Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          QyzJoFROPu4CA5/YLVK+9KXpZzNxUeFMy73UvNVon9M=
Subject key identifier:   A7:68:BC:38:E5:29:F5:7F:CE:BC:0F:12:D4:65:B7:BA:72:A9:93:74
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       019A5006F058A744A09A3B22F4B02EB29704
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          073A
Signing time:             Tue 04 Nov 2025 18:00:23 +0000
Manifest this update:     Tue 04 Nov 2025 18:00:23 +0000
Manifest next update:     Wed 05 Nov 2025 18:00:23 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: eyttJBU1rVM52QDxp9N6tCK+qiJlB0+WqTUwFMv17xY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:06:f0:58:a7:44:a0:9a:3b:22:f4:b0:2e:b2:97:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Nov  4 18:00:23 2025 GMT
            Not After : Nov  5 18:00:23 2025 GMT
        Subject: CN=a768bc38e529f57fcebc0f12d465b7ba72a99374
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d2:4c:fc:d5:1c:51:d9:8d:65:11:7c:22:c9:
                    06:cd:cf:a5:9a:7e:3b:40:95:22:b9:1d:8c:db:5f:
                    95:d2:ee:78:89:8c:4e:e2:76:d3:d1:d5:58:ce:bc:
                    b3:2b:27:3e:34:b7:15:86:8a:a9:af:4b:3e:83:b8:
                    0f:fe:3e:b7:bb:95:f1:93:3e:0c:74:f7:d8:46:d5:
                    4e:28:af:b3:f1:10:be:2e:cb:38:fa:6e:a7:9a:ef:
                    3f:af:4d:cc:56:45:1b:f4:1e:ae:17:a8:cf:00:04:
                    c1:2c:e9:18:04:8e:7c:ed:77:40:c8:92:0b:70:72:
                    41:6f:44:1d:bd:4b:c6:ee:cd:0d:d8:1f:05:46:a7:
                    7d:ce:c5:d6:fd:f3:87:b4:48:a3:a6:90:cf:a2:b7:
                    e0:e1:2e:44:20:45:14:3a:80:3d:06:d0:56:a3:31:
                    1e:54:e1:c7:c3:32:71:22:47:a2:0e:25:be:f3:2a:
                    19:bd:4f:47:c1:25:61:a0:0c:33:cc:5f:aa:65:b7:
                    62:b5:67:28:f2:57:d7:97:c1:b7:4f:86:70:df:53:
                    11:14:55:be:c4:d3:ac:3c:b8:49:1d:8c:30:f2:60:
                    0f:da:43:ec:1b:2d:6e:52:35:65:0e:3d:7c:ea:67:
                    03:bf:d0:6e:ef:98:0f:f0:0e:41:d0:32:60:ae:ae:
                    16:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:68:BC:38:E5:29:F5:7F:CE:BC:0F:12:D4:65:B7:BA:72:A9:93:74
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:07:bc:b9:6c:6f:87:e4:a8:c9:c0:e3:57:6c:44:14:8e:67:
         b8:12:18:ef:7b:fd:05:8e:b6:5c:d9:e7:c5:60:a4:a2:12:dc:
         ff:01:f9:62:31:6b:64:7a:7f:a2:98:aa:10:0b:9c:ec:5c:e7:
         f5:4c:89:33:3b:91:98:03:1b:c2:dc:9b:0a:5d:89:2f:4e:ac:
         52:0c:7c:3a:c8:f6:1b:e1:9d:92:66:35:c9:27:57:71:36:47:
         f8:56:46:1d:21:0e:79:5c:27:d2:9c:a6:af:08:0c:02:ed:8c:
         14:6e:d0:a1:46:8e:15:e8:5f:00:62:ab:b9:62:6e:14:34:8d:
         f1:ec:6d:b5:f6:9f:8e:83:47:07:08:42:e9:2f:f7:6d:b9:1b:
         49:91:3b:5c:09:a2:c7:c9:84:eb:fe:92:7a:64:72:be:4e:ce:
         37:37:c2:a0:e7:ca:32:bd:0e:e6:28:13:04:e0:0a:e0:07:32:
         62:b9:43:54:6b:08:43:a7:cf:5c:96:99:20:08:12:2e:95:da:
         8c:96:18:04:58:38:04:5f:27:3d:83:a0:12:d5:c6:42:a6:14:
         bc:9a:3b:64:22:b2:20:3c:84:8a:f4:c6:37:b4:b7:03:c0:77:
         0b:fa:97:e6:cf:7b:cf:d9:4e:1c:df:97:5c:f4:cc:6d:3c:79:
         ad:ca:f3:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQBvBYp0Sgmjsi9LAuspcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjUxMTA0MTgwMDIzWhcNMjUxMTA1MTgwMDIzWjAzMTEwLwYDVQQD
EyhhNzY4YmMzOGU1MjlmNTdmY2ViYzBmMTJkNDY1YjdiYTcyYTk5Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNJM/NUcUdmNZRF8IskGzc+lmn47
QJUiuR2M21+V0u54iYxO4nbT0dVYzryzKyc+NLcVhoqpr0s+g7gP/j63u5Xxkz4M
dPfYRtVOKK+z8RC+Lss4+m6nmu8/r03MVkUb9B6uF6jPAATBLOkYBI587XdAyJIL
cHJBb0QdvUvG7s0N2B8FRqd9zsXW/fOHtEijppDPorfg4S5EIEUUOoA9BtBWozEe
VOHHwzJxIkeiDiW+8yoZvU9HwSVhoAwzzF+qZbditWco8lfXl8G3T4Zw31MRFFW+
xNOsPLhJHYww8mAP2kPsGy1uUjVlDj186mcDv9Bu75gP8A5B0DJgrq4WjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdovDjlKfV/zrwPEtRlt7pyqZN0MB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYAe8uWxv
h+SoycDjV2xEFI5nuBIY73v9BY62XNnnxWCkohLc/wH5YjFrZHp/opiqEAuc7Fzn
9UyJMzuRmAMbwtybCl2JL06sUgx8Osj2G+GdkmY1ySdXcTZH+FZGHSEOeVwn0pym
rwgMAu2MFG7QoUaOFehfAGKruWJuFDSN8exttfafjoNHBwhC6S/3bbkbSZE7XAmi
x8mE6/6SemRyvk7ONzfCoOfKMr0O5igTBOAK4AcyYrlDVGsIQ6fPXJaZIAgSLpXa
jJYYBFg4BF8nPYOgEtXGQqYUvJo7ZCKyIDyEivTGN7S3A8B3C/qX5s97z9lOHN+X
XPTMbTx5rcrz3A==
-----END CERTIFICATE-----