Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          yLIPpqqNlAeyVVWceDwYz2W53ILUIxjH7uSZXHPhQEM=
Subject key identifier:   44:67:56:E5:15:8C:B7:36:66:CC:64:70:C9:68:B9:B0:90:75:C2:0C
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       019A4EF58BEAE868FBEA176DC8C5EB5E0730
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          0FA2
Signing time:             Tue 04 Nov 2025 13:01:46 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:46 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:46 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: QEAZSD/STNdi461cXcu9JSByrKFtQpymKEaDMbN5ssI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:8b:ea:e8:68:fb:ea:17:6d:c8:c5:eb:5e:07:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: Nov  4 13:01:46 2025 GMT
            Not After : Nov  5 13:01:46 2025 GMT
        Subject: CN=446756e5158cb73666cc6470c968b9b09075c20c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4c:6d:31:34:56:78:ad:ad:b0:4b:72:bd:b1:
                    30:04:99:14:11:3b:c3:78:7c:c0:04:f9:df:d0:d0:
                    b8:09:31:06:3c:97:23:a8:29:58:05:73:50:48:53:
                    f4:ef:3c:51:00:bd:f4:1f:7d:64:a1:17:a5:ed:8e:
                    d7:70:92:28:85:d9:07:6d:1d:17:74:0d:21:c6:f0:
                    e8:9b:e5:8b:cd:f9:ed:34:0e:2f:e0:98:48:85:56:
                    77:a1:81:cb:68:0b:8d:34:8b:58:c6:71:a1:7b:fd:
                    4b:01:3e:9c:3d:cd:e2:de:f9:ab:1f:04:1d:51:65:
                    c2:5f:e9:9f:fc:88:14:f1:03:57:3b:04:53:47:ea:
                    9a:74:82:54:18:38:bf:ad:8a:e9:6c:f3:d7:a9:b9:
                    16:f5:80:48:41:3c:d8:4c:d8:d5:03:bc:30:45:f6:
                    27:c1:be:0f:5e:ff:ad:01:0a:20:4f:1f:37:84:40:
                    3a:82:d9:e9:43:81:b5:a5:22:84:d0:12:c7:ff:44:
                    1f:ab:60:c7:35:ef:4a:74:fb:7d:20:d4:15:58:ec:
                    a0:78:9c:b2:32:45:98:8e:a1:2d:81:6a:fa:a0:71:
                    c8:2a:84:7f:1d:b1:0e:a3:7a:d7:57:0b:57:b7:c7:
                    79:24:8e:a7:ad:f2:b6:44:4a:81:4b:19:c9:cd:a6:
                    7f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:67:56:E5:15:8C:B7:36:66:CC:64:70:C9:68:B9:B0:90:75:C2:0C
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:04:31:38:85:d9:fb:3c:4f:b5:95:03:45:1b:79:60:0d:5f:
         af:9a:43:7a:be:81:5c:b2:90:f0:0c:e8:65:96:ec:1f:28:ec:
         45:5c:2d:40:aa:93:22:69:a0:27:38:29:f2:c6:a9:27:cb:2a:
         ca:de:5c:67:49:b4:e7:87:75:1b:de:b4:3f:10:10:3a:7f:71:
         01:72:82:c2:c8:04:29:21:cb:a6:21:d9:96:c6:a7:16:dd:3f:
         52:5a:78:a4:bd:57:2b:51:aa:23:af:f2:12:6e:3d:c9:64:09:
         e1:33:25:17:c6:93:9f:cf:01:ba:bb:7c:f3:a3:74:ad:ee:e5:
         cd:b0:83:83:1a:7f:66:0b:ba:48:2b:fc:d6:47:c6:b1:a3:81:
         2e:9d:ec:93:93:72:89:ed:30:00:21:71:0b:ea:fe:1a:b2:a2:
         85:a0:85:87:d4:bb:27:f2:3d:bb:e9:5d:b2:3c:fe:39:94:4a:
         bc:e3:d7:44:21:27:48:00:f6:75:09:db:f4:be:76:ad:0d:98:
         11:75:9b:22:e0:54:f9:43:18:c9:ab:7d:1e:b6:2c:4a:f6:35:
         e8:e3:05:39:f5:b2:0c:3e:b6:ec:23:97:79:27:2a:a2:e4:7d:
         7b:a5:f2:a2:5e:b8:15:06:89:dd:c9:67:13:55:b5:1f:aa:5a:
         2c:0f:2d:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Yvq6Gj76hdtyMXrXgcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjUxMTA0MTMwMTQ2WhcNMjUxMTA1MTMwMTQ2WjAzMTEwLwYDVQQD
Eyg0NDY3NTZlNTE1OGNiNzM2NjZjYzY0NzBjOTY4YjliMDkwNzVjMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0xtMTRWeK2tsEtyvbEwBJkUETvD
eHzABPnf0NC4CTEGPJcjqClYBXNQSFP07zxRAL30H31koRel7Y7XcJIohdkHbR0X
dA0hxvDom+WLzfntNA4v4JhIhVZ3oYHLaAuNNItYxnGhe/1LAT6cPc3i3vmrHwQd
UWXCX+mf/IgU8QNXOwRTR+qadIJUGDi/rYrpbPPXqbkW9YBIQTzYTNjVA7wwRfYn
wb4PXv+tAQogTx83hEA6gtnpQ4G1pSKE0BLH/0Qfq2DHNe9KdPt9INQVWOygeJyy
MkWYjqEtgWr6oHHIKoR/HbEOo3rXVwtXt8d5JI6nrfK2REqBSxnJzaZ/PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERnVuUVjLc2ZsxkcMloubCQdcIMMB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPwQxOIXZ
+zxPtZUDRRt5YA1fr5pDer6BXLKQ8AzoZZbsHyjsRVwtQKqTImmgJzgp8sapJ8sq
yt5cZ0m054d1G960PxAQOn9xAXKCwsgEKSHLpiHZlsanFt0/Ulp4pL1XK1GqI6/y
Em49yWQJ4TMlF8aTn88Burt886N0re7lzbCDgxp/Zgu6SCv81kfGsaOBLp3sk5Ny
ie0wACFxC+r+GrKihaCFh9S7J/I9u+ldsjz+OZRKvOPXRCEnSAD2dQnb9L52rQ2Y
EXWbIuBU+UMYyat9HrYsSvY16OMFOfWyDD627COXeScqouR9e6Xyol64FQaJ3cln
E1W1H6paLA8tKA==
-----END CERTIFICATE-----