Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
File:                     9j_pwTQEHOvaVoufkI4q7zirf3U.mft (raw, json)
Hash identifier:          EZU875/rlrMwMrq2moQBEyJeuC78lkYK7DPGuvTsjuQ=
Subject key identifier:   9A:DF:D2:98:68:04:F2:91:CD:B1:C2:F7:26:9D:89:CC:4F:C2:68:B8
Authority key identifier: F6:3F:E9:C1:34:04:1C:EB:DA:56:8B:9F:90:8E:2A:EF:38:AB:7F:75
Certificate issuer:       /CN=f63fe9c134041cebda568b9f908e2aef38ab7f75
Certificate serial:       019A52D2A60CFE96430391F70682196E93AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
Manifest number:          0D63
Signing time:             Wed 05 Nov 2025 07:02:08 +0000
Manifest this update:     Wed 05 Nov 2025 07:02:08 +0000
Manifest next update:     Thu 06 Nov 2025 07:02:08 +0000
Files and hashes:         1: 9j_pwTQEHOvaVoufkI4q7zirf3U.crl (hash: Lpk8JpLmkZUz6oQ5ElgZ6d/SEqv9sb17gCffl7RDak8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d2:a6:0c:fe:96:43:03:91:f7:06:82:19:6e:93:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f63fe9c134041cebda568b9f908e2aef38ab7f75
        Validity
            Not Before: Nov  5 07:02:08 2025 GMT
            Not After : Nov  6 07:02:08 2025 GMT
        Subject: CN=9adfd2986804f291cdb1c2f7269d89cc4fc268b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c0:cd:4e:92:0c:90:4a:92:ef:ec:21:fa:c3:
                    65:ad:d8:1a:f6:63:0f:8c:24:73:1e:03:81:68:84:
                    9b:6e:d2:58:c4:39:d8:c8:71:48:02:73:b0:c9:57:
                    2a:c8:0d:32:b8:0d:6c:73:3f:f0:8e:3d:a9:1d:3b:
                    ea:7d:59:40:0e:d1:f9:40:49:a5:c1:c6:86:70:36:
                    6a:06:07:45:0c:a0:38:d1:51:e8:25:59:7e:fc:18:
                    25:db:d6:01:57:6b:db:b4:5c:a8:1d:6d:a5:d7:ed:
                    88:3d:87:25:90:2f:ac:e0:c6:86:10:7e:46:4a:9e:
                    00:77:ad:30:97:ca:5d:74:9f:bc:47:af:e9:1e:e0:
                    6e:2e:ee:db:f6:2a:db:79:21:af:71:15:3c:e8:e3:
                    53:24:92:20:2d:05:1b:50:20:10:a4:e1:43:18:ed:
                    a5:72:eb:8b:30:fc:51:80:c8:2b:d0:87:6e:18:94:
                    4a:3c:c7:a1:18:20:a0:b7:58:ae:69:19:d6:01:ec:
                    d5:e6:b3:ae:64:b9:4f:e2:42:07:04:76:88:f4:32:
                    b3:d6:f2:70:f4:a0:8d:43:6a:55:5c:57:b8:e2:9c:
                    79:3c:bc:85:58:fe:69:8d:d0:1b:7d:b9:a5:db:3c:
                    cf:c7:cf:9f:f2:12:22:d7:bf:33:dd:0f:25:57:f7:
                    05:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:DF:D2:98:68:04:F2:91:CD:B1:C2:F7:26:9D:89:CC:4F:C2:68:B8
            X509v3 Authority Key Identifier:
                keyid:F6:3F:E9:C1:34:04:1C:EB:DA:56:8B:9F:90:8E:2A:EF:38:AB:7F:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:82:62:12:06:25:dc:a2:66:e3:3d:8a:e0:8b:07:cd:d9:43:
         86:2d:27:20:ea:9b:ab:b3:a5:f0:4d:51:1f:09:d1:58:4e:98:
         7d:f0:03:14:3e:7c:01:77:1d:9f:7d:7c:25:20:ed:7b:4d:9c:
         40:20:c6:bf:2f:74:6e:1e:78:bc:ee:29:ca:a4:c9:b8:3a:50:
         2c:c1:e7:36:f2:80:d8:1d:37:2c:dc:d1:8b:35:7b:43:38:73:
         02:b5:cd:97:f4:bb:a3:64:97:95:71:65:78:2d:64:fe:45:e5:
         90:18:d6:84:85:9d:86:09:45:46:16:9e:21:03:6f:a3:03:96:
         ed:35:0b:18:39:58:1e:86:05:ab:50:fb:0e:db:ca:77:4f:cc:
         4c:ba:32:3d:b9:4c:81:51:64:e8:0a:6e:01:5e:2b:70:72:b9:
         3e:d0:df:64:b8:6b:d3:51:4a:d0:46:e7:27:cf:a9:6b:0a:9e:
         2e:6b:5f:49:f4:3f:d5:3a:0f:e9:0b:b9:ed:ba:ab:a4:c0:c1:
         f9:31:bf:96:6c:75:a5:71:a5:62:a1:aa:f2:e1:a9:57:fe:5b:
         13:9f:d5:06:e9:90:a0:a8:70:30:de:7a:eb:59:a2:25:e0:24:
         69:b3:4f:02:e4:5d:5a:53:be:11:73:6a:c0:f5:2e:89:1e:c8:
         87:21:91:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0qYM/pZDA5H3BoIZbpOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2M2ZlOWMxMzQwNDFjZWJkYTU2OGI5ZjkwOGUyYWVmMzhh
YjdmNzUwHhcNMjUxMTA1MDcwMjA4WhcNMjUxMTA2MDcwMjA4WjAzMTEwLwYDVQQD
Eyg5YWRmZDI5ODY4MDRmMjkxY2RiMWMyZjcyNjlkODljYzRmYzI2OGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsDNTpIMkEqS7+wh+sNlrdga9mMP
jCRzHgOBaISbbtJYxDnYyHFIAnOwyVcqyA0yuA1scz/wjj2pHTvqfVlADtH5QEml
wcaGcDZqBgdFDKA40VHoJVl+/Bgl29YBV2vbtFyoHW2l1+2IPYclkC+s4MaGEH5G
Sp4Ad60wl8pddJ+8R6/pHuBuLu7b9irbeSGvcRU86ONTJJIgLQUbUCAQpOFDGO2l
cuuLMPxRgMgr0IduGJRKPMehGCCgt1iuaRnWAezV5rOuZLlP4kIHBHaI9DKz1vJw
9KCNQ2pVXFe44px5PLyFWP5pjdAbfbml2zzPx8+f8hIi178z3Q8lV/cFcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrf0phoBPKRzbHC9yadicxPwmi4MB8GA1UdIwQY
MBaAFPY/6cE0BBzr2laLn5COKu84q391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMzlkM2EtMjc4NC00MjU1LTkwNjYt
NWFlYzc2NmE0OWI0LzEvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMzlkM2EtMjc4NC00MjU1LTkwNjYtNWFlYzc2NmE0OWI0
LzEvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEIJiEgYl
3KJm4z2K4IsHzdlDhi0nIOqbq7Ol8E1RHwnRWE6YffADFD58AXcdn318JSDte02c
QCDGvy90bh54vO4pyqTJuDpQLMHnNvKA2B03LNzRizV7QzhzArXNl/S7o2SXlXFl
eC1k/kXlkBjWhIWdhglFRhaeIQNvowOW7TULGDlYHoYFq1D7DtvKd0/MTLoyPblM
gVFk6ApuAV4rcHK5PtDfZLhr01FK0EbnJ8+pawqeLmtfSfQ/1ToP6Qu57bqrpMDB
+TG/lmx1pXGlYqGq8uGpV/5bE5/VBumQoKhwMN5661miJeAkabNPAuRdWlO+EXNq
wPUuiR7IhyGREg==
-----END CERTIFICATE-----