Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
File:                     iqR9CPyFIT30_aLPlWG45ovCc9w.mft (raw, json)
Hash identifier:          9kHVWDqyqR43CutE8GwkfX4lIlAZRhRZq6Wj0/A34gQ=
Subject key identifier:   55:A1:EB:83:A5:AB:87:26:96:1F:8B:1F:B1:75:7F:2C:79:1E:A3:44
Authority key identifier: 8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC
Certificate issuer:       /CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
Certificate serial:       019A71EEF4668A972B3E93F4A732A656B337
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
Manifest number:          0BAF
Signing time:             Tue 11 Nov 2025 08:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:16 +0000
Files and hashes:         1: iqR9CPyFIT30_aLPlWG45ovCc9w.crl (hash: oJlpq7LfcaW+V610cs4OWbezadwR/h2Y5e4jrsD/2f4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:f4:66:8a:97:2b:3e:93:f4:a7:32:a6:56:b3:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
        Validity
            Not Before: Nov 11 08:01:16 2025 GMT
            Not After : Nov 12 08:01:16 2025 GMT
        Subject: CN=55a1eb83a5ab8726961f8b1fb1757f2c791ea344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:17:da:64:e1:0b:b4:31:cf:b8:2f:18:ae:6d:
                    3c:d2:3b:77:17:91:4b:46:12:67:73:ee:92:92:be:
                    55:ff:b6:d8:49:31:0b:44:10:bd:55:89:87:e9:8c:
                    95:38:e8:91:d2:84:9b:d0:c4:d6:2c:e7:39:e1:1b:
                    c0:b3:83:5c:ed:fa:eb:2c:f7:39:ed:57:ae:54:f9:
                    8e:42:80:9a:56:06:0a:a5:51:b4:68:cd:cc:04:2c:
                    46:f9:b0:5d:c7:f9:27:de:5b:84:6d:0e:db:3e:3f:
                    e2:8b:8f:c1:58:a2:fb:fd:ce:c1:8b:c6:3c:07:98:
                    7a:9b:1c:6b:b5:c1:03:dd:69:00:04:7d:90:7d:53:
                    26:43:fa:0d:5e:f3:34:c6:bf:5f:93:a8:6b:ea:6d:
                    3d:07:d4:c8:a9:6a:7d:79:f2:61:f9:d7:00:0f:13:
                    18:a2:44:d8:db:46:01:c2:0d:80:ff:b5:d0:ed:30:
                    e5:62:50:f6:27:fc:3d:41:96:b6:be:59:a0:9f:00:
                    df:a6:b5:27:83:4c:4f:91:75:27:c8:cf:6d:30:93:
                    f2:c0:8d:c1:a5:9a:a5:e0:35:31:d2:ed:9e:23:15:
                    22:10:d5:42:7b:21:26:91:3a:a4:5d:bd:1b:bf:7d:
                    84:78:4f:86:d3:5e:b7:76:23:61:c2:13:39:01:79:
                    6a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:A1:EB:83:A5:AB:87:26:96:1F:8B:1F:B1:75:7F:2C:79:1E:A3:44
            X509v3 Authority Key Identifier:
                keyid:8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:81:6a:8d:16:bf:e1:88:bb:6c:1c:16:47:80:67:be:f1:dd:
         eb:77:6f:3c:cd:25:cc:92:39:03:2c:d8:aa:57:a2:fa:87:b1:
         47:bf:c4:cd:b3:a4:27:13:35:5d:b6:91:d6:05:68:52:20:10:
         08:f4:21:b1:f1:d5:dc:53:c7:a4:2c:ff:ee:59:b2:22:e0:51:
         4c:65:c9:80:b2:8d:54:32:2e:2d:ab:90:60:1b:74:02:a4:75:
         ed:e9:1c:3f:12:9e:9a:0b:87:f5:69:7e:00:11:5e:1e:d5:2a:
         d8:0b:9d:ef:89:7a:68:25:bc:c4:d1:c6:80:47:9d:a8:6a:7c:
         fd:48:ea:d9:ea:06:80:f1:c2:48:f7:c8:d0:7a:b0:05:66:1a:
         24:60:0c:ed:59:5e:00:50:12:63:05:61:f1:d6:6b:0b:9c:73:
         b4:74:de:aa:d8:fe:26:fc:7d:03:2a:76:c7:70:e2:2c:8e:93:
         fd:bd:1a:3e:4b:60:46:67:8c:ad:8a:bd:02:73:57:30:9d:03:
         d6:07:cf:18:55:2b:41:19:bc:c8:a4:65:88:8e:ac:1e:1d:19:
         07:4e:53:5d:86:32:e6:02:70:17:8a:cf:46:37:5d:e1:89:2c:
         ca:dd:05:d2:e9:12:21:cd:0e:f1:c9:05:bd:9b:b0:42:99:b2:
         04:ff:93:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7vRmipcrPpP0pzKmVrM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTQ3ZDA4ZmM4NTIxM2RmNGZkYTJjZjk1NjFiOGU2OGJj
MjczZGMwHhcNMjUxMTExMDgwMTE2WhcNMjUxMTEyMDgwMTE2WjAzMTEwLwYDVQQD
Eyg1NWExZWI4M2E1YWI4NzI2OTYxZjhiMWZiMTc1N2YyYzc5MWVhMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBfaZOELtDHPuC8Yrm080jt3F5FL
RhJnc+6Skr5V/7bYSTELRBC9VYmH6YyVOOiR0oSb0MTWLOc54RvAs4Nc7frrLPc5
7VeuVPmOQoCaVgYKpVG0aM3MBCxG+bBdx/kn3luEbQ7bPj/ii4/BWKL7/c7Bi8Y8
B5h6mxxrtcED3WkABH2QfVMmQ/oNXvM0xr9fk6hr6m09B9TIqWp9efJh+dcADxMY
okTY20YBwg2A/7XQ7TDlYlD2J/w9QZa2vlmgnwDfprUng0xPkXUnyM9tMJPywI3B
pZql4DUx0u2eIxUiENVCeyEmkTqkXb0bv32EeE+G0163diNhwhM5AXlqnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWh64Olq4cmlh+LH7F1fyx5HqNEMB8GA1UdIwQY
MBaAFIqkfQj8hSE99P2iz5VhuOaLwnPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGIt
ZTZiMWU5ODZmOTVmLzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGItZTZiMWU5ODZmOTVm
LzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT4FqjRa/
4Yi7bBwWR4BnvvHd63dvPM0lzJI5AyzYqlei+oexR7/EzbOkJxM1XbaR1gVoUiAQ
CPQhsfHV3FPHpCz/7lmyIuBRTGXJgLKNVDIuLauQYBt0AqR17ekcPxKemguH9Wl+
ABFeHtUq2Aud74l6aCW8xNHGgEedqGp8/Ujq2eoGgPHCSPfI0HqwBWYaJGAM7Vle
AFASYwVh8dZrC5xztHTeqtj+Jvx9Ayp2x3DiLI6T/b0aPktgRmeMrYq9AnNXMJ0D
1gfPGFUrQRm8yKRliI6sHh0ZB05TXYYy5gJwF4rPRjdd4Yksyt0F0ukSIc0O8ckF
vZuwQpmyBP+TMg==
-----END CERTIFICATE-----