Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File:                     s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier:          Ekkxvs4VAJW9v4SZbk924versQZaj3l6KM0kCmoQeWM=
Subject key identifier:   CB:46:A5:3F:F2:27:60:93:47:48:54:1F:91:A2:16:EC:1F:7E:3A:77
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer:       /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial:       019A4EF5CC4A91AF8AF97F9F21C00ED3AF54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number:          1184
Signing time:             Tue 04 Nov 2025 13:02:02 +0000
Manifest this update:     Tue 04 Nov 2025 13:02:02 +0000
Manifest next update:     Wed 05 Nov 2025 13:02:02 +0000
Files and hashes:         1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: vliMmqxE6namtwnhlWlUtSFpT+RKRZ1txQMT6mZ/6j0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:cc:4a:91:af:8a:f9:7f:9f:21:c0:0e:d3:af:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
        Validity
            Not Before: Nov  4 13:02:02 2025 GMT
            Not After : Nov  5 13:02:02 2025 GMT
        Subject: CN=cb46a53ff22760934748541f91a216ec1f7e3a77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:69:bb:b2:d7:59:58:3e:da:b1:7a:ca:9b:df:
                    1e:05:68:17:5b:a0:0c:81:26:0f:06:7b:a1:2c:ca:
                    e1:c3:04:ca:28:bb:3e:a5:55:78:cd:0b:01:8d:66:
                    e4:fd:8b:89:ed:17:b8:bb:c6:5c:55:e7:2e:3e:35:
                    c2:97:4e:84:cd:b1:04:43:00:cc:91:88:a1:c9:e0:
                    83:9d:75:40:40:3e:9d:2a:63:85:b2:8b:de:16:d0:
                    45:72:f7:e9:55:0d:5b:26:e3:62:0d:29:3a:ba:22:
                    39:21:90:d6:67:09:c1:13:3b:84:50:07:ad:b2:1e:
                    97:17:e7:95:16:24:ec:e1:53:7a:67:42:ac:64:3e:
                    91:3e:56:29:3e:cd:81:24:ca:85:c8:dd:85:41:08:
                    ae:82:91:2c:0e:a3:3c:01:56:b9:c1:07:20:0c:c8:
                    45:cf:54:5c:d4:01:30:47:f6:3e:f2:4e:87:57:b9:
                    ee:3c:86:57:b5:51:33:81:22:05:b3:aa:86:07:a7:
                    fb:09:ee:4f:f8:67:07:ca:a2:a8:6d:ee:82:5a:fb:
                    5a:3a:ff:44:8f:ca:94:50:80:ca:bc:1f:e0:77:8d:
                    8e:1d:7b:da:02:6b:c1:67:37:de:27:dc:2c:31:92:
                    46:57:79:b3:9b:b6:0e:56:af:8c:fb:0e:f4:0e:ed:
                    03:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:46:A5:3F:F2:27:60:93:47:48:54:1F:91:A2:16:EC:1F:7E:3A:77
            X509v3 Authority Key Identifier:
                keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:d9:e3:b4:3a:67:7e:26:c3:f1:e2:d1:e7:ea:2d:0b:05:a8:
         ec:04:8e:86:4d:19:7d:43:be:85:c6:03:a4:86:0f:23:d8:9c:
         c9:29:16:7a:1f:ad:9c:49:00:fb:1f:a8:04:b0:77:38:e1:8d:
         54:d1:e2:fa:1d:cd:16:fd:67:bf:b8:be:34:4a:37:c5:d3:7e:
         21:38:6d:d4:54:21:0b:86:55:c0:60:b9:c2:bc:80:f6:e5:f1:
         25:24:ff:42:3b:af:2d:1c:9d:73:b7:1d:d8:f2:8b:99:b8:3b:
         75:6d:31:45:64:6f:f3:34:dd:43:18:dd:fa:0a:84:c7:1b:96:
         a2:91:f0:c0:f6:03:48:0a:cb:db:c4:7a:a3:95:6a:b2:ac:80:
         ad:66:8b:f0:c4:35:14:92:12:94:86:11:44:67:b7:b0:c1:0f:
         3e:e9:59:76:c0:48:80:cb:f9:b1:89:da:5f:e9:55:7c:09:69:
         98:3e:67:88:df:b7:e2:80:c2:c2:30:31:ba:01:9b:be:5d:cf:
         d7:1c:de:b7:0d:ce:97:32:5e:5f:03:9b:b3:17:59:aa:5f:cc:
         b3:f4:e1:c9:29:8a:1b:f8:21:79:ff:06:be:44:39:b5:93:7a:
         fe:0e:bc:67:cb:db:cb:9d:c2:38:7f:9f:b9:12:00:76:3f:61:
         50:fe:8c:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9cxKka+K+X+fIcAO069UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjUxMTA0MTMwMjAyWhcNMjUxMTA1MTMwMjAyWjAzMTEwLwYDVQQD
EyhjYjQ2YTUzZmYyMjc2MDkzNDc0ODU0MWY5MWEyMTZlYzFmN2UzYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGm7stdZWD7asXrKm98eBWgXW6AM
gSYPBnuhLMrhwwTKKLs+pVV4zQsBjWbk/YuJ7Re4u8ZcVecuPjXCl06EzbEEQwDM
kYihyeCDnXVAQD6dKmOFsoveFtBFcvfpVQ1bJuNiDSk6uiI5IZDWZwnBEzuEUAet
sh6XF+eVFiTs4VN6Z0KsZD6RPlYpPs2BJMqFyN2FQQiugpEsDqM8AVa5wQcgDMhF
z1Rc1AEwR/Y+8k6HV7nuPIZXtVEzgSIFs6qGB6f7Ce5P+GcHyqKobe6CWvtaOv9E
j8qUUIDKvB/gd42OHXvaAmvBZzfeJ9wsMZJGV3mzm7YOVq+M+w70Du0DIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtGpT/yJ2CTR0hUH5GiFuwffjp3MB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj9njtDpn
fibD8eLR5+otCwWo7ASOhk0ZfUO+hcYDpIYPI9icySkWeh+tnEkA+x+oBLB3OOGN
VNHi+h3NFv1nv7i+NEo3xdN+ITht1FQhC4ZVwGC5wryA9uXxJST/QjuvLRydc7cd
2PKLmbg7dW0xRWRv8zTdQxjd+gqExxuWopHwwPYDSArL28R6o5VqsqyArWaL8MQ1
FJISlIYRRGe3sMEPPulZdsBIgMv5sYnaX+lVfAlpmD5niN+34oDCwjAxugGbvl3P
1xzetw3OlzJeXwObsxdZql/Ms/ThySmKG/ghef8GvkQ5tZN6/g68Z8vby53COH+f
uRIAdj9hUP6MJQ==
-----END CERTIFICATE-----