Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft
File:                     SO3JpU4ccjtWqu330BVAxbNr2rY.mft (raw, json)
Hash identifier:          e11Sk0I+wTqTeZqYV+4ptPBAQYI1FfY+O/Nq/SMxuV0=
Subject key identifier:   A4:20:AB:40:0A:AE:20:83:77:6C:70:9E:73:FF:EC:8B:2F:B6:B4:27
Authority key identifier: 48:ED:C9:A5:4E:1C:72:3B:56:AA:ED:F7:D0:15:40:C5:B3:6B:DA:B6
Certificate issuer:       /CN=48edc9a54e1c723b56aaedf7d01540c5b36bdab6
Certificate serial:       019A725C6D24B65294240698207F76B666DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SO3JpU4ccjtWqu330BVAxbNr2rY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft
Manifest number:          0113
Signing time:             Tue 11 Nov 2025 10:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:51 +0000
Files and hashes:         1: SO3JpU4ccjtWqu330BVAxbNr2rY.crl (hash: NNFzegP9V4P0cL81KIHkrVrg/5y48RbPKkVfgRMbGHc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SO3JpU4ccjtWqu330BVAxbNr2rY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:6d:24:b6:52:94:24:06:98:20:7f:76:b6:66:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48edc9a54e1c723b56aaedf7d01540c5b36bdab6
        Validity
            Not Before: Nov 11 10:00:51 2025 GMT
            Not After : Nov 12 10:00:51 2025 GMT
        Subject: CN=a420ab400aae2083776c709e73ffec8b2fb6b427
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:7e:a9:d5:67:46:6b:6b:79:26:93:77:6e:db:
                    ce:97:72:b6:45:ff:0e:03:a2:8f:89:4d:79:e4:e9:
                    37:b0:9c:70:f9:da:23:75:b3:66:8f:66:b4:b8:3b:
                    dc:29:02:bd:cd:1e:b1:53:e3:0c:15:7d:cb:15:3e:
                    1f:d4:d1:d5:8f:78:eb:91:b8:3e:ec:11:e9:58:f8:
                    28:bd:9b:33:2e:07:b0:d3:42:24:da:66:ef:23:61:
                    e5:c1:5a:29:52:fe:91:91:56:ac:2f:68:db:b6:04:
                    1e:d9:2a:27:1e:b7:f1:54:22:81:e7:1a:fe:d2:e7:
                    6a:08:91:48:2b:a5:33:67:f9:06:e4:08:26:d9:a5:
                    8a:68:8b:a9:22:40:2e:09:d3:4d:88:96:27:c1:bd:
                    16:4d:d6:d8:b8:b2:de:10:c0:d2:af:05:e4:72:30:
                    bb:77:b1:e2:ba:3e:2c:c6:0e:72:14:ff:1b:dd:b1:
                    a4:fd:71:e8:55:9a:d3:df:30:e9:f8:c8:fd:28:01:
                    85:4b:99:ae:00:14:90:eb:0b:2b:bd:ac:89:89:ed:
                    a2:21:7e:01:ff:3f:53:06:88:08:a2:04:5f:c4:86:
                    f2:04:9d:1e:13:76:cf:c5:0b:9a:89:18:c5:b6:5a:
                    41:86:fd:b2:27:d6:5f:2e:70:81:0d:50:87:13:9e:
                    b5:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:20:AB:40:0A:AE:20:83:77:6C:70:9E:73:FF:EC:8B:2F:B6:B4:27
            X509v3 Authority Key Identifier:
