Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft
File:                     4PcIYcfPbv530i_HBJvpbGdopQA.mft (raw, json)
Hash identifier:          EVuymKqniASvM69HkCjfBoR4mY2I7s/TkKf27yjMUAs=
Subject key identifier:   F4:DA:59:4E:7F:38:41:FA:30:48:3C:3D:EE:C2:42:76:DE:A2:7F:C7
Authority key identifier: E0:F7:08:61:C7:CF:6E:FE:77:D2:2F:C7:04:9B:E9:6C:67:68:A5:00
Certificate issuer:       /CN=e0f70861c7cf6efe77d22fc7049be96c6768a500
Certificate serial:       019A7301670C3F16CAD5848AC0E8CD0F4085
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4PcIYcfPbv530i_HBJvpbGdopQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft
Manifest number:          06E3
Signing time:             Tue 11 Nov 2025 13:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:02 +0000
Files and hashes:         1: 4PcIYcfPbv530i_HBJvpbGdopQA.crl (hash: Sajje2lkowRVbmQHUqGfPn9BPyH/nkukoIIFBT0PF4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4PcIYcfPbv530i_HBJvpbGdopQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:67:0c:3f:16:ca:d5:84:8a:c0:e8:cd:0f:40:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0f70861c7cf6efe77d22fc7049be96c6768a500
        Validity
            Not Before: Nov 11 13:01:02 2025 GMT
            Not After : Nov 12 13:01:02 2025 GMT
        Subject: CN=f4da594e7f3841fa30483c3deec24276dea27fc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:fb:20:75:ae:cb:fa:d6:95:14:34:e4:6f:c3:
                    ac:3b:ee:3d:ea:0a:cb:36:74:58:f0:69:34:29:9d:
                    a4:95:6e:08:31:e1:de:a8:93:06:e2:f6:26:b4:0c:
                    c9:95:41:09:cd:34:07:da:8a:d4:61:db:a4:d6:12:
                    77:12:b4:c0:34:7b:7c:c1:12:1f:84:53:ea:80:2a:
                    ef:c3:6a:14:f0:1a:27:22:84:30:c1:e7:d5:23:38:
                    fb:99:81:35:9c:22:40:e4:ee:5a:f2:e2:b5:ee:6f:
                    42:62:dc:70:f9:92:e5:ae:a3:f6:da:07:20:f2:e2:
                    44:e3:5a:3c:24:97:bb:94:ab:36:93:1b:6e:1d:f9:
                    75:69:64:a8:cb:2e:a3:ec:41:8b:b6:a7:f9:f8:e8:
                    d1:86:55:4c:5f:a7:8e:3f:d8:10:51:0b:f3:a4:f9:
                    66:08:f0:98:46:52:5c:8f:97:79:be:cc:46:5b:6f:
                    7a:c4:06:11:17:94:14:de:f4:46:8f:89:23:d2:49:
                    fd:25:11:79:c4:be:e1:1f:99:cb:c3:e6:34:11:4b:
                    69:8f:5d:1e:7d:6c:6e:dd:49:b0:ce:5b:dd:6d:a2:
                    e9:38:bc:24:77:ea:76:5f:b9:79:0b:fe:41:df:f7:
                    9f:e9:e9:20:37:d9:56:1f:dd:c4:e8:62:e1:02:bf:
                    fd:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:DA:59:4E:7F:38:41:FA:30:48:3C:3D:EE:C2:42:76:DE:A2:7F:C7
            X509v3 Authority Key Identifier:
