Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
File:                     jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft (raw, json)
Hash identifier:          kj6qQG1p4GX/+L/H5RLMkKZCpW/AoSLbb7W317biMfE=
Subject key identifier:   F0:F7:77:D1:F8:94:A2:3A:C6:D8:F8:6F:A4:C3:4D:46:76:E3:17:6B
Authority key identifier: 8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE
Certificate issuer:       /CN=8c5002f639e81958d0f9b3585aed76707d2625de
Certificate serial:       019A4E5002B8F36D304188E46124E64C23AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 10:00:57 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:57 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:57 +0000
Files and hashes:         1: jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl (hash: oyMphdN59ZOm8yeoOfO+O5HdEE605BXh41uAzNKNrIo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:50:02:b8:f3:6d:30:41:88:e4:61:24:e6:4c:23:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c5002f639e81958d0f9b3585aed76707d2625de
        Validity
            Not Before: Nov  4 10:00:57 2025 GMT
            Not After : Nov  5 10:00:57 2025 GMT
        Subject: CN=f0f777d1f894a23ac6d8f86fa4c34d4676e3176b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:19:3f:78:d4:f3:90:82:02:46:9a:71:89:6b:
                    b7:d1:13:4e:93:d5:c2:69:18:7b:d9:81:83:1f:7f:
                    00:09:82:4b:51:ac:ae:55:70:ff:98:88:28:1c:58:
                    08:bf:5b:c7:f3:2d:14:30:ce:34:f4:12:f8:a4:73:
                    d0:07:c7:92:fc:1a:e3:80:86:4c:2c:7e:72:16:52:
                    af:7a:3f:6e:dd:39:34:2f:f6:45:13:11:a6:4a:14:
                    7a:64:f2:fe:37:34:14:b8:93:83:76:6a:57:b3:6a:
                    07:44:f9:b9:be:77:15:cb:b5:69:d3:d2:e9:53:9c:
                    fe:bc:7e:f5:b0:08:03:06:4b:6d:a7:73:01:ad:4b:
                    a7:73:32:40:6c:3f:da:95:73:11:af:ed:9f:96:e4:
                    64:3d:4b:5e:85:f5:66:4f:42:12:86:4c:b8:44:9c:
                    df:93:3c:41:55:d0:6f:52:5a:1b:e6:6b:3b:a6:ce:
                    b0:0b:18:35:e8:b0:36:2a:c9:79:99:4f:cf:fe:b9:
                    4a:e3:9a:f6:8a:d9:51:98:ec:58:b8:2a:f7:ad:bf:
                    22:bc:7b:fa:ca:94:ac:a4:6a:d2:31:95:b4:27:a6:
                    17:93:02:f7:e3:2a:08:a4:f2:15:9a:e4:e2:79:06:
                    b9:be:21:cb:c9:65:04:df:86:f5:85:e2:8f:7a:11:
                    dd:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:F7:77:D1:F8:94:A2:3A:C6:D8:F8:6F:A4:C3:4D:46:76:E3:17:6B
            X509v3 Authority Key Identifier:
                keyid:8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:63:8e:b3:81:20:2f:3b:b5:8a:c2:c9:f1:1b:d0:7d:1d:6d:
         10:62:97:0f:6d:c4:a7:ad:93:3c:a0:bb:24:52:56:b7:b2:7f:
         f7:c5:b4:f1:97:d8:e2:07:2b:02:e9:64:9f:b2:f0:ca:95:f4:
         6b:9a:f8:da:fe:d4:3d:94:aa:7b:ad:46:f0:07:24:64:a3:ed:
         10:d0:ba:53:ad:b7:33:cc:18:2d:73:aa:70:d7:69:cb:10:e4:
         f1:a7:ea:cb:d8:4d:33:97:0a:3e:4a:e0:8e:4e:8a:73:53:2b:
         a8:97:fa:a0:d6:42:17:75:5d:c8:bc:14:a4:13:a7:31:42:8f:
         2f:eb:71:06:0e:9e:5e:93:32:5d:69:c3:cc:d8:97:4a:bb:b4:
         2d:9a:9a:41:ba:e7:4e:46:fe:f3:0c:a9:c9:a2:27:66:66:c8:
         d9:37:6d:18:b1:86:2d:ec:32:a2:dc:c2:55:4d:6b:1f:b7:17:
         50:7a:f5:9f:9e:5e:2b:f5:33:6c:82:40:3a:ae:d4:9d:a9:d0:
         cc:da:e0:06:07:89:08:a5:60:a3:ac:1c:c7:36:ef:70:b9:1d:
         ec:e3:ea:47:ff:7f:6a:33:3c:7c:d5:2e:bf:a7:10:04:8d:5a:
         29:b2:c4:c8:79:08:ef:01:c5:dd:51:4b:4d:8a:01:9d:7c:3d:
         3e:6d:60:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOUAK4820wQYjkYSTmTCOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTAwMmY2MzllODE5NThkMGY5YjM1ODVhZWQ3NjcwN2Qy
NjI1ZGUwHhcNMjUxMTA0MTAwMDU3WhcNMjUxMTA1MTAwMDU3WjAzMTEwLwYDVQQD
EyhmMGY3NzdkMWY4OTRhMjNhYzZkOGY4NmZhNGMzNGQ0Njc2ZTMxNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthk/eNTzkIICRppxiWu30RNOk9XC
aRh72YGDH38ACYJLUayuVXD/mIgoHFgIv1vH8y0UMM409BL4pHPQB8eS/BrjgIZM
LH5yFlKvej9u3Tk0L/ZFExGmShR6ZPL+NzQUuJODdmpXs2oHRPm5vncVy7Vp09Lp
U5z+vH71sAgDBkttp3MBrUunczJAbD/alXMRr+2fluRkPUtehfVmT0IShky4RJzf
kzxBVdBvUlob5ms7ps6wCxg16LA2Ksl5mU/P/rlK45r2itlRmOxYuCr3rb8ivHv6
ypSspGrSMZW0J6YXkwL34yoIpPIVmuTieQa5viHLyWUE34b1heKPehHd/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPD3d9H4lKI6xtj4b6TDTUZ24xdrMB8GA1UdIwQY
MBaAFIxQAvY56BlY0PmzWFrtdnB9JiXeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYt
NmYwNjE5MTQ0NGFjLzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYtNmYwNjE5MTQ0NGFj
LzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArWOOs4Eg
Lzu1isLJ8RvQfR1tEGKXD23Ep62TPKC7JFJWt7J/98W08ZfY4gcrAulkn7LwypX0
a5r42v7UPZSqe61G8AckZKPtENC6U623M8wYLXOqcNdpyxDk8afqy9hNM5cKPkrg
jk6Kc1MrqJf6oNZCF3VdyLwUpBOnMUKPL+txBg6eXpMyXWnDzNiXSru0LZqaQbrn
Tkb+8wypyaInZmbI2TdtGLGGLewyotzCVU1rH7cXUHr1n55eK/UzbIJAOq7UnanQ
zNrgBgeJCKVgo6wcxzbvcLkd7OPqR/9/ajM8fNUuv6cQBI1aKbLEyHkI7wHF3VFL
TYoBnXw9Pm1gbg==
-----END CERTIFICATE-----