Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          5emajoV6pqbP0G8JXg51wuuJ0ZSx30oi4DPeg8B6dwk=
Subject key identifier:   C1:87:04:60:6D:A6:5D:08:AE:7B:98:08:E7:2B:22:04:E9:BD:60:B7
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       019A4F9975CC48ED7277523AD5E397B87479
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          04B7
Signing time:             Tue 04 Nov 2025 16:00:48 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:48 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:48 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: jzmwPFifgBQODUZ/khtjoTvjimDjQgf0RQB/2NC267A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:75:cc:48:ed:72:77:52:3a:d5:e3:97:b8:74:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Nov  4 16:00:48 2025 GMT
            Not After : Nov  5 16:00:48 2025 GMT
        Subject: CN=c18704606da65d08ae7b9808e72b2204e9bd60b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e0:9d:fe:6b:ee:18:f2:da:2d:2c:fb:66:d7:
                    4b:d1:20:50:9f:99:13:83:2d:10:75:ef:ae:76:a9:
                    b7:a9:ee:5b:d2:06:30:4f:60:10:fa:1d:64:f4:13:
                    38:ae:20:99:df:e8:ca:7d:66:2b:43:f1:ed:11:f9:
                    b3:03:a3:16:94:99:d5:3d:05:b6:e0:6b:b3:eb:0e:
                    64:92:86:ef:30:99:92:40:d1:45:77:65:a5:14:e8:
                    9c:7f:c4:b4:e4:4e:d8:57:2d:8a:27:ed:2a:d9:76:
                    9a:b1:6f:8b:07:83:18:98:f0:53:aa:34:6b:37:44:
                    23:03:b4:33:44:99:ab:73:07:88:06:17:56:3f:6f:
                    76:84:55:99:88:d1:b4:aa:a1:c3:3d:c4:07:53:be:
                    29:27:c1:d3:ab:03:ab:e4:37:7f:1c:4a:a2:f9:73:
                    ef:66:d9:58:df:1d:4d:c0:3b:89:2c:5c:72:56:97:
                    ca:05:cd:0b:fb:ab:b8:bc:09:47:54:da:2b:9d:40:
                    3d:13:55:72:1e:27:e1:d5:f5:a3:3c:fc:b7:db:95:
                    2f:19:19:6c:90:91:f4:92:14:1f:0d:2a:d6:d0:8c:
                    1c:af:ed:78:f6:b8:ed:7c:33:bd:c4:30:41:d5:75:
                    d3:94:26:78:8e:d7:9f:54:f7:65:13:fd:bf:11:95:
                    5e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:87:04:60:6D:A6:5D:08:AE:7B:98:08:E7:2B:22:04:E9:BD:60:B7
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:ed:ad:6c:71:0b:f9:2b:80:63:7d:ed:02:39:a2:1b:d8:e5:
         0e:0c:94:ee:40:43:c9:82:7b:b3:27:b7:bd:48:ce:f0:d9:05:
         12:36:6e:b3:41:ca:30:b1:a7:36:6f:77:49:77:33:48:1a:07:
         2b:e4:7e:fb:68:9a:da:3b:3f:c8:d1:ca:f2:25:44:9a:1e:4f:
         ac:01:67:82:92:c7:ec:b9:76:44:ef:fb:7f:a3:2d:e2:f1:ea:
         13:e9:21:bb:8d:97:97:9a:2d:a5:4e:b0:2d:c8:ac:16:af:e5:
         3c:44:12:82:a3:47:e6:7e:48:49:3f:ac:7a:ea:a7:a1:8f:74:
         46:03:38:cc:a6:67:63:4d:95:9f:d1:15:2a:a9:b5:9a:fd:e8:
         89:60:8e:21:44:32:52:82:e0:fe:0e:1f:bd:69:c5:b3:cd:4c:
         10:83:bf:8c:c6:91:d6:78:23:e5:a4:5c:bf:05:f6:36:c0:26:
         c1:d5:07:30:d0:4d:fc:e0:05:b3:d1:bf:20:c6:6a:27:eb:01:
         97:04:80:2a:45:b4:13:e9:7f:12:d7:81:f4:30:4e:53:f8:85:
         29:71:10:6c:e6:94:13:4b:13:f2:69:31:8c:09:5e:2f:71:3e:
         de:6f:19:d0:01:ff:d0:87:7a:8a:cf:8f:23:fa:50:0c:5b:1c:
         17:1a:ee:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmXXMSO1yd1I61eOXuHR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjUxMTA0MTYwMDQ4WhcNMjUxMTA1MTYwMDQ4WjAzMTEwLwYDVQQD
EyhjMTg3MDQ2MDZkYTY1ZDA4YWU3Yjk4MDhlNzJiMjIwNGU5YmQ2MGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOCd/mvuGPLaLSz7ZtdL0SBQn5kT
gy0Qde+udqm3qe5b0gYwT2AQ+h1k9BM4riCZ3+jKfWYrQ/HtEfmzA6MWlJnVPQW2
4Guz6w5kkobvMJmSQNFFd2WlFOicf8S05E7YVy2KJ+0q2XaasW+LB4MYmPBTqjRr
N0QjA7QzRJmrcweIBhdWP292hFWZiNG0qqHDPcQHU74pJ8HTqwOr5Dd/HEqi+XPv
ZtlY3x1NwDuJLFxyVpfKBc0L+6u4vAlHVNornUA9E1VyHifh1fWjPPy325UvGRls
kJH0khQfDSrW0Iwcr+149rjtfDO9xDBB1XXTlCZ4jtefVPdlE/2/EZVe4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMGHBGBtpl0IrnuYCOcrIgTpvWC3MB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAme2tbHEL
+SuAY33tAjmiG9jlDgyU7kBDyYJ7sye3vUjO8NkFEjZus0HKMLGnNm93SXczSBoH
K+R++2ia2js/yNHK8iVEmh5PrAFngpLH7Ll2RO/7f6Mt4vHqE+khu42Xl5otpU6w
LcisFq/lPEQSgqNH5n5IST+seuqnoY90RgM4zKZnY02Vn9EVKqm1mv3oiWCOIUQy
UoLg/g4fvWnFs81MEIO/jMaR1ngj5aRcvwX2NsAmwdUHMNBN/OAFs9G/IMZqJ+sB
lwSAKkW0E+l/EteB9DBOU/iFKXEQbOaUE0sT8mkxjAleL3E+3m8Z0AH/0Id6is+P
I/pQDFscFxru1A==
-----END CERTIFICATE-----