                keyid:E0:F7:08:61:C7:CF:6E:FE:77:D2:2F:C7:04:9B:E9:6C:67:68:A5:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4PcIYcfPbv530i_HBJvpbGdopQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:25:5a:1a:16:86:e3:fe:c1:cf:07:4d:9e:47:23:8b:13:8e:
         ee:93:71:75:39:13:01:12:20:cd:cd:98:1f:c9:4f:bf:dd:76:
         d2:e3:f6:9b:e4:09:c7:c2:61:47:63:55:ae:97:7f:8a:f6:e9:
         28:a6:8f:4d:82:d3:c2:5d:34:f8:de:0a:d1:af:5b:72:fd:2d:
         72:4d:bc:db:2f:18:0f:7d:f4:2e:5e:ec:7e:2f:ec:4f:05:d4:
         d2:9f:15:df:0d:49:ab:28:ad:8a:1c:77:3b:18:9a:31:2f:6b:
         b0:2c:de:36:30:5a:98:80:ee:e7:ad:79:c4:58:0a:f2:94:98:
         91:28:02:f6:d9:49:b4:bf:ca:73:a3:72:5c:93:39:7c:f8:8f:
         66:44:6a:f6:c2:37:9a:ab:30:2e:c0:76:79:21:4f:ea:27:84:
         64:b7:b5:ef:78:59:ce:58:18:82:f0:34:45:23:a4:4e:ff:d5:
         ce:88:63:f0:18:99:d6:da:e1:30:a7:32:32:cd:c5:41:81:b2:
         bd:47:76:2f:45:5a:f9:a8:1d:50:8a:62:57:45:bc:26:8e:67:
         08:1f:50:f0:29:45:f3:53:2b:ad:ef:f9:e4:f3:f2:3e:9b:16:
         06:42:56:62:44:a5:de:bd:d5:62:ad:c2:4c:25:ae:c6:fe:92:
         88:07:3b:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAWcMPxbK1YSKwOjND0CFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZjcwODYxYzdjZjZlZmU3N2QyMmZjNzA0OWJlOTZjNjc2
OGE1MDAwHhcNMjUxMTExMTMwMTAyWhcNMjUxMTEyMTMwMTAyWjAzMTEwLwYDVQQD
EyhmNGRhNTk0ZTdmMzg0MWZhMzA0ODNjM2RlZWMyNDI3NmRlYTI3ZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fsgda7L+taVFDTkb8OsO+496grL
NnRY8Gk0KZ2klW4IMeHeqJMG4vYmtAzJlUEJzTQH2orUYduk1hJ3ErTANHt8wRIf
hFPqgCrvw2oU8BonIoQwwefVIzj7mYE1nCJA5O5a8uK17m9CYtxw+ZLlrqP22gcg
8uJE41o8JJe7lKs2kxtuHfl1aWSoyy6j7EGLtqf5+OjRhlVMX6eOP9gQUQvzpPlm
CPCYRlJcj5d5vsxGW296xAYRF5QU3vRGj4kj0kn9JRF5xL7hH5nLw+Y0EUtpj10e
fWxu3UmwzlvdbaLpOLwkd+p2X7l5C/5B3/ef6ekgN9lWH93E6GLhAr/9ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTaWU5/OEH6MEg8Pe7CQnbeon/HMB8GA1UdIwQY
MBaAFOD3CGHHz27+d9IvxwSb6WxnaKUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFBjSVljZlBidjUzMGlfSEJKdnBiR2RvcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81NDI4MzAtY2M0OS00MTVhLTk3YjYt
NDQ3M2MwYjFlMDQ2LzEvNFBjSVljZlBidjUzMGlfSEJKdnBiR2RvcFFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81NDI4MzAtY2M0OS00MTVhLTk3YjYtNDQ3M2MwYjFlMDQ2
LzEvNFBjSVljZlBidjUzMGlfSEJKdnBiR2RvcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkiVaGhaG
4/7BzwdNnkcjixOO7pNxdTkTARIgzc2YH8lPv9120uP2m+QJx8JhR2NVrpd/ivbp
KKaPTYLTwl00+N4K0a9bcv0tck282y8YD330Ll7sfi/sTwXU0p8V3w1Jqyitihx3
OxiaMS9rsCzeNjBamIDu5615xFgK8pSYkSgC9tlJtL/Kc6NyXJM5fPiPZkRq9sI3
mqswLsB2eSFP6ieEZLe173hZzlgYgvA0RSOkTv/Vzohj8BiZ1trhMKcyMs3FQYGy
vUd2L0Va+agdUIpiV0W8Jo5nCB9Q8ClF81Mrre/55PPyPpsWBkJWYkSl3r3VYq3C
TCWuxv6SiAc7cQ==
-----END CERTIFICATE-----