Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
File:                     r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json)
Hash identifier:          CQBVhge9IlTdvsyiK6xRVcRhvmO2uuG7ZmOVc08Elh4=
Subject key identifier:   F1:8A:C8:8F:89:33:11:3E:2F:94:D6:24:ED:96:59:A3:C4:25:10:DC
Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84
Certificate issuer:       /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
Certificate serial:       019A51BEC54DA0C38DE14D5AB8C529D3C8CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
Manifest number:          0380
Signing time:             Wed 05 Nov 2025 02:00:48 +0000
Manifest this update:     Wed 05 Nov 2025 02:00:48 +0000
Manifest next update:     Thu 06 Nov 2025 02:00:48 +0000
Files and hashes:         1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: 9/3A+D+T5FJdQyWEyplNv4KDfHIfw4aZZEp4XIa8rlg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:be:c5:4d:a0:c3:8d:e1:4d:5a:b8:c5:29:d3:c8:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
        Validity
            Not Before: Nov  5 02:00:48 2025 GMT
            Not After : Nov  6 02:00:48 2025 GMT
        Subject: CN=f18ac88f8933113e2f94d624ed9659a3c42510dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:43:b1:a5:6e:0b:7e:7e:dd:bb:72:51:d8:81:
                    ae:ba:91:d9:7c:15:22:ed:df:5b:00:a2:2f:99:8f:
                    8d:70:40:dd:b9:07:76:df:17:42:6c:5f:98:8f:4d:
                    bf:75:a4:48:dd:20:9d:c3:b9:c8:e1:d7:74:b9:88:
                    d4:20:0d:b0:c5:38:6b:7e:39:df:84:28:47:8e:e9:
                    69:c0:eb:73:c1:d5:86:0f:47:20:76:4c:31:71:83:
                    2c:7c:42:e0:3a:cc:7c:14:12:68:e6:7d:0a:14:84:
                    0d:31:f0:34:3b:ba:19:f9:92:c7:a7:9f:e6:7b:c2:
                    d0:7e:38:df:a7:71:96:ad:0d:1a:c6:7f:94:f7:ba:
                    4b:2a:0d:db:4f:13:49:4b:b5:1c:d7:0c:94:ed:f3:
                    27:93:19:29:17:21:fe:e3:9b:fe:e6:55:a8:1a:36:
                    e8:6d:b9:30:a3:c7:d4:3c:62:0c:13:89:4c:e0:66:
                    92:7d:5c:17:a6:f8:27:d6:be:93:f7:5a:00:d5:60:
                    4b:b6:24:8b:90:fe:20:2c:70:b3:1d:87:6b:12:c5:
                    ec:d2:73:8a:6b:9b:f3:0e:8f:e1:8a:5c:66:33:46:
                    a9:5e:85:92:6f:fc:4b:15:d8:2f:5c:bd:4b:4e:cf:
                    9e:e3:83:b0:95:c1:68:00:e9:97:98:a5:d9:92:c0:
                    21:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:8A:C8:8F:89:33:11:3E:2F:94:D6:24:ED:96:59:A3:C4:25:10:DC
            X509v3 Authority Key Identifier:
                keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:b1:79:3e:83:a8:10:24:99:c4:e2:3e:b3:e4:9a:19:dc:ca:
         d0:c6:47:1d:39:4e:e9:c1:5b:cb:53:0e:cb:6a:91:69:a6:62:
         da:ff:46:56:1b:af:e6:d2:bf:db:59:55:96:42:82:66:e0:07:
         44:1d:89:39:6b:ed:5c:58:57:41:97:55:83:6f:da:6d:cf:ae:
         87:48:ec:34:58:14:5e:aa:b5:d0:70:a4:4f:4b:c2:15:cf:80:
         6f:a9:d2:00:37:c8:61:53:c8:22:5f:e0:8d:ca:3e:17:de:7e:
         af:9c:69:47:4d:63:3b:07:1a:2d:2d:df:f6:a4:57:5e:5a:36:
         3a:82:56:d2:a5:83:87:e2:a3:ff:22:0d:b0:67:94:fb:a9:36:
         7b:04:ba:8b:1e:7d:d9:0e:e5:ca:79:99:aa:04:d9:1e:37:a7:
         21:d6:79:37:97:b9:f3:bf:3a:f3:6c:05:71:3f:93:64:32:97:
         d3:9d:a9:cc:e2:d2:86:84:e8:32:69:8a:22:7a:4e:ac:37:0f:
         2b:3a:e8:6c:d6:53:5a:d7:eb:ba:22:39:dd:08:01:69:3a:81:
         f4:21:97:d4:14:ba:e4:b8:9b:6f:d3:c8:67:f6:b1:cc:3b:0e:
         fd:4b:7a:bf:1e:3e:01:8a:b3:22:bf:73:6d:88:cb:05:ac:42:
         df:18:40:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRvsVNoMON4U1auMUp08jLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz
NzU5ODQwHhcNMjUxMTA1MDIwMDQ4WhcNMjUxMTA2MDIwMDQ4WjAzMTEwLwYDVQQD
EyhmMThhYzg4Zjg5MzMxMTNlMmY5NGQ2MjRlZDk2NTlhM2M0MjUxMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10OxpW4Lfn7du3JR2IGuupHZfBUi
7d9bAKIvmY+NcEDduQd23xdCbF+Yj02/daRI3SCdw7nI4dd0uYjUIA2wxThrfjnf
hChHjulpwOtzwdWGD0cgdkwxcYMsfELgOsx8FBJo5n0KFIQNMfA0O7oZ+ZLHp5/m
e8LQfjjfp3GWrQ0axn+U97pLKg3bTxNJS7Uc1wyU7fMnkxkpFyH+45v+5lWoGjbo
bbkwo8fUPGIME4lM4GaSfVwXpvgn1r6T91oA1WBLtiSLkP4gLHCzHYdrEsXs0nOK
a5vzDo/hilxmM0apXoWSb/xLFdgvXL1LTs+e44OwlcFoAOmXmKXZksAhXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGKyI+JMxE+L5TWJO2WWaPEJRDcMB8GA1UdIwQY
MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct
NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4
LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLF5PoOo
ECSZxOI+s+SaGdzK0MZHHTlO6cFby1MOy2qRaaZi2v9GVhuv5tK/21lVlkKCZuAH
RB2JOWvtXFhXQZdVg2/abc+uh0jsNFgUXqq10HCkT0vCFc+Ab6nSADfIYVPIIl/g
jco+F95+r5xpR01jOwcaLS3f9qRXXlo2OoJW0qWDh+Kj/yINsGeU+6k2ewS6ix59
2Q7lynmZqgTZHjenIdZ5N5e5878682wFcT+TZDKX052pzOLShoToMmmKInpOrDcP
KzrobNZTWtfruiI53QgBaTqB9CGX1BS65Libb9PIZ/axzDsO/Ut6vx4+AYqzIr9z
bYjLBaxC3xhArg==
-----END CERTIFICATE-----