Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft
File:                     mgGl7N4ueVkyWREG0II9DRVPcAI.mft (raw, json)
Hash identifier:          hYBFH8OkQ5wS/SMR2Q5hc17meoHzSypaZZ6zws1j9cg=
Subject key identifier:   FD:0A:33:5D:64:D9:38:4C:60:74:76:04:66:1E:C1:A1:43:2E:C2:54
Authority key identifier: 9A:01:A5:EC:DE:2E:79:59:32:59:11:06:D0:82:3D:0D:15:4F:70:02
Certificate issuer:       /CN=9a01a5ecde2e795932591106d0823d0d154f7002
Certificate serial:       019A4EF4D528749A5D44A650AB187B052962
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mgGl7N4ueVkyWREG0II9DRVPcAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft
Manifest number:          0839
Signing time:             Tue 04 Nov 2025 13:00:59 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:59 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:59 +0000
Files and hashes:         1: mgGl7N4ueVkyWREG0II9DRVPcAI.crl (hash: V0k5u2IQLlTcdGxFXLsE3eUM982S9P5INpjjDR7jSSE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mgGl7N4ueVkyWREG0II9DRVPcAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:d5:28:74:9a:5d:44:a6:50:ab:18:7b:05:29:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a01a5ecde2e795932591106d0823d0d154f7002
        Validity
            Not Before: Nov  4 13:00:59 2025 GMT
            Not After : Nov  5 13:00:59 2025 GMT
        Subject: CN=fd0a335d64d9384c60747604661ec1a1432ec254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a9:51:48:ec:3a:e9:fb:f6:1d:a9:d0:19:f6:
                    19:21:8e:19:e6:db:28:46:d0:33:cf:99:cb:47:3e:
                    7a:1d:18:6c:97:66:54:c4:06:c6:1e:20:73:56:5a:
                    de:27:a9:bd:8d:01:b0:70:20:25:a8:dd:fd:af:34:
                    a8:6a:61:64:a2:c4:56:71:04:c3:6c:93:dc:29:2f:
                    5f:9b:f0:05:2b:2c:db:6e:2f:cf:1f:b7:16:bd:6b:
                    93:e1:13:7d:ab:06:da:55:33:76:dd:c2:0b:b8:b1:
                    ba:9d:fa:6c:9f:72:e2:8e:1e:eb:61:15:02:99:73:
                    03:29:47:1f:5d:e7:e5:ad:87:b5:99:c7:75:d6:27:
                    2d:05:84:0d:95:94:29:be:32:4f:ec:8b:cb:c9:2d:
                    5d:ee:00:f2:e0:02:f4:23:86:72:2a:a9:e1:f4:2c:
                    f6:57:e3:31:f4:f7:26:c2:e2:51:c1:02:0a:78:1c:
                    b5:ff:3d:61:cb:62:ab:3c:60:63:c3:d6:b7:e6:94:
                    5f:59:83:ad:c4:d8:a3:8f:00:6d:9b:2c:c4:dd:73:
                    39:5f:b2:02:c1:95:32:49:d2:d0:92:30:b9:ea:4e:
                    ac:9e:fb:17:54:d7:08:15:5a:cc:6f:2d:e9:95:6b:
                    67:19:ed:0a:61:6a:92:c1:8e:b9:dd:0c:b3:08:8f:
                    53:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:0A:33:5D:64:D9:38:4C:60:74:76:04:66:1E:C1:A1:43:2E:C2:54
            X509v3 Authority Key Identifier:
                keyid:9A:01:A5:EC:DE:2E:79:59:32:59:11:06:D0:82:3D:0D:15:4F:70:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgGl7N4ueVkyWREG0II9DRVPcAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:97:46:0d:68:5a:03:7e:9c:2c:68:36:28:ed:c2:81:bf:72:
         be:37:86:de:62:13:b8:53:34:48:bc:0c:d4:47:3a:3c:ef:ed:
         f1:61:27:bf:8b:12:32:36:50:7a:9e:69:42:5a:0c:8a:48:b7:
         43:02:cc:1e:e5:67:b1:5f:f5:7b:ef:98:c3:75:f9:ea:a0:52:
         28:7d:5c:f0:aa:fb:7b:46:e0:da:6f:07:62:d6:5d:ac:54:de:
         1e:b7:18:c5:40:38:e3:48:50:2c:19:5f:70:ad:70:32:0e:a5:
         b6:61:68:a7:82:1a:89:42:74:e3:ed:92:4f:bc:e7:e6:02:24:
         fa:b8:61:4d:84:95:57:e6:bd:3f:8f:c0:31:89:6e:75:80:cf:
         d6:b6:b3:17:a0:d4:df:b4:bc:0f:ac:44:2f:4e:a1:a4:96:f9:
         da:25:67:8f:de:5a:68:f4:51:a9:a2:cc:dc:f4:99:5b:c2:df:
         b3:cd:52:a9:0f:12:c7:c2:ef:3a:c5:11:c7:86:3f:b9:49:1d:
         1d:d3:56:b3:88:24:da:f7:8e:27:48:1d:38:4e:8d:59:e1:7d:
         b3:66:e0:ab:b9:e5:f8:d2:b4:ac:12:b0:c9:54:82:08:02:81:
         12:cb:03:06:85:4b:87:4a:56:ee:ad:cf:f6:97:32:87:10:51:
         6d:de:9a:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9NUodJpdRKZQqxh7BSliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMDFhNWVjZGUyZTc5NTkzMjU5MTEwNmQwODIzZDBkMTU0
ZjcwMDIwHhcNMjUxMTA0MTMwMDU5WhcNMjUxMTA1MTMwMDU5WjAzMTEwLwYDVQQD
EyhmZDBhMzM1ZDY0ZDkzODRjNjA3NDc2MDQ2NjFlYzFhMTQzMmVjMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlalRSOw66fv2HanQGfYZIY4Z5tso
RtAzz5nLRz56HRhsl2ZUxAbGHiBzVlreJ6m9jQGwcCAlqN39rzSoamFkosRWcQTD
bJPcKS9fm/AFKyzbbi/PH7cWvWuT4RN9qwbaVTN23cILuLG6nfpsn3Lijh7rYRUC
mXMDKUcfXeflrYe1mcd11ictBYQNlZQpvjJP7IvLyS1d7gDy4AL0I4ZyKqnh9Cz2
V+Mx9PcmwuJRwQIKeBy1/z1hy2KrPGBjw9a35pRfWYOtxNijjwBtmyzE3XM5X7IC
wZUySdLQkjC56k6snvsXVNcIFVrMby3plWtnGe0KYWqSwY653QyzCI9TqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0KM11k2ThMYHR2BGYewaFDLsJUMB8GA1UdIwQY
MBaAFJoBpezeLnlZMlkRBtCCPQ0VT3ACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWdHbDdONHVlVmt5V1JFRzBJSTlEUlZQY0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84NjNjMDQtYjA3ZS00YzNhLTlmNDUt
ZmUyNDc0ZDJmMDdjLzEvbWdHbDdONHVlVmt5V1JFRzBJSTlEUlZQY0FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84NjNjMDQtYjA3ZS00YzNhLTlmNDUtZmUyNDc0ZDJmMDdj
LzEvbWdHbDdONHVlVmt5V1JFRzBJSTlEUlZQY0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHJdGDWha
A36cLGg2KO3Cgb9yvjeG3mITuFM0SLwM1Ec6PO/t8WEnv4sSMjZQep5pQloMiki3
QwLMHuVnsV/1e++Yw3X56qBSKH1c8Kr7e0bg2m8HYtZdrFTeHrcYxUA440hQLBlf
cK1wMg6ltmFop4IaiUJ04+2ST7zn5gIk+rhhTYSVV+a9P4/AMYludYDP1razF6DU
37S8D6xEL06hpJb52iVnj95aaPRRqaLM3PSZW8Lfs81SqQ8Sx8LvOsURx4Y/uUkd
HdNWs4gk2veOJ0gdOE6NWeF9s2bgq7nl+NK0rBKwyVSCCAKBEssDBoVLh0pW7q3P
9pcyhxBRbd6abQ==
-----END CERTIFICATE-----