Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
File:                     IClZ7xuVPXmKoPVkMafxG2vhltY.mft (raw, json)
Hash identifier:          NHAGNRn3Ex6V+/haKWZZHs5gyNhx3riOz4F7o6cGIDk=
Subject key identifier:   29:6A:21:F4:FA:C7:7C:96:5B:7C:83:56:E4:8D:14:95:97:7C:FA:56
Authority key identifier: 20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6
Certificate issuer:       /CN=202959ef1b953d798aa0f56431a7f11b6be196d6
Certificate serial:       019A729370FB62FAA4F7AA4D229B4AABA681
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
Manifest number:          1318
Signing time:             Tue 11 Nov 2025 11:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:56 +0000
Files and hashes:         1: IClZ7xuVPXmKoPVkMafxG2vhltY.crl (hash: s1aKY9LCjE2W+8EFCTWdCjEloaW4avx53EWfKf8KxuA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:70:fb:62:fa:a4:f7:aa:4d:22:9b:4a:ab:a6:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202959ef1b953d798aa0f56431a7f11b6be196d6
        Validity
            Not Before: Nov 11 11:00:56 2025 GMT
            Not After : Nov 12 11:00:56 2025 GMT
        Subject: CN=296a21f4fac77c965b7c8356e48d1495977cfa56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5b:62:6f:ac:b1:77:b0:8c:56:af:ed:ee:ad:
                    69:c4:9e:ca:35:54:e4:0d:56:a3:46:20:41:96:bc:
                    73:d5:dd:36:17:e8:34:c3:e3:76:04:ff:50:b6:56:
                    31:53:d4:a3:30:1c:06:50:3e:a9:a6:28:99:a0:4f:
                    ba:ff:15:96:74:56:a2:51:97:68:9a:81:2a:85:60:
                    cb:53:f8:1b:7c:6c:14:cd:67:76:8b:03:43:7c:30:
                    7f:bb:e6:ae:8c:d4:3c:e7:c1:fc:d3:8f:1c:c3:3f:
                    a1:24:64:d9:f6:a8:97:17:ec:1a:dd:3d:9b:8c:fb:
                    05:98:da:50:1d:4e:36:c9:10:51:86:93:4a:ee:9b:
                    e2:fa:d8:e7:6c:b6:0b:fa:e0:d7:e3:7f:f0:e0:82:
                    df:8b:ae:f3:77:35:6b:5b:8b:c7:d7:ab:97:c8:f3:
                    f9:be:fc:ff:28:00:31:9a:2f:85:7b:cb:77:a3:c0:
                    72:29:7c:80:2f:22:89:8f:01:a5:f6:4a:93:bf:68:
                    7d:7c:87:16:89:3c:f7:23:6d:39:15:76:76:1c:44:
                    ce:2c:69:a4:b3:5e:72:fe:e1:96:de:c9:94:9d:50:
                    19:d3:c6:e6:f0:e8:64:f2:52:6b:dc:db:db:1e:e4:
                    bf:8d:40:b1:64:ff:13:70:13:32:4e:c2:8a:58:5b:
                    94:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:6A:21:F4:FA:C7:7C:96:5B:7C:83:56:E4:8D:14:95:97:7C:FA:56
            X509v3 Authority Key Identifier:
                keyid:20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:47:24:55:44:9d:04:89:6d:33:0d:b2:7a:e3:1e:50:e5:ba:
         29:c9:ba:32:cb:52:82:69:b8:5b:cc:c6:43:60:e4:4e:b1:57:
         a4:87:1c:49:14:6a:d5:dd:82:f1:22:b8:ce:bf:e9:5b:91:28:
         d4:5d:e5:ca:a1:6a:d3:a0:b1:bb:c3:7a:0b:a1:de:9a:05:da:
         d6:75:17:79:56:ff:92:91:af:cd:31:2d:d6:49:44:f8:40:35:
         6b:59:96:34:1e:d6:96:3a:21:b5:2e:b4:1a:d6:ab:90:d2:77:
         39:eb:4e:5f:01:0a:82:72:91:58:c9:b2:20:b4:2a:a3:54:c9:
         fc:86:4f:7a:c5:44:93:9b:18:49:1f:f9:fb:ba:31:3a:79:09:
         e4:87:a7:bc:d1:20:60:29:4e:bb:d3:e6:75:5e:67:29:aa:ac:
         d4:89:c5:98:71:ca:2c:6b:47:5d:1d:f2:74:31:ee:2e:ee:ad:
         ad:eb:9d:a8:da:90:f3:c8:9a:dd:b4:82:26:fb:98:9f:46:12:
         5f:76:de:e5:8c:7e:0a:c0:e3:ca:70:cf:08:eb:a6:b0:c4:c9:
         c0:8b:c4:8a:bf:4d:b5:b8:78:d6:82:45:43:d8:2a:9e:8e:8c:
         8d:cb:e1:eb:e8:66:22:24:58:1a:3b:7b:2b:04:ed:7b:ef:30:
         9b:4b:60:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk3D7Yvqk96pNIptKq6aBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjk1OWVmMWI5NTNkNzk4YWEwZjU2NDMxYTdmMTFiNmJl
MTk2ZDYwHhcNMjUxMTExMTEwMDU2WhcNMjUxMTEyMTEwMDU2WjAzMTEwLwYDVQQD
EygyOTZhMjFmNGZhYzc3Yzk2NWI3YzgzNTZlNDhkMTQ5NTk3N2NmYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFtib6yxd7CMVq/t7q1pxJ7KNVTk
DVajRiBBlrxz1d02F+g0w+N2BP9QtlYxU9SjMBwGUD6ppiiZoE+6/xWWdFaiUZdo
moEqhWDLU/gbfGwUzWd2iwNDfDB/u+aujNQ858H8048cwz+hJGTZ9qiXF+wa3T2b
jPsFmNpQHU42yRBRhpNK7pvi+tjnbLYL+uDX43/w4ILfi67zdzVrW4vH16uXyPP5
vvz/KAAxmi+Fe8t3o8ByKXyALyKJjwGl9kqTv2h9fIcWiTz3I205FXZ2HETOLGmk
s15y/uGW3smUnVAZ08bm8Ohk8lJr3NvbHuS/jUCxZP8TcBMyTsKKWFuUvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClqIfT6x3yWW3yDVuSNFJWXfPpWMB8GA1UdIwQY
MBaAFCApWe8blT15iqD1ZDGn8Rtr4ZbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAt
NmIwZGE5ZTRmYjEwLzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAtNmIwZGE5ZTRmYjEw
LzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMUckVUSd
BIltMw2yeuMeUOW6Kcm6MstSgmm4W8zGQ2DkTrFXpIccSRRq1d2C8SK4zr/pW5Eo
1F3lyqFq06Cxu8N6C6HemgXa1nUXeVb/kpGvzTEt1klE+EA1a1mWNB7WljohtS60
GtarkNJ3OetOXwEKgnKRWMmyILQqo1TJ/IZPesVEk5sYSR/5+7oxOnkJ5IenvNEg
YClOu9PmdV5nKaqs1InFmHHKLGtHXR3ydDHuLu6treudqNqQ88ia3bSCJvuYn0YS
X3be5Yx+CsDjynDPCOumsMTJwIvEir9Ntbh41oJFQ9gqno6Mjcvh6+hmIiRYGjt7
KwTte+8wm0tgQg==
-----END CERTIFICATE-----