Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
File:                     i6gkldaDsIyIGoGM0B-kL_9v9tE.mft (raw, json)
Hash identifier:          FFL9kb65R06HlX13sM21k0vxzlacq3rfmnidoBjnico=
Subject key identifier:   CF:FC:F1:52:00:63:FD:EF:F6:2F:B9:71:ED:EC:53:37:0E:02:AF:C3
Authority key identifier: 8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1
Certificate issuer:       /CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
Certificate serial:       019A541A9565A97574CD50AFE3C32287A277
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
Manifest number:          0305
Signing time:             Wed 05 Nov 2025 13:00:19 +0000
Manifest this update:     Wed 05 Nov 2025 13:00:19 +0000
Manifest next update:     Thu 06 Nov 2025 13:00:19 +0000
Files and hashes:         1: i6gkldaDsIyIGoGM0B-kL_9v9tE.crl (hash: ueoPhMsTYpmy5pHHwQkuGIUGj9mkpjfnYbROy0Kps9o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:1a:95:65:a9:75:74:cd:50:af:e3:c3:22:87:a2:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
        Validity
            Not Before: Nov  5 13:00:19 2025 GMT
            Not After : Nov  6 13:00:19 2025 GMT
        Subject: CN=cffcf1520063fdeff62fb971edec53370e02afc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:c8:6f:d4:eb:95:19:93:75:6d:57:a8:c1:58:
                    ed:c4:d6:43:5c:30:4d:2d:2f:83:fa:42:64:1a:bf:
                    2f:a1:12:2a:a3:d3:cd:39:31:9f:e5:16:bc:88:7a:
                    e9:2f:95:57:31:31:2a:89:13:95:ce:2a:06:82:40:
                    0b:77:f2:bd:3b:b6:67:52:c5:e8:8d:bd:a9:70:3d:
                    de:3e:48:9d:2e:a5:29:c7:d1:be:32:ac:a6:93:68:
                    21:a0:7b:53:00:e5:7d:cf:34:e8:60:52:b5:56:2d:
                    0d:11:35:2e:b9:2e:96:9d:5b:c7:28:cb:15:92:e8:
                    d8:9f:a0:49:8b:84:08:72:c0:60:e0:3d:5c:46:91:
                    6d:d8:c5:0e:3d:55:32:8c:da:d6:3b:14:26:55:b3:
                    da:f9:5a:48:45:a2:ae:7c:91:21:bc:56:93:37:de:
                    62:2b:aa:be:26:fc:c1:fe:b2:ac:30:69:11:e4:91:
                    93:d6:1a:2c:8a:b3:a0:7b:de:30:d0:c4:ec:6d:36:
                    9b:35:92:3f:0e:e6:6e:ee:8c:32:9f:09:d1:c3:2b:
                    6d:1d:1e:2c:7e:cf:45:5e:cb:4a:26:70:f6:f7:36:
                    b0:b0:c1:ad:c3:14:d0:8a:28:55:bf:9b:b3:29:2c:
                    3a:f6:8d:45:72:11:eb:dc:7d:39:09:ef:73:0f:4e:
                    11:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:FC:F1:52:00:63:FD:EF:F6:2F:B9:71:ED:EC:53:37:0E:02:AF:C3
            X509v3 Authority Key Identifier:
                keyid:8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:d3:67:f6:d6:f7:8f:83:e0:7e:9a:01:0d:17:07:ce:f7:69:
         dc:cf:f8:d4:f6:5a:da:4d:7e:91:fe:cc:8c:e7:19:ad:ad:cb:
         94:6a:1d:69:69:f6:2c:58:b4:52:c2:a1:8a:d6:85:85:fe:d4:
         4e:75:13:3c:f9:2c:75:31:55:9b:a8:26:09:7f:ed:45:b6:9d:
         e3:fe:c7:8a:49:a0:23:53:ef:ff:5f:56:13:d1:81:6e:86:2b:
         bc:7d:2c:12:fc:96:de:0a:a4:32:39:a7:74:db:03:20:7a:03:
         db:10:ee:02:f0:e3:12:d7:e5:af:27:d6:21:21:e6:ba:d7:a4:
         52:d0:dd:d7:83:b5:ca:c4:98:5c:b6:c5:94:1a:ef:7e:61:ed:
         ca:01:e0:38:9e:26:df:ba:98:81:51:4f:0d:74:7c:2f:bb:1f:
         25:0c:23:2e:81:0e:16:21:4d:63:a1:3e:80:0a:20:ae:f8:e2:
         75:6e:56:0f:bb:f2:5f:9e:83:57:5b:31:85:1e:f7:f5:1c:41:
         49:e0:d4:57:80:13:dc:90:f9:ce:f9:fd:ab:e8:ca:f9:1b:29:
         49:f6:92:db:ec:62:91:f4:50:a4:91:e4:dd:4e:cf:22:29:94:
         fc:7a:4b:60:77:55:2c:97:32:a5:1f:38:e7:5d:34:44:d0:d1:
         2a:bb:8d:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUGpVlqXV0zVCv48Mih6J3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYTgyNDk1ZDY4M2IwOGM4ODFhODE4Y2QwMWZhNDJmZmY2
ZmY2ZDEwHhcNMjUxMTA1MTMwMDE5WhcNMjUxMTA2MTMwMDE5WjAzMTEwLwYDVQQD
EyhjZmZjZjE1MjAwNjNmZGVmZjYyZmI5NzFlZGVjNTMzNzBlMDJhZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18hv1OuVGZN1bVeowVjtxNZDXDBN
LS+D+kJkGr8voRIqo9PNOTGf5Ra8iHrpL5VXMTEqiROVzioGgkALd/K9O7ZnUsXo
jb2pcD3ePkidLqUpx9G+Mqymk2ghoHtTAOV9zzToYFK1Vi0NETUuuS6WnVvHKMsV
kujYn6BJi4QIcsBg4D1cRpFt2MUOPVUyjNrWOxQmVbPa+VpIRaKufJEhvFaTN95i
K6q+JvzB/rKsMGkR5JGT1hosirOge94w0MTsbTabNZI/DuZu7owynwnRwyttHR4s
fs9FXstKJnD29zawsMGtwxTQiihVv5uzKSw69o1FchHr3H05Ce9zD04RSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/88VIAY/3v9i+5ce3sUzcOAq/DMB8GA1UdIwQY
MBaAFIuoJJXWg7CMiBqBjNAfpC//b/bRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTkt
YzYyNTBmYjYwOTZlLzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTktYzYyNTBmYjYwOTZl
LzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAdNn9tb3
j4PgfpoBDRcHzvdp3M/41PZa2k1+kf7MjOcZra3LlGodaWn2LFi0UsKhitaFhf7U
TnUTPPksdTFVm6gmCX/tRbad4/7HikmgI1Pv/19WE9GBboYrvH0sEvyW3gqkMjmn
dNsDIHoD2xDuAvDjEtflryfWISHmutekUtDd14O1ysSYXLbFlBrvfmHtygHgOJ4m
37qYgVFPDXR8L7sfJQwjLoEOFiFNY6E+gAogrvjidW5WD7vyX56DV1sxhR739RxB
SeDUV4AT3JD5zvn9q+jK+RspSfaS2+xikfRQpJHk3U7PIimU/HpLYHdVLJcypR84
5100RNDRKruNhg==
-----END CERTIFICATE-----