Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
File:                     CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft (raw, json)
Hash identifier:          y/hk2gVMU6vL/hEJXPCnnhmIqJUVpnlUm3ZvvTjlOAc=
Subject key identifier:   BA:6C:9E:78:A3:48:B2:C0:40:F6:60:BF:43:D9:4D:5C:7F:79:4B:E7
Authority key identifier: 08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F
Certificate issuer:       /CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f
Certificate serial:       019A4EF58770CC730AB33E3B4D91DF3D829C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
Manifest number:          051C
Signing time:             Tue 04 Nov 2025 13:01:44 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:44 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:44 +0000
Files and hashes:         1: CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl (hash: YIWXF9gOvpwvNWCBHCOKUUjz+ZBteUDPZFjM1Ok/msY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:87:70:cc:73:0a:b3:3e:3b:4d:91:df:3d:82:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f
        Validity
            Not Before: Nov  4 13:01:44 2025 GMT
            Not After : Nov  5 13:01:44 2025 GMT
        Subject: CN=ba6c9e78a348b2c040f660bf43d94d5c7f794be7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9d:6b:59:ca:42:77:3d:79:e5:a2:bf:8d:f4:
                    80:0a:56:48:b8:dc:e5:7e:36:7f:f1:0d:37:26:d5:
                    3e:01:b9:3a:e8:81:7c:42:12:36:d0:db:20:c3:a8:
                    c1:04:63:83:9f:b2:f5:7c:4a:cf:2c:d2:ca:ad:12:
                    8f:4b:0d:2c:1b:ff:e0:9a:d0:ef:62:8b:a9:f8:46:
                    14:24:c8:45:f8:ec:4f:50:60:63:66:16:1a:8c:7c:
                    0a:3d:41:06:cf:d1:cd:fa:76:66:1a:df:fe:d6:91:
                    63:96:56:e3:69:95:4d:e5:bd:eb:48:b9:52:47:51:
                    37:a9:96:ea:0a:f1:97:8d:37:79:18:aa:75:29:a5:
                    dc:17:4c:1a:9c:36:6c:ac:44:0d:06:bb:49:92:e1:
                    a5:6f:fa:05:ac:1f:d9:83:76:22:7a:f8:36:9c:f4:
                    5c:ef:70:28:dc:1a:73:e3:2e:96:81:2d:d9:01:fa:
                    0b:96:65:c5:1b:f6:4f:c5:7b:6f:10:4c:5c:12:dd:
                    cf:c1:82:d4:f4:8b:b4:88:64:50:d9:bb:03:64:1a:
                    9e:b9:f9:48:91:fd:fd:4b:d9:dd:49:4a:cd:38:d2:
                    83:66:26:b2:28:40:c8:4d:5f:b5:49:75:94:54:62:
                    ec:5e:0c:32:b1:5c:bb:7c:ce:92:70:19:05:17:d4:
                    92:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:6C:9E:78:A3:48:B2:C0:40:F6:60:BF:43:D9:4D:5C:7F:79:4B:E7
            X509v3 Authority Key Identifier:
                keyid:08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:0b:10:64:60:ee:b3:15:48:2d:b2:e0:bd:1c:36:b9:1c:46:
         88:36:2e:c2:43:de:8b:02:e4:7c:48:04:c7:e8:e3:92:74:64:
         da:61:9e:a3:9d:f7:d1:2b:b9:d1:8d:97:5d:fe:cd:0c:41:23:
         68:50:9e:c6:3c:f5:7c:ce:e6:ef:e0:9e:7b:9e:07:e8:e3:ed:
         72:0f:43:1c:9b:82:09:d9:68:bd:13:5f:95:40:aa:3e:c3:8e:
         e3:bc:ea:fc:ee:6e:75:c1:02:ba:ea:dc:ab:e5:92:bb:b2:bc:
         2e:1b:87:94:cb:1f:9b:5e:5a:7a:38:18:5d:ca:04:73:09:2c:
         70:3a:92:4e:2b:0e:be:27:95:31:ce:93:2d:4a:17:9a:9d:b5:
         81:9c:37:71:05:dc:3e:b9:71:34:74:14:5b:cf:ef:2b:9f:b4:
         45:e4:38:d7:f7:4e:76:48:dd:80:1e:a0:2c:52:01:7a:3b:f5:
         ad:e0:b9:64:37:3c:3b:cf:b2:16:d5:64:49:ce:dd:8d:37:11:
         fe:99:14:65:9a:f9:11:a8:41:c5:c7:3f:95:18:48:90:bf:d0:
         d1:4f:cd:e9:c1:4d:d2:24:70:e9:42:aa:52:ce:70:a6:bd:3d:
         b2:d1:c5:12:d6:4b:cd:83:c3:b0:9b:92:76:c9:e3:6a:c4:2c:
         87:75:ab:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9YdwzHMKsz47TZHfPYKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YThiOGZlMGM4ODVhNDVmMjQ4NTUyMzM0MmU5YmE4ZGM4
OWU2OGYwHhcNMjUxMTA0MTMwMTQ0WhcNMjUxMTA1MTMwMTQ0WjAzMTEwLwYDVQQD
EyhiYTZjOWU3OGEzNDhiMmMwNDBmNjYwYmY0M2Q5NGQ1YzdmNzk0YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ1rWcpCdz155aK/jfSAClZIuNzl
fjZ/8Q03JtU+Abk66IF8QhI20Nsgw6jBBGODn7L1fErPLNLKrRKPSw0sG//gmtDv
Youp+EYUJMhF+OxPUGBjZhYajHwKPUEGz9HN+nZmGt/+1pFjllbjaZVN5b3rSLlS
R1E3qZbqCvGXjTd5GKp1KaXcF0wanDZsrEQNBrtJkuGlb/oFrB/Zg3Yievg2nPRc
73Ao3Bpz4y6WgS3ZAfoLlmXFG/ZPxXtvEExcEt3PwYLU9Iu0iGRQ2bsDZBqeuflI
kf39S9ndSUrNONKDZiayKEDITV+1SXWUVGLsXgwysVy7fM6ScBkFF9SSEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpsnnijSLLAQPZgv0PZTVx/eUvnMB8GA1UdIwQY
MBaAFAiouP4MiFpF8khVIzQum6jcieaPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUt
OWVlNTM0NDJjM2U5LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUtOWVlNTM0NDJjM2U5
LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALQsQZGDu
sxVILbLgvRw2uRxGiDYuwkPeiwLkfEgEx+jjknRk2mGeo5330Su50Y2XXf7NDEEj
aFCexjz1fM7m7+Cee54H6OPtcg9DHJuCCdlovRNflUCqPsOO47zq/O5udcECuurc
q+WSu7K8LhuHlMsfm15aejgYXcoEcwkscDqSTisOvieVMc6TLUoXmp21gZw3cQXc
PrlxNHQUW8/vK5+0ReQ41/dOdkjdgB6gLFIBejv1reC5ZDc8O8+yFtVkSc7djTcR
/pkUZZr5EahBxcc/lRhIkL/Q0U/N6cFN0iRw6UKqUs5wpr09stHFEtZLzYPDsJuS
dsnjasQsh3WrVg==
-----END CERTIFICATE-----