Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft
File:                     u-Sqx31jiC90NiBwTCTb7bGIDXo.mft (raw, json)
Hash identifier:          /H5dW5pE/IBJTkrJAbLboeGz01WRsgd8c7hxdnVk5jg=
Subject key identifier:   0D:92:42:AF:E7:BC:39:66:54:A2:41:B2:F8:1C:4D:36:04:ED:36:EB
Authority key identifier: BB:E4:AA:C7:7D:63:88:2F:74:36:20:70:4C:24:DB:ED:B1:88:0D:7A
Certificate issuer:       /CN=bbe4aac77d63882f743620704c24dbedb1880d7a
Certificate serial:       019A71B92E1E9E5188C6DA72FA44F032C0FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u-Sqx31jiC90NiBwTCTb7bGIDXo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft
Manifest number:          0679
Signing time:             Tue 11 Nov 2025 07:02:32 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:32 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:32 +0000
Files and hashes:         1: u-Sqx31jiC90NiBwTCTb7bGIDXo.crl (hash: mYIH4zOP+Wxr+Ky9NsOdQaGQfqpqTLrtbQa7p4dXVZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u-Sqx31jiC90NiBwTCTb7bGIDXo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:2e:1e:9e:51:88:c6:da:72:fa:44:f0:32:c0:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbe4aac77d63882f743620704c24dbedb1880d7a
        Validity
            Not Before: Nov 11 07:02:32 2025 GMT
            Not After : Nov 12 07:02:32 2025 GMT
        Subject: CN=0d9242afe7bc396654a241b2f81c4d3604ed36eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:77:79:ad:06:1b:d0:09:ac:53:e7:c8:83:fd:
                    47:34:e0:71:30:fa:60:06:28:4b:c2:e9:ac:09:86:
                    42:37:ee:49:91:b1:5c:c3:dd:6a:c4:46:9a:de:51:
                    8d:8e:2c:94:9c:25:a8:8b:2c:09:19:ea:a4:f1:78:
                    3c:59:db:97:27:06:c3:1a:5d:88:17:ea:1e:69:37:
                    b2:17:0a:40:b5:92:8c:a1:5d:48:e2:62:53:87:b7:
                    38:c4:41:c7:00:7a:ed:02:0b:28:29:13:15:88:f3:
                    d3:ce:48:72:93:c8:97:04:72:eb:da:d2:c6:0a:3c:
                    3f:79:cd:f1:1a:90:18:0c:e5:52:5a:07:87:8c:33:
                    11:88:5e:a0:05:3c:05:09:79:6a:a6:18:54:b1:70:
                    3c:da:9b:25:40:0c:c6:15:b4:b3:b9:86:2f:e8:0a:
                    3e:b0:72:90:24:e6:f0:04:33:ad:93:e6:17:c3:a6:
                    75:89:db:18:4d:a0:5e:b7:66:01:07:54:5f:7a:54:
                    c5:6e:9f:78:d2:fe:30:e1:d9:f2:c3:b3:1d:68:e2:
                    a4:b2:1f:f7:ff:00:5a:53:57:03:07:8b:98:ae:bf:
                    4c:35:90:3c:72:60:83:fb:b6:75:1f:2a:0b:40:3f:
                    16:ab:96:4f:19:81:b8:81:a6:55:f3:e6:00:5b:f2:
                    4f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:92:42:AF:E7:BC:39:66:54:A2:41:B2:F8:1C:4D:36:04:ED:36:EB
            X509v3 Authority Key Identifier:
                keyid:BB:E4:AA:C7:7D:63:88:2F:74:36:20:70:4C:24:DB:ED:B1:88:0D:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-Sqx31jiC90NiBwTCTb7bGIDXo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:70:c5:c9:e0:e5:94:e3:ce:1b:e2:71:df:0a:1b:dd:f7:d8:
         eb:8d:ca:e6:ed:e6:25:5a:60:54:6e:cc:0c:ca:c8:2e:8b:a7:
         86:99:e2:d3:f2:1f:ed:91:d3:57:5a:76:78:3d:f4:ca:0e:59:
         55:e6:49:01:34:61:b1:98:80:56:f3:e7:15:c1:b2:26:0c:49:
         d1:b8:32:46:10:56:89:98:f8:b5:0c:4d:b6:ce:db:c5:25:f1:
         bc:41:21:79:5d:c4:6d:d1:c1:92:ab:dc:44:94:49:8c:ab:b9:
         10:ae:e9:40:90:77:a9:21:85:16:b6:90:e9:5c:0b:9e:36:44:
         bd:cf:66:bf:dc:44:56:bf:17:58:e8:19:81:ce:ee:9d:e8:ac:
         c3:9c:41:f5:e8:74:cc:24:e3:37:34:6f:0e:75:91:e5:fa:3e:
         b4:31:e9:78:e2:7a:35:b9:1e:46:5e:da:2c:b2:73:07:7a:7a:
         af:90:4d:46:12:d4:1f:e6:76:48:70:ef:9c:d7:75:7e:a4:2d:
         b1:83:ab:bd:27:dd:83:e3:e9:cf:c6:0b:e0:24:95:65:f5:90:
         cc:eb:c6:a5:4c:25:97:22:fe:a4:a0:9b:46:e3:92:64:ce:51:
         47:91:93:fb:c0:9e:c0:ae:44:0b:c2:b9:b5:dd:48:f6:64:f9:
         0d:01:6e:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuS4enlGIxtpy+kTwMsD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTRhYWM3N2Q2Mzg4MmY3NDM2MjA3MDRjMjRkYmVkYjE4
ODBkN2EwHhcNMjUxMTExMDcwMjMyWhcNMjUxMTEyMDcwMjMyWjAzMTEwLwYDVQQD
EygwZDkyNDJhZmU3YmMzOTY2NTRhMjQxYjJmODFjNGQzNjA0ZWQzNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3d5rQYb0AmsU+fIg/1HNOBxMPpg
BihLwumsCYZCN+5JkbFcw91qxEaa3lGNjiyUnCWoiywJGeqk8Xg8WduXJwbDGl2I
F+oeaTeyFwpAtZKMoV1I4mJTh7c4xEHHAHrtAgsoKRMViPPTzkhyk8iXBHLr2tLG
Cjw/ec3xGpAYDOVSWgeHjDMRiF6gBTwFCXlqphhUsXA82pslQAzGFbSzuYYv6Ao+
sHKQJObwBDOtk+YXw6Z1idsYTaBet2YBB1RfelTFbp940v4w4dnyw7MdaOKksh/3
/wBaU1cDB4uYrr9MNZA8cmCD+7Z1HyoLQD8Wq5ZPGYG4gaZV8+YAW/JPRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2SQq/nvDlmVKJBsvgcTTYE7TbrMB8GA1UdIwQY
MBaAFLvkqsd9Y4gvdDYgcEwk2+2xiA16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1TcXgzMWppQzkwTmlCd1RDVGI3YkdJRFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kNGQ3ZDItOWNiMi00Y2UwLTg2NjUt
MWJhMjFiMGUyOTEzLzEvdS1TcXgzMWppQzkwTmlCd1RDVGI3YkdJRFhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kNGQ3ZDItOWNiMi00Y2UwLTg2NjUtMWJhMjFiMGUyOTEz
LzEvdS1TcXgzMWppQzkwTmlCd1RDVGI3YkdJRFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgXDFyeDl
lOPOG+Jx3wob3ffY643K5u3mJVpgVG7MDMrILounhpni0/If7ZHTV1p2eD30yg5Z
VeZJATRhsZiAVvPnFcGyJgxJ0bgyRhBWiZj4tQxNts7bxSXxvEEheV3EbdHBkqvc
RJRJjKu5EK7pQJB3qSGFFraQ6VwLnjZEvc9mv9xEVr8XWOgZgc7uneisw5xB9eh0
zCTjNzRvDnWR5fo+tDHpeOJ6NbkeRl7aLLJzB3p6r5BNRhLUH+Z2SHDvnNd1fqQt
sYOrvSfdg+Ppz8YL4CSVZfWQzOvGpUwllyL+pKCbRuOSZM5RR5GT+8CewK5EC8K5
td1I9mT5DQFu2A==
-----END CERTIFICATE-----