d4:0a:0a:4d:
                    83:6f:9e:03:82:8f:95:ab:90:ea:2d:ae:95:f7:ff:
                    7a:25:61:36:52:67:7a:6c:78:3b:2f:94:b2:a2:37:
                    cd:76:b4:ee:3b:77:7b:6c:81:30:1e:85:8b:ba:d1:
                    ff:ad:8c:0b:55:5a:96:c4:97:9b:c6:9d:70:55:81:
                    33:c0:47:e9:c6:24:43:fb:ef:36:5f:3e:1c:6b:7f:
                    18:9f:66:64:24:b0:ad:ce:00:35:0e:5e:d5:c5:4b:
                    9c:b2:73:c4:96:df:97:24:bd:3c:29:c1:39:b3:a2:
                    82:cc:56:3d:8c:2f:c3:13:9a:e0:46:69:16:38:09:
                    53:df:da:e9:6a:26:98:f8:44:4b:f5:b0:ff:67:1f:
                    b7:52:14:56:8a:00:1a:86:9d:d0:dd:67:2e:8e:76:
                    b8:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:03:4C:C9:53:31:B5:92:98:02:AA:01:28:DE:BF:CD:5C:A7:74:D3
            X509v3 Authority Key Identifier:
                keyid:80:63:36:A3:B8:6B:F7:3A:27:DD:D9:06:66:7E:AD:A7:5B:47:C4:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:80:d2:92:fc:e7:b2:1f:a9:f0:87:2b:08:ce:75:54:89:db:
         9e:af:13:86:e7:af:03:0c:37:a4:e9:83:87:c0:36:84:a8:8f:
         0e:fd:03:80:eb:14:45:73:15:ba:98:c0:48:7d:25:79:09:e1:
         8a:d0:38:8b:57:dc:6c:d3:25:b4:30:a0:cd:a0:6b:1e:9c:c0:
         9c:fd:47:a1:02:06:9a:3a:07:95:3a:3a:58:48:a8:fe:d9:34:
         d2:b0:63:ac:a2:59:32:7e:d6:c1:55:2c:11:99:a5:04:bf:ce:
         cf:f9:39:20:ff:bd:e2:0b:4e:f8:6e:db:28:3d:d5:ba:0f:48:
         df:a7:9a:c4:74:71:92:77:74:11:15:e8:83:b1:cc:b7:36:74:
         8f:87:1d:59:90:63:a0:76:c9:b5:3b:0b:b8:8b:b5:df:35:77:
         b5:c5:77:87:27:60:f1:c7:0e:c1:71:5c:92:f0:f4:47:f6:59:
         72:41:92:07:61:5d:87:b7:04:86:2a:d3:94:77:5e:bf:90:5d:
         e6:3c:fa:40:41:8f:04:83:c6:4b:ef:34:4e:f5:cd:ef:71:8b:
         ab:07:57:8a:d3:d2:62:93:4c:cf:e3:37:a6:7c:a6:21:60:9a:
         16:ea:d4:1d:68:97:e1:d0:e4:4c:d9:b2:fb:d1:f4:3f:76:83:
         f0:dc:6a:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4XCe96+bUrtr/f3Xx/OIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjMzNmEzYjg2YmY3M2EyN2RkZDkwNjY2N2VhZGE3NWI0
N2M0OTkwHhcNMjUxMTA0MDgwMDEwWhcNMjUxMTA1MDgwMDEwWjAzMTEwLwYDVQQD
EyhmNzAzNGNjOTUzMzFiNTkyOTgwMmFhMDEyOGRlYmZjZDVjYTc3NGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3nS09rzi2jDPPxunm8OgXt+P8PH
jVjXFenz5QN+snw3uqD/v8w3MQ+bEoS8IEtl5aKJz9L1egc2Zz9tASQywEs7ktsH
qIGhgTxYuhrdOUqTMjL86IpLRqSQ5hNh+/hZt+aIvdQKCk2Db54Dgo+Vq5DqLa6V
9/96JWE2Umd6bHg7L5SyojfNdrTuO3d7bIEwHoWLutH/rYwLVVqWxJebxp1wVYEz
wEfpxiRD++82Xz4ca38Yn2ZkJLCtzgA1Dl7VxUucsnPElt+XJL08KcE5s6KCzFY9
jC/DE5rgRmkWOAlT39rpaiaY+ERL9bD/Zx+3UhRWigAahp3Q3Wcujna4xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcDTMlTMbWSmAKqASjev81cp3TTMB8GA1UdIwQY
MBaAFIBjNqO4a/c6J93ZBmZ+radbR8SZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYTgwZmMtMGQ0YS00YTk3LWFiODEt
MDliYjU5NmU4NDU0LzEvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hYTgwZmMtMGQ0YS00YTk3LWFiODEtMDliYjU5NmU4NDU0
LzEvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYIDSkvzn
sh+p8IcrCM51VInbnq8ThuevAww3pOmDh8A2hKiPDv0DgOsURXMVupjASH0leQnh
itA4i1fcbNMltDCgzaBrHpzAnP1HoQIGmjoHlTo6WEio/tk00rBjrKJZMn7WwVUs
EZmlBL/Oz/k5IP+94gtO+G7bKD3Vug9I36eaxHRxknd0ERXog7HMtzZ0j4cdWZBj
oHbJtTsLuIu13zV3tcV3hydg8ccOwXFckvD0R/ZZckGSB2Fdh7cEhirTlHdev5Bd
5jz6QEGPBIPGS+80TvXN73GLqwdXitPSYpNMz+M3pnymIWCaFurUHWiX4dDkTNmy
+9H0P3aD8Nxqig==
-----END CERTIFICATE-----