Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
File:                     G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json)
Hash identifier:          tkjEEnooYSFkevWuAvprjTil5jidh+vv8BeM3ObeL+E=
Subject key identifier:   0C:E0:4A:70:3D:2A:C9:F5:21:42:EF:3F:1A:02:95:22:E2:77:60:AC
Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD
Certificate issuer:       /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
Certificate serial:       019A4EF5D3BA49CFE88B8D97D0082E512C35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
Manifest number:          0EA5
Signing time:             Tue 04 Nov 2025 13:02:04 +0000
Manifest this update:     Tue 04 Nov 2025 13:02:04 +0000
Manifest next update:     Wed 05 Nov 2025 13:02:04 +0000
Files and hashes:         1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: /A7S2iVtf30z/jxacrlVNxzNInasV9xceGNAiAx9sBE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:d3:ba:49:cf:e8:8b:8d:97:d0:08:2e:51:2c:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
        Validity
            Not Before: Nov  4 13:02:04 2025 GMT
            Not After : Nov  5 13:02:04 2025 GMT
        Subject: CN=0ce04a703d2ac9f52142ef3f1a029522e27760ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:2f:a2:34:f7:3b:19:87:3b:54:6a:36:8f:51:
                    d5:03:ed:35:bb:4b:89:34:e1:b0:8d:d3:1d:f2:cb:
                    aa:cd:55:2a:b4:31:1b:f9:55:65:64:f8:fd:86:9c:
                    04:5a:03:f2:5b:7b:76:db:32:87:f6:f8:fc:6a:db:
                    05:ec:39:e5:55:f0:82:df:ac:d1:36:1e:ea:cd:14:
                    c3:04:9a:b3:66:1e:1b:72:75:90:54:d4:14:12:34:
                    97:14:fe:b4:57:b8:ba:d9:82:1b:10:8b:2f:e0:de:
                    52:e7:00:73:fe:88:75:31:33:fc:2b:60:db:5a:7a:
                    43:40:0c:99:8a:52:d7:4d:3b:40:8b:e2:03:e0:0a:
                    7c:ae:ae:2a:44:a7:21:c9:39:18:48:98:53:85:34:
                    37:c4:a3:60:bb:0a:a3:42:05:ac:74:33:7d:65:38:
                    32:f2:6a:a5:1a:eb:2f:69:a9:01:3a:bd:79:f2:76:
                    6d:d2:d4:c6:97:3b:78:ea:69:f4:9f:9e:7d:b1:16:
                    4b:1b:24:c5:35:ef:fd:7c:0a:dc:53:04:fa:a0:4c:
                    90:7e:84:24:1e:65:81:dd:9a:40:d7:27:d1:ff:38:
                    37:c5:07:fe:14:b3:3a:20:17:0c:fa:d3:cc:81:fc:
                    ca:cf:d1:e8:ee:c9:3c:e7:7a:0d:ec:b4:61:29:98:
                    c5:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:E0:4A:70:3D:2A:C9:F5:21:42:EF:3F:1A:02:95:22:E2:77:60:AC
            X509v3 Authority Key Identifier:
                keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:19:a2:0f:6d:c6:b2:44:15:0d:49:29:9b:7b:43:49:a9:94:
         d7:0d:05:67:fd:bd:ae:f3:81:79:9d:6b:55:2e:26:24:79:66:
         02:d1:bb:51:b4:02:ce:0f:f7:8a:af:58:13:77:fa:b8:48:1c:
         44:8c:19:20:6d:82:24:b7:93:61:78:50:57:5c:06:2b:a3:12:
         aa:9e:23:28:0d:ab:8b:11:f1:7d:35:65:be:11:56:5b:e4:6e:
         5c:63:19:c7:54:d1:51:a5:98:79:a3:ae:03:aa:29:95:a1:ff:
         e4:7e:d5:9c:d0:1b:2e:d8:72:cc:15:41:f3:84:f5:91:3e:ed:
         77:3c:1d:b4:56:b3:b5:0f:7a:4a:5c:44:d9:0a:a1:02:41:7d:
         0d:aa:46:9f:61:46:a9:69:2b:62:c9:27:f5:b8:e9:86:17:ee:
         0a:a0:0c:d1:a2:ef:02:d9:46:a7:71:6f:5a:a6:36:db:e2:0e:
         34:22:30:93:54:f7:51:f5:a3:bd:39:a1:18:0c:4a:12:29:5c:
         81:ce:f0:e4:e1:8d:08:17:7b:ca:98:50:c5:61:8e:5b:06:04:
         89:95:e4:e5:3f:9d:a4:80:81:72:1e:40:de:dc:9a:5e:3d:80:
         57:ba:c1:1e:5b:b6:b8:1b:17:95:22:01:49:3f:9c:10:bd:29:
         c9:2c:c7:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9dO6Sc/oi42X0AguUSw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh
NTZjYmQwHhcNMjUxMTA0MTMwMjA0WhcNMjUxMTA1MTMwMjA0WjAzMTEwLwYDVQQD
EygwY2UwNGE3MDNkMmFjOWY1MjE0MmVmM2YxYTAyOTUyMmUyNzc2MGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC+iNPc7GYc7VGo2j1HVA+01u0uJ
NOGwjdMd8suqzVUqtDEb+VVlZPj9hpwEWgPyW3t22zKH9vj8atsF7DnlVfCC36zR
Nh7qzRTDBJqzZh4bcnWQVNQUEjSXFP60V7i62YIbEIsv4N5S5wBz/oh1MTP8K2Db
WnpDQAyZilLXTTtAi+ID4Ap8rq4qRKchyTkYSJhThTQ3xKNguwqjQgWsdDN9ZTgy
8mqlGusvaakBOr158nZt0tTGlzt46mn0n559sRZLGyTFNe/9fArcUwT6oEyQfoQk
HmWB3ZpA1yfR/zg3xQf+FLM6IBcM+tPMgfzKz9Ho7sk853oN7LRhKZjFxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzgSnA9Ksn1IULvPxoClSLid2CsMB8GA1UdIwQY
MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt
MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx
LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJhmiD23G
skQVDUkpm3tDSamU1w0FZ/29rvOBeZ1rVS4mJHlmAtG7UbQCzg/3iq9YE3f6uEgc
RIwZIG2CJLeTYXhQV1wGK6MSqp4jKA2rixHxfTVlvhFWW+RuXGMZx1TRUaWYeaOu
A6oplaH/5H7VnNAbLthyzBVB84T1kT7tdzwdtFaztQ96SlxE2QqhAkF9DapGn2FG
qWkrYskn9bjphhfuCqAM0aLvAtlGp3FvWqY22+IONCIwk1T3UfWjvTmhGAxKEilc
gc7w5OGNCBd7yphQxWGOWwYEiZXk5T+dpICBch5A3tyaXj2AV7rBHlu2uBsXlSIB
ST+cEL0pySzHSA==
-----END CERTIFICATE-----