Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
File:                     f1HfHfTohn5B5ef5Lef50foMFU0.mft (raw, json)
Hash identifier:          k8iFMZrFJuoy9eSCpn+3R13m18tP3l/K7nTtuDwEzbQ=
Subject key identifier:   00:95:1D:78:D3:10:A8:F7:44:9F:9F:49:D3:94:93:9C:90:4D:D0:83
Authority key identifier: 7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D
Certificate issuer:       /CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
Certificate serial:       019A4D7475FD83D77F786DB02327AE9705BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
Manifest number:          0BF1
Signing time:             Tue 04 Nov 2025 06:01:09 +0000
Manifest this update:     Tue 04 Nov 2025 06:01:09 +0000
Manifest next update:     Wed 05 Nov 2025 06:01:09 +0000
Files and hashes:         1: f1HfHfTohn5B5ef5Lef50foMFU0.crl (hash: eamhS2lrNnoYFf4F6MbCn+t1DoRMx/ZPD6M3ARHikio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:75:fd:83:d7:7f:78:6d:b0:23:27:ae:97:05:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
        Validity
            Not Before: Nov  4 06:01:09 2025 GMT
            Not After : Nov  5 06:01:09 2025 GMT
        Subject: CN=00951d78d310a8f7449f9f49d394939c904dd083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a7:24:0f:8f:6b:bc:e2:30:bc:e0:55:6a:e2:
                    74:54:56:a4:94:af:7a:9c:18:03:bf:ec:f7:a4:27:
                    64:9d:ad:3e:92:e5:b0:50:c9:98:dd:bc:f1:c8:09:
                    5c:47:4b:b3:39:a8:cd:dc:ab:21:a9:f4:7d:c6:20:
                    c5:06:c1:7b:7e:1e:6e:b2:f9:ad:af:f6:95:b4:70:
                    fe:3b:e5:51:93:21:da:45:c0:91:db:99:16:08:47:
                    7c:4d:8f:54:0e:a9:4b:07:e6:84:eb:ef:bf:e2:87:
                    02:7d:70:c2:bc:25:1c:c3:ec:5d:74:e4:62:17:3a:
                    8f:a5:45:86:f2:43:97:63:93:5f:fd:75:65:92:02:
                    a8:de:08:5d:2d:6f:62:36:fb:ef:01:b9:07:a7:1c:
                    9c:d3:90:af:43:3d:76:b0:7b:ea:0e:b4:97:70:ef:
                    a2:04:c3:cd:dd:bd:55:66:34:5d:88:94:af:90:33:
                    b8:36:bd:34:b9:24:cf:99:63:b6:b7:d2:a9:04:1b:
                    5e:28:52:18:65:78:53:85:4d:ce:b1:88:6e:80:27:
                    1e:b5:9f:58:15:7a:d9:e4:7f:1e:25:a9:30:c7:94:
                    73:e8:a9:5a:2c:3b:0f:6f:5c:2e:0e:9f:ab:95:02:
                    1a:93:a1:11:41:39:83:16:73:74:df:4a:2a:61:79:
                    c5:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:95:1D:78:D3:10:A8:F7:44:9F:9F:49:D3:94:93:9C:90:4D:D0:83
            X509v3 Authority Key Identifier:
                keyid:7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:c4:dc:b7:80:c1:de:c3:51:fc:fa:28:d4:36:7c:2b:b7:af:
         f3:a3:f2:31:b8:de:a6:1d:7c:18:79:61:a8:5a:19:3d:7e:03:
         f9:48:00:0a:90:7a:b2:4e:f3:67:6c:4d:fe:56:b9:37:3e:01:
         2c:d3:df:78:26:af:1c:9f:df:2d:0b:95:0b:15:f5:b2:17:6d:
         65:1d:e3:86:1b:d2:d1:1a:1f:7e:e0:0d:a6:26:fb:31:db:10:
         13:20:86:2a:bc:12:9e:37:10:c1:d0:64:d0:67:75:a3:fb:7a:
         30:f5:23:aa:3d:9e:b2:f7:9b:89:f6:47:1b:74:5d:e2:99:45:
         b6:22:e3:e7:eb:e0:a2:db:c8:ff:a9:b6:1f:d6:59:a0:b1:b5:
         ed:39:7f:1e:c5:79:7e:78:2e:05:25:d1:e4:bd:86:a9:83:15:
         ea:53:ac:b2:b0:00:89:0a:1a:18:e8:32:13:23:e4:d0:71:87:
         38:d8:07:a8:d4:1e:a1:2c:37:f4:82:ae:a6:e7:b1:d7:e3:80:
         15:bb:cd:89:5a:2a:19:6a:09:dd:84:a6:b1:e8:48:67:d5:b8:
         4d:ab:5f:78:a6:82:cd:14:c3:f1:86:91:8e:6d:31:f9:d0:f9:
         77:cd:64:84:b9:6e:74:dc:e6:92:77:9b:5f:ad:1c:9e:56:80:
         1e:20:a5:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdHX9g9d/eG2wIyeulwW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTFkZjFkZjRlODg2N2U0MWU1ZTdmOTJkZTdmOWQxZmEw
YzE1NGQwHhcNMjUxMTA0MDYwMTA5WhcNMjUxMTA1MDYwMTA5WjAzMTEwLwYDVQQD
EygwMDk1MWQ3OGQzMTBhOGY3NDQ5ZjlmNDlkMzk0OTM5YzkwNGRkMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqckD49rvOIwvOBVauJ0VFaklK96
nBgDv+z3pCdkna0+kuWwUMmY3bzxyAlcR0uzOajN3KshqfR9xiDFBsF7fh5usvmt
r/aVtHD+O+VRkyHaRcCR25kWCEd8TY9UDqlLB+aE6++/4ocCfXDCvCUcw+xddORi
FzqPpUWG8kOXY5Nf/XVlkgKo3ghdLW9iNvvvAbkHpxyc05CvQz12sHvqDrSXcO+i
BMPN3b1VZjRdiJSvkDO4Nr00uSTPmWO2t9KpBBteKFIYZXhThU3OsYhugCcetZ9Y
FXrZ5H8eJakwx5Rz6KlaLDsPb1wuDp+rlQIak6ERQTmDFnN030oqYXnFMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACVHXjTEKj3RJ+fSdOUk5yQTdCDMB8GA1UdIwQY
MBaAFH9R3x306IZ+QeXn+S3n+dH6DBVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgt
NmQ5MDM1YWYxNTM1LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgtNmQ5MDM1YWYxNTM1
LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATcTct4DB
3sNR/Poo1DZ8K7ev86PyMbjeph18GHlhqFoZPX4D+UgACpB6sk7zZ2xN/la5Nz4B
LNPfeCavHJ/fLQuVCxX1shdtZR3jhhvS0RoffuANpib7MdsQEyCGKrwSnjcQwdBk
0Gd1o/t6MPUjqj2esvebifZHG3Rd4plFtiLj5+vgotvI/6m2H9ZZoLG17Tl/HsV5
fnguBSXR5L2GqYMV6lOssrAAiQoaGOgyEyPk0HGHONgHqNQeoSw39IKupuex1+OA
FbvNiVoqGWoJ3YSmsehIZ9W4TatfeKaCzRTD8YaRjm0x+dD5d81khLludNzmkneb
X60cnlaAHiClfQ==
-----END CERTIFICATE-----