Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
File:                     _ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft (raw, json)
Hash identifier:          oIYptvOmDRGbunFerPrOqgqasaGW7eW9VMdh4OI4YhQ=
Subject key identifier:   F6:7B:DD:B9:FD:13:DE:B1:AD:A3:1B:58:B7:D6:81:63:43:C2:E2:76
Authority key identifier: FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13
Certificate issuer:       /CN=fd385a616398e416c70dcb322566f93e3d2fbf13
Certificate serial:       019A7225EC99E302E3FD1E814136B5F6C0A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
Manifest number:          0E8F
Signing time:             Tue 11 Nov 2025 09:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:19 +0000
Files and hashes:         1: _ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl (hash: GZhMaX4t5e7Dd93KKrX46Ht83eEn0Gi8adVPO27PGt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:ec:99:e3:02:e3:fd:1e:81:41:36:b5:f6:c0:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd385a616398e416c70dcb322566f93e3d2fbf13
        Validity
            Not Before: Nov 11 09:01:19 2025 GMT
            Not After : Nov 12 09:01:19 2025 GMT
        Subject: CN=f67bddb9fd13deb1ada31b58b7d6816343c2e276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c4:5c:c2:1f:c7:e8:4a:63:4c:91:d2:cc:db:
                    4e:fc:e0:b9:57:52:a1:78:ac:cb:b8:a0:59:ad:2d:
                    56:0e:89:28:13:79:1d:b6:5d:ae:cb:2d:78:d5:76:
                    9c:4e:63:3a:e7:81:86:b6:7a:71:58:c6:fd:85:e9:
                    4f:1d:d7:99:c8:a5:9d:84:f6:3a:b2:3b:f4:17:f0:
                    79:70:99:b9:89:de:7f:7d:ec:f6:19:6a:3d:ec:31:
                    f9:68:41:ad:f6:3b:c4:32:28:24:22:7f:d4:23:7b:
                    55:0b:10:4a:ca:30:68:b5:d4:d2:2f:68:42:33:01:
                    92:77:08:45:e5:c5:29:40:33:65:b9:1f:89:50:70:
                    14:48:a0:63:80:bb:50:d6:f5:98:1a:d7:19:17:1e:
                    95:c3:63:08:61:13:95:86:41:69:3c:7a:22:4c:8e:
                    d6:a6:08:09:7d:7a:86:e6:b6:93:1e:7a:94:5e:1a:
                    47:2e:7c:55:0a:ba:98:8e:b6:6f:a1:0e:c7:b3:62:
                    d6:56:80:08:70:a9:8c:53:c6:2d:00:ca:4f:ea:78:
                    a3:52:31:94:c5:ea:09:3d:b4:26:68:e1:b4:d2:9c:
                    03:4f:10:24:2e:6f:92:5c:78:72:79:12:a2:30:4b:
                    bf:70:c3:ea:db:a8:ac:8d:50:f7:f8:f2:9b:a9:d5:
                    22:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:7B:DD:B9:FD:13:DE:B1:AD:A3:1B:58:B7:D6:81:63:43:C2:E2:76
            X509v3 Authority Key Identifier:
                keyid:FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:31:4f:83:46:9d:2c:2d:32:22:1d:67:ed:bd:39:2a:9e:cb:
         d8:4b:ee:97:4c:a7:c9:ce:34:6c:44:a5:a9:f0:45:14:78:d2:
         48:e1:83:fb:f3:bc:e6:d6:5b:a2:f3:01:a0:59:48:6f:33:f8:
         35:da:55:40:1c:17:62:c4:93:a9:5c:b3:7b:78:a1:90:6a:ff:
         86:e9:46:8e:25:53:6e:9c:78:fa:78:72:fe:e6:dd:8a:49:13:
         be:d2:8b:e1:fd:92:51:ce:86:da:31:6c:1f:60:88:92:16:69:
         79:77:97:e3:54:a7:e1:61:d0:dd:5a:aa:8c:1b:eb:2d:76:cd:
         cf:66:a7:2e:2a:27:a6:01:1b:0c:ed:41:49:bf:f2:da:4f:83:
         3a:fa:1c:40:75:bf:87:a0:e6:da:82:80:a3:d0:c4:8b:83:15:
         18:9b:aa:d9:82:b8:7d:4b:7b:fa:19:ae:ac:9c:50:0e:20:35:
         bc:1e:82:d1:50:9d:ce:fe:64:a8:a4:15:05:30:c9:a4:c8:5d:
         d8:52:06:70:2a:f4:50:37:3c:db:97:30:03:cc:74:7c:41:80:
         8f:94:7e:78:56:d0:5e:ce:29:d7:02:a4:c0:15:eb:22:81:3b:
         95:d0:ea:5d:8a:89:32:cb:5a:16:f9:8c:03:c1:7a:5d:d9:89:
         16:7c:d9:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJeyZ4wLj/R6BQTa19sCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzg1YTYxNjM5OGU0MTZjNzBkY2IzMjI1NjZmOTNlM2Qy
ZmJmMTMwHhcNMjUxMTExMDkwMTE5WhcNMjUxMTEyMDkwMTE5WjAzMTEwLwYDVQQD
EyhmNjdiZGRiOWZkMTNkZWIxYWRhMzFiNThiN2Q2ODE2MzQzYzJlMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocRcwh/H6EpjTJHSzNtO/OC5V1Kh
eKzLuKBZrS1WDokoE3kdtl2uyy141XacTmM654GGtnpxWMb9helPHdeZyKWdhPY6
sjv0F/B5cJm5id5/fez2GWo97DH5aEGt9jvEMigkIn/UI3tVCxBKyjBotdTSL2hC
MwGSdwhF5cUpQDNluR+JUHAUSKBjgLtQ1vWYGtcZFx6Vw2MIYROVhkFpPHoiTI7W
pggJfXqG5raTHnqUXhpHLnxVCrqYjrZvoQ7Hs2LWVoAIcKmMU8YtAMpP6nijUjGU
xeoJPbQmaOG00pwDTxAkLm+SXHhyeRKiMEu/cMPq26isjVD3+PKbqdUimwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZ73bn9E96xraMbWLfWgWNDwuJ2MB8GA1UdIwQY
MBaAFP04WmFjmOQWxw3LMiVm+T49L78TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMt
MzQzMDRmNWNkYTk4LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMtMzQzMDRmNWNkYTk4
LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGzFPg0ad
LC0yIh1n7b05Kp7L2Evul0ynyc40bESlqfBFFHjSSOGD+/O85tZbovMBoFlIbzP4
NdpVQBwXYsSTqVyze3ihkGr/hulGjiVTbpx4+nhy/ubdikkTvtKL4f2SUc6G2jFs
H2CIkhZpeXeX41Sn4WHQ3VqqjBvrLXbNz2anLionpgEbDO1BSb/y2k+DOvocQHW/
h6Dm2oKAo9DEi4MVGJuq2YK4fUt7+hmurJxQDiA1vB6C0VCdzv5kqKQVBTDJpMhd
2FIGcCr0UDc825cwA8x0fEGAj5R+eFbQXs4p1wKkwBXrIoE7ldDqXYqJMstaFvmM
A8F6XdmJFnzZNg==
-----END CERTIFICATE-----