Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft
File:                     j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft (raw, json)
Hash identifier:          93KihK6xwcouxcTe/fboK4GXQiIq09cEvxu4w7q8l14=
Subject key identifier:   64:7D:BF:60:43:F0:22:8A:3C:D3:CA:A5:CF:59:FB:61:49:E9:C9:AC
Authority key identifier: 8F:49:F4:A4:CD:82:93:44:51:9F:45:2A:3B:0E:1E:66:FE:8D:3E:25
Certificate issuer:       /CN=8f49f4a4cd829344519f452a3b0e1e66fe8d3e25
Certificate serial:       019A4DE1BFB53C5068AB60794C1ED6B6F7C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 08:00:31 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:31 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:31 +0000
Files and hashes:         1: j0n0pM2Ck0RRn0UqOw4eZv6NPiU.crl (hash: Id2+SmRoxytzSY6EENDjI7elx+aXmVLP3dx8zMmAnnI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:bf:b5:3c:50:68:ab:60:79:4c:1e:d6:b6:f7:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f49f4a4cd829344519f452a3b0e1e66fe8d3e25
        Validity
            Not Before: Nov  4 08:00:31 2025 GMT
            Not After : Nov  5 08:00:31 2025 GMT
        Subject: CN=647dbf6043f0228a3cd3caa5cf59fb6149e9c9ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:dd:19:aa:49:2e:fc:d6:9a:96:2b:dc:0e:89:
                    d0:be:88:60:e2:0c:d1:32:fd:5c:81:77:d2:64:7f:
                    22:d7:74:88:4e:82:d3:bb:48:d2:f0:f6:e2:50:cd:
                    88:d5:0b:a4:f7:17:55:0c:4f:ad:75:51:ed:5c:1f:
                    87:7d:61:c1:aa:8f:57:d5:e5:71:67:3a:5d:ea:94:
                    89:8f:32:16:cf:05:05:f0:0f:71:90:f6:1a:f6:62:
                    10:07:6a:37:11:93:4d:36:3d:3c:3b:50:fd:70:0f:
                    5a:bc:e2:4a:53:14:37:bc:f0:bd:85:65:f5:e5:22:
                    ae:a3:48:d7:ae:6e:70:09:58:ee:4e:80:04:d7:d3:
                    e2:78:8d:d7:63:0c:17:40:a4:88:3b:ab:80:f0:37:
                    e6:e8:ec:84:75:d9:77:ee:45:89:5c:6f:f5:1b:4d:
                    73:ca:4b:92:53:5f:b4:90:50:a6:d9:0c:75:bf:b8:
                    38:6f:86:30:96:15:77:01:6e:51:6f:52:42:4f:57:
                    ff:5c:e5:13:af:de:c1:bb:46:0f:2f:35:05:e2:7d:
                    5e:6c:0a:35:fe:11:49:ad:42:cb:fc:20:99:5a:0a:
                    98:70:3d:f2:fb:6e:65:d1:4d:47:c1:17:76:c5:2a:
                    00:f0:e5:d2:a7:36:0f:27:51:91:c1:1d:24:b2:67:
                    34:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:7D:BF:60:43:F0:22:8A:3C:D3:CA:A5:CF:59:FB:61:49:E9:C9:AC
            X509v3 Authority Key Identifier:
                keyid:8F:49:F4:A4:CD:82:93:44:51:9F:45:2A:3B:0E:1E:66:FE:8D:3E:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:8a:c9:75:7f:18:6f:1c:17:22:ba:7b:80:34:77:91:07:e2:
         e8:b0:55:24:14:ee:f6:d0:a8:56:40:0b:82:82:a3:21:97:61:
         9e:52:45:b8:96:74:ef:ce:00:de:0b:b8:8e:89:7d:ff:30:71:
         ba:00:d8:16:55:1b:3e:19:da:9e:b6:c8:1d:f4:db:8a:d7:50:
         09:87:d2:3f:0f:98:00:62:84:7f:dc:cb:91:b3:b8:48:3b:a2:
         8f:10:2c:1e:58:20:6b:a0:39:fa:09:fa:29:73:00:1a:e2:85:
         a0:6a:2b:03:60:fa:8f:c2:c2:fd:ce:0f:4b:9d:38:5b:75:ec:
         31:c1:d0:42:60:3a:19:a8:18:d5:15:fe:69:af:85:b7:02:7c:
         e5:42:37:15:15:3a:59:ce:73:ec:be:2b:36:35:e8:1c:cd:aa:
         b3:c8:88:1e:96:df:a8:cc:40:a4:ae:77:1a:12:ec:bd:c1:3f:
         e0:42:54:1a:56:2c:02:c9:1a:9d:1c:90:d5:e6:4f:31:7e:85:
         f7:79:e0:ec:71:26:b6:a5:57:2b:f8:8f:eb:ae:a4:b7:5f:fb:
         80:23:be:61:9b:c7:09:f9:7c:71:ed:9b:23:64:52:b2:06:d0:
         ef:c9:a6:4d:ec:db:c4:f7:f3:1e:25:7b:61:ef:24:c7:e9:3c:
         4d:12:aa:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4b+1PFBoq2B5TB7WtvfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNDlmNGE0Y2Q4MjkzNDQ1MTlmNDUyYTNiMGUxZTY2ZmU4
ZDNlMjUwHhcNMjUxMTA0MDgwMDMxWhcNMjUxMTA1MDgwMDMxWjAzMTEwLwYDVQQD
Eyg2NDdkYmY2MDQzZjAyMjhhM2NkM2NhYTVjZjU5ZmI2MTQ5ZTljOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr90Zqkku/NaalivcDonQvohg4gzR
Mv1cgXfSZH8i13SIToLTu0jS8PbiUM2I1Quk9xdVDE+tdVHtXB+HfWHBqo9X1eVx
Zzpd6pSJjzIWzwUF8A9xkPYa9mIQB2o3EZNNNj08O1D9cA9avOJKUxQ3vPC9hWX1
5SKuo0jXrm5wCVjuToAE19PieI3XYwwXQKSIO6uA8Dfm6OyEddl37kWJXG/1G01z
ykuSU1+0kFCm2Qx1v7g4b4YwlhV3AW5Rb1JCT1f/XOUTr97Bu0YPLzUF4n1ebAo1
/hFJrULL/CCZWgqYcD3y+25l0U1HwRd2xSoA8OXSpzYPJ1GRwR0ksmc0+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGR9v2BD8CKKPNPKpc9Z+2FJ6cmsMB8GA1UdIwQY
MBaAFI9J9KTNgpNEUZ9FKjsOHmb+jT4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajBuMHBNMkNrMFJSbjBVcU93NGVadjZOUGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi82NjU4YzAtNTY1My00YTlmLWE4ZTgt
MTQwYWFkYTU0YjYxLzEvajBuMHBNMkNrMFJSbjBVcU93NGVadjZOUGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi82NjU4YzAtNTY1My00YTlmLWE4ZTgtMTQwYWFkYTU0YjYx
LzEvajBuMHBNMkNrMFJSbjBVcU93NGVadjZOUGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdIrJdX8Y
bxwXIrp7gDR3kQfi6LBVJBTu9tCoVkALgoKjIZdhnlJFuJZ0784A3gu4jol9/zBx
ugDYFlUbPhnanrbIHfTbitdQCYfSPw+YAGKEf9zLkbO4SDuijxAsHlgga6A5+gn6
KXMAGuKFoGorA2D6j8LC/c4PS504W3XsMcHQQmA6GagY1RX+aa+FtwJ85UI3FRU6
Wc5z7L4rNjXoHM2qs8iIHpbfqMxApK53GhLsvcE/4EJUGlYsAskanRyQ1eZPMX6F
93ng7HEmtqVXK/iP666kt1/7gCO+YZvHCfl8ce2bI2RSsgbQ78mmTezbxPfzHiV7
Ye8kx+k8TRKqWQ==
-----END CERTIFICATE-----