Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
File:                     goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json)
Hash identifier:          BL4GohM6zsewSqiRGSPjdy9HHXmcSiocLdB5M4c5LxA=
Subject key identifier:   1B:E5:35:A5:3C:55:C1:37:E5:61:9D:3F:40:80:36:11:D9:A0:E5:F3
Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16
Certificate issuer:       /CN=82821e92cc2700761930398e2380c23aa4755f16
Certificate serial:       019A71B8E7C1D8EB7455391133486B996F30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
Manifest number:          07D4
Signing time:             Tue 11 Nov 2025 07:02:14 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:14 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:14 +0000
Files and hashes:         1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: Hc63x8ktARwYJ0B68fZWHrl7ZH+V+hDR3FDOc1QNHbg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:e7:c1:d8:eb:74:55:39:11:33:48:6b:99:6f:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16
        Validity
            Not Before: Nov 11 07:02:14 2025 GMT
            Not After : Nov 12 07:02:14 2025 GMT
        Subject: CN=1be535a53c55c137e5619d3f40803611d9a0e5f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:71:64:bb:33:10:88:7d:e2:fb:af:fe:ff:ce:
                    31:d2:43:47:dd:34:34:51:c4:3e:ac:ef:dc:fb:4d:
                    9a:c7:bc:ec:b5:5c:1b:0a:87:fb:bd:a5:ac:ed:d4:
                    34:be:dd:24:c5:e0:72:48:95:d4:66:c7:6d:40:44:
                    f8:9e:26:67:73:e5:ed:89:ff:c2:1b:e9:83:dc:29:
                    86:d2:33:dd:54:3c:8c:d5:1e:0d:5c:19:d5:f4:6a:
                    8f:ee:fd:84:3e:18:46:55:ce:4e:ba:da:18:d4:99:
                    f4:01:24:46:56:3b:9b:75:69:f4:e9:65:79:64:71:
                    d9:a9:76:8e:f1:b4:1f:c3:80:9c:95:c3:48:b2:8f:
                    62:86:77:7d:b5:be:1e:39:fc:59:db:fa:08:b2:4c:
                    37:57:00:81:7b:ba:21:78:b2:cd:f7:34:1b:9a:cd:
                    9b:f7:29:35:9d:e8:b0:02:22:9c:e3:4b:a8:83:5d:
                    fa:24:36:6a:53:a8:9e:31:30:d8:54:45:92:3e:e5:
                    6e:7c:2e:66:0b:af:83:da:af:fd:87:bc:96:08:13:
                    7d:a3:ff:b0:8f:0e:fc:d4:c4:e5:69:db:74:1c:98:
                    01:10:90:cf:ea:22:8c:b9:97:1c:00:d4:da:5d:60:
                    9f:b9:b0:4f:dc:a9:44:75:96:db:a6:af:04:f6:30:
                    2c:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:E5:35:A5:3C:55:C1:37:E5:61:9D:3F:40:80:36:11:D9:A0:E5:F3
            X509v3 Authority