Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
File:                     JfgKOI5PDiZBTOq-q036hBkdgUA.mft (raw, json)
Hash identifier:          GZSKKUoiu/XT/anW+tf0pmN3U7sGhuJEnj6nkil6X5U=
Subject key identifier:   7E:25:1D:39:BD:4A:67:9F:01:3D:1D:CD:7D:F0:BA:E5:20:76:01:78
Authority key identifier: 25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40
Certificate issuer:       /CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
Certificate serial:       019A4F61FC07AA0D7C5917AC0923F21EA6FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
Manifest number:          1615
Signing time:             Tue 04 Nov 2025 15:00:12 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:12 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:12 +0000
Files and hashes:         1: JfgKOI5PDiZBTOq-q036hBkdgUA.crl (hash: vUYBKN8BVUGpKl69YAnNc8T7naRSDD8e0su+EoGW3JU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:61:fc:07:aa:0d:7c:59:17:ac:09:23:f2:1e:a6:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
        Validity
            Not Before: Nov  4 15:00:12 2025 GMT
            Not After : Nov  5 15:00:12 2025 GMT
        Subject: CN=7e251d39bd4a679f013d1dcd7df0bae520760178
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4e:a7:ca:9d:73:b9:e1:2a:7a:9a:0c:50:33:
                    04:ca:3f:97:8a:ab:de:44:66:b7:be:5f:d2:35:51:
                    6a:81:ab:72:af:41:e6:78:0c:5f:4f:73:ee:a9:6d:
                    96:c6:3e:4a:6c:6e:f6:ff:c8:ad:35:97:8b:ef:df:
                    39:77:88:ff:f8:67:bd:dd:9b:dd:47:46:96:b6:a3:
                    69:b9:03:b2:76:bd:b3:0a:3f:9f:aa:52:cc:12:f1:
                    97:a7:cb:d7:03:25:40:67:96:d3:5f:b2:e2:0f:33:
                    e3:9a:77:9c:eb:d1:b4:7c:8a:e5:a1:0b:77:d3:85:
                    5e:9f:7d:2b:b1:a2:e4:10:4a:eb:c9:f6:21:dc:be:
                    e2:8d:f5:bf:3c:ad:f2:3e:0a:d0:ee:55:2e:d8:1f:
                    af:fc:1a:f9:98:4c:46:35:32:63:2c:e5:15:cc:c2:
                    b5:7a:ac:b1:ee:7a:25:c1:65:82:fd:98:29:d4:99:
                    e3:50:fd:50:28:72:01:ab:c9:2b:a5:c6:34:fc:5a:
                    9a:9b:8e:97:f7:6d:50:b2:77:5d:f0:cb:d4:fa:44:
                    68:5a:6b:cb:f4:01:2f:81:7e:b5:ba:54:a5:b3:f1:
                    f7:9f:c1:39:0d:97:7b:98:71:14:35:3d:10:e1:3e:
                    cc:38:7f:c6:ec:58:dc:60:98:14:d7:2b:2b:6b:ed:
                    4d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:25:1D:39:BD:4A:67:9F:01:3D:1D:CD:7D:F0:BA:E5:20:76:01:78
            X509v3 Authority Key Identifier:
                keyid:25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:68:c3:6b:7e:92:e1:65:5b:3e:2c:17:f5:1a:e9:dc:ea:b2:
         b3:c4:1a:15:c5:94:dd:9f:a3:e5:6d:35:78:6e:bb:51:05:7d:
         6d:85:7e:db:ec:85:84:7a:d7:85:53:f7:16:6f:cb:b2:b4:1b:
         e3:61:51:b0:49:2a:0f:12:b6:ab:53:09:5c:fe:fd:aa:f6:26:
         66:e2:95:8b:8c:44:02:cf:80:12:93:64:7e:00:e4:f4:a9:5f:
         aa:f6:b8:d5:f3:0c:14:6e:b4:74:f0:30:4e:fd:fb:8c:30:b0:
         8d:31:54:eb:cd:dc:a2:ac:b7:ba:7a:12:65:c0:37:e6:e7:5f:
         02:d1:14:49:b7:25:77:53:8e:36:46:7d:a8:10:49:86:86:94:
         67:67:3f:66:eb:6c:23:b7:11:ac:53:06:0d:b8:32:cc:64:37:
         90:da:bf:b6:e5:d1:a1:1d:8f:76:08:13:a1:1e:b3:40:5d:a7:
         45:99:4c:15:50:28:e1:4b:04:3e:6b:a0:7e:8e:5e:eb:49:19:
         5b:0d:a6:85:8e:15:7c:62:7a:68:c8:46:ca:8e:c0:0f:8a:10:
         5d:06:0c:da:9f:e9:45:b7:a3:6f:5b:16:09:04:8a:87:ad:b9:
         10:41:e5:64:c4:cb:54:cf:63:5f:84:d8:d5:8a:f5:26:af:70:
         08:de:f3:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYfwHqg18WResCSPyHqb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZjgwYTM4OGU0ZjBlMjY0MTRjZWFiZWFiNGRmYTg0MTkx
ZDgxNDAwHhcNMjUxMTA0MTUwMDEyWhcNMjUxMTA1MTUwMDEyWjAzMTEwLwYDVQQD
Eyg3ZTI1MWQzOWJkNGE2NzlmMDEzZDFkY2Q3ZGYwYmFlNTIwNzYwMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk6nyp1zueEqepoMUDMEyj+Xiqve
RGa3vl/SNVFqgatyr0HmeAxfT3PuqW2Wxj5KbG72/8itNZeL7985d4j/+Ge93Zvd
R0aWtqNpuQOydr2zCj+fqlLMEvGXp8vXAyVAZ5bTX7LiDzPjmnec69G0fIrloQt3
04Ven30rsaLkEErryfYh3L7ijfW/PK3yPgrQ7lUu2B+v/Br5mExGNTJjLOUVzMK1
eqyx7nolwWWC/Zgp1JnjUP1QKHIBq8krpcY0/Fqam46X921Qsndd8MvU+kRoWmvL
9AEvgX61ulSls/H3n8E5DZd7mHEUNT0Q4T7MOH/G7FjcYJgU1ysra+1NKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4lHTm9SmefAT0dzX3wuuUgdgF4MB8GA1UdIwQY
MBaAFCX4CjiOTw4mQUzqvqtN+oQZHYFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjIt
OTdkYzdiNTM1YjFkLzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjItOTdkYzdiNTM1YjFk
LzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUmjDa36S
4WVbPiwX9Rrp3Oqys8QaFcWU3Z+j5W01eG67UQV9bYV+2+yFhHrXhVP3Fm/LsrQb
42FRsEkqDxK2q1MJXP79qvYmZuKVi4xEAs+AEpNkfgDk9Klfqva41fMMFG60dPAw
Tv37jDCwjTFU683coqy3unoSZcA35udfAtEUSbcld1OONkZ9qBBJhoaUZ2c/Zuts
I7cRrFMGDbgyzGQ3kNq/tuXRoR2PdggToR6zQF2nRZlMFVAo4UsEPmugfo5e60kZ
Ww2mhY4VfGJ6aMhGyo7AD4oQXQYM2p/pRbejb1sWCQSKh625EEHlZMTLVM9jX4TY
1Yr1Jq9wCN7zrw==
-----END CERTIFICATE-----