                keyid:48:ED:C9:A5:4E:1C:72:3B:56:AA:ED:F7:D0:15:40:C5:B3:6B:DA:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SO3JpU4ccjtWqu330BVAxbNr2rY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:c2:a4:6e:a6:21:51:58:76:55:81:3c:24:3c:86:56:d3:23:
         87:24:26:fc:34:01:cb:59:d7:dc:39:6a:a4:e2:06:cc:70:0d:
         3b:9d:76:fe:86:76:8e:f0:66:19:24:d4:7f:39:a6:33:fa:f6:
         f9:5b:0f:5b:48:8c:bb:7e:04:bf:53:0e:48:75:bd:a3:64:c5:
         3b:7a:68:96:d8:12:b8:8c:2b:61:a9:5b:a2:e6:ba:6d:43:ec:
         d2:24:1b:92:01:61:34:ad:97:69:dc:87:85:ab:d5:13:2b:0f:
         f9:cf:d0:81:22:1d:21:7b:d0:24:f9:74:9e:24:91:21:ac:24:
         a2:39:f5:bf:66:e1:3d:49:b0:2e:91:41:49:59:97:20:b7:b0:
         21:a7:df:f3:96:84:85:48:8a:d2:75:53:8b:0f:29:c8:c0:a3:
         41:ca:69:6b:66:9b:1c:ab:c0:81:c4:cc:a9:0a:ef:0f:cf:31:
         38:d6:62:50:a6:95:d1:9e:6d:84:17:63:dd:1a:80:40:29:b9:
         5c:88:da:1a:57:9b:b6:fb:34:c9:95:7e:a0:84:e0:d0:fa:3f:
         df:67:38:f6:5f:28:6c:46:39:a6:e6:97:07:bf:4f:bd:4a:4f:
         7d:4a:22:14:75:95:a7:de:e3:ef:29:68:a6:6d:37:c2:1d:dc:
         31:e6:47:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXG0ktlKUJAaYIH92tmbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZWRjOWE1NGUxYzcyM2I1NmFhZWRmN2QwMTU0MGM1YjM2
YmRhYjYwHhcNMjUxMTExMTAwMDUxWhcNMjUxMTEyMTAwMDUxWjAzMTEwLwYDVQQD
EyhhNDIwYWI0MDBhYWUyMDgzNzc2YzcwOWU3M2ZmZWM4YjJmYjZiNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX6p1WdGa2t5JpN3btvOl3K2Rf8O
A6KPiU155Ok3sJxw+dojdbNmj2a0uDvcKQK9zR6xU+MMFX3LFT4f1NHVj3jrkbg+
7BHpWPgovZszLgew00Ik2mbvI2HlwVopUv6RkVasL2jbtgQe2SonHrfxVCKB5xr+
0udqCJFIK6UzZ/kG5Agm2aWKaIupIkAuCdNNiJYnwb0WTdbYuLLeEMDSrwXkcjC7
d7Hiuj4sxg5yFP8b3bGk/XHoVZrT3zDp+Mj9KAGFS5muABSQ6wsrvayJie2iIX4B
/z9TBogIogRfxIbyBJ0eE3bPxQuaiRjFtlpBhv2yJ9ZfLnCBDVCHE561dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQgq0AKriCDd2xwnnP/7IsvtrQnMB8GA1UdIwQY
MBaAFEjtyaVOHHI7Vqrt99AVQMWza9q2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU08zSnBVNGNjanRXcXUzMzBCVkF4Yk5yMnJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83ODBlZjYtNTNkOC00NzU0LWE4ZTMt
YzJhNmFlMGJmNmJlLzEvU08zSnBVNGNjanRXcXUzMzBCVkF4Yk5yMnJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83ODBlZjYtNTNkOC00NzU0LWE4ZTMtYzJhNmFlMGJmNmJl
LzEvU08zSnBVNGNjanRXcXUzMzBCVkF4Yk5yMnJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm8KkbqYh
UVh2VYE8JDyGVtMjhyQm/DQBy1nX3DlqpOIGzHANO512/oZ2jvBmGSTUfzmmM/r2
+VsPW0iMu34Ev1MOSHW9o2TFO3poltgSuIwrYalboua6bUPs0iQbkgFhNK2XadyH
havVEysP+c/QgSIdIXvQJPl0niSRIawkojn1v2bhPUmwLpFBSVmXILewIaff85aE
hUiK0nVTiw8pyMCjQcppa2abHKvAgcTMqQrvD88xONZiUKaV0Z5thBdj3RqAQCm5
XIjaGlebtvs0yZV+oITg0Po/32c49l8obEY5puaXB79PvUpPfUoiFHWVp97j7ylo
pm03wh3cMeZHOQ==
-----END CERTIFICATE-----