Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
File:                     ckWEKSHz0CDU2AReUrsQ_PV-r28.mft (raw, json)
Hash identifier:          H1f/oO9LC1mSX98mZiAmY6JdWy5eS40uj/umfQbV1AQ=
Subject key identifier:   D6:AB:FE:F2:8B:E3:C9:2E:AF:B7:B9:DD:54:74:A2:29:95:0F:81:18
Authority key identifier: 72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F
Certificate issuer:       /CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
Certificate serial:       019A72261425FE5C854E4D9E0F8563603384
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
Manifest number:          109B
Signing time:             Tue 11 Nov 2025 09:01:29 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:29 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:29 +0000
Files and hashes:         1: ckWEKSHz0CDU2AReUrsQ_PV-r28.crl (hash: WgFCnk8+W0mk08Fau0COdSpw08y5BTdGjHXQJyUJzeQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:14:25:fe:5c:85:4e:4d:9e:0f:85:63:60:33:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
        Validity
            Not Before: Nov 11 09:01:29 2025 GMT
            Not After : Nov 12 09:01:29 2025 GMT
        Subject: CN=d6abfef28be3c92eafb7b9dd5474a229950f8118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:c9:b6:92:0a:b8:a7:64:45:5d:42:3c:eb:63:
                    ff:e7:ea:49:2b:53:b2:35:85:61:eb:8c:40:07:63:
                    52:7d:05:9f:73:5a:36:9c:99:4b:1e:ba:1a:59:11:
                    f0:62:0e:55:5d:a1:f8:96:43:0c:18:46:1c:af:6e:
                    27:52:44:a0:db:a3:13:1c:25:b4:d1:d8:0e:02:77:
                    d3:81:80:c5:61:ed:bf:f9:ad:bd:35:4c:d3:a2:06:
                    04:1d:d7:07:8e:39:9e:fa:f8:bf:0c:85:4a:a7:a5:
                    26:c5:d1:9d:6e:ff:12:10:9f:01:32:6d:3d:3d:bd:
                    43:0a:e1:a3:a7:60:f4:16:13:33:f4:53:36:22:3c:
                    61:b7:09:ea:c4:5a:09:7f:28:fc:03:26:e9:03:d6:
                    35:76:8e:04:3a:12:3a:64:b2:1e:6a:19:56:49:63:
                    4a:94:68:06:a3:34:47:61:e2:ea:76:c6:60:37:3b:
                    5c:c8:eb:75:4b:5b:1e:b9:48:51:95:1d:90:8f:05:
                    07:f6:d1:35:5f:65:59:7e:9d:4e:3b:13:57:75:a7:
                    40:c3:e6:ce:d8:c4:be:ab:2e:76:02:74:f2:ed:cb:
                    13:d7:a0:d5:b5:7c:38:a7:af:6f:87:ce:b9:46:f8:
                    f0:35:13:2b:43:60:ca:75:c3:75:94:8c:31:0b:09:
                    5a:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:AB:FE:F2:8B:E3:C9:2E:AF:B7:B9:DD:54:74:A2:29:95:0F:81:18
            X509v3 Authority Key Identifier:
                keyid:72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:cd:bc:d8:e2:02:f1:73:05:ca:b2:55:da:36:9c:ea:53:03:
         47:0e:f0:17:9b:53:5c:46:1c:50:07:04:1e:44:a5:09:5d:e4:
         ce:13:e8:a4:a1:70:5e:5c:ec:48:e8:06:e5:5a:f5:e7:36:53:
         e5:41:15:f4:69:25:9d:1a:d2:aa:cd:a9:d1:64:5c:12:f0:d1:
         0f:fb:1a:46:90:2d:27:25:38:eb:0c:06:bd:ef:c7:a3:f4:94:
         c0:9f:cf:83:18:22:e2:51:f9:d4:40:0f:11:85:66:aa:2e:6b:
         00:cd:47:45:ab:6c:c9:55:f3:01:e3:ab:cb:33:4a:c1:39:04:
         a7:1c:43:fb:45:13:8a:57:73:91:af:3a:d0:fd:ff:af:1a:62:
         4d:5a:c6:ba:b1:db:39:c3:78:14:d5:38:51:fd:1e:ab:f0:2c:
         9f:ca:eb:29:1d:81:f1:51:23:c5:7e:ff:92:de:a9:f6:22:71:
         13:83:07:bc:f6:59:ff:9a:9c:e6:0f:c7:13:a6:92:f6:0c:5d:
         a4:7e:0e:67:07:63:26:c1:33:e4:b7:05:b4:2a:d7:a7:6e:ed:
         38:88:e2:dc:9e:88:56:e3:b9:b8:7a:3f:6a:cd:8b:6d:5b:02:
         ba:c9:6f:39:8b:c9:a4:a0:6e:e3:d1:1b:d1:19:9d:95:0f:74:
         12:fe:f0:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhQl/lyFTk2eD4VjYDOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDU4NDI5MjFmM2QwMjBkNGQ4MDQ1ZTUyYmIxMGZjZjU3
ZWFmNmYwHhcNMjUxMTExMDkwMTI5WhcNMjUxMTEyMDkwMTI5WjAzMTEwLwYDVQQD
EyhkNmFiZmVmMjhiZTNjOTJlYWZiN2I5ZGQ1NDc0YTIyOTk1MGY4MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cm2kgq4p2RFXUI862P/5+pJK1Oy
NYVh64xAB2NSfQWfc1o2nJlLHroaWRHwYg5VXaH4lkMMGEYcr24nUkSg26MTHCW0
0dgOAnfTgYDFYe2/+a29NUzTogYEHdcHjjme+vi/DIVKp6UmxdGdbv8SEJ8BMm09
Pb1DCuGjp2D0FhMz9FM2IjxhtwnqxFoJfyj8AybpA9Y1do4EOhI6ZLIeahlWSWNK
lGgGozRHYeLqdsZgNztcyOt1S1seuUhRlR2QjwUH9tE1X2VZfp1OOxNXdadAw+bO
2MS+qy52AnTy7csT16DVtXw4p69vh865RvjwNRMrQ2DKdcN1lIwxCwlauwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNar/vKL48kur7e53VR0oimVD4EYMB8GA1UdIwQY
MBaAFHJFhCkh89Ag1NgEXlK7EPz1fq9vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2Mt
OGUyNThlZmVkZmZhLzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2MtOGUyNThlZmVkZmZh
LzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbs282OIC
8XMFyrJV2jac6lMDRw7wF5tTXEYcUAcEHkSlCV3kzhPopKFwXlzsSOgG5Vr15zZT
5UEV9GklnRrSqs2p0WRcEvDRD/saRpAtJyU46wwGve/Ho/SUwJ/Pgxgi4lH51EAP
EYVmqi5rAM1HRatsyVXzAeOryzNKwTkEpxxD+0UTildzka860P3/rxpiTVrGurHb
OcN4FNU4Uf0eq/Asn8rrKR2B8VEjxX7/kt6p9iJxE4MHvPZZ/5qc5g/HE6aS9gxd
pH4OZwdjJsEz5LcFtCrXp27tOIji3J6IVuO5uHo/as2LbVsCuslvOYvJpKBu49Eb
0RmdlQ90Ev7wWw==
-----END CERTIFICATE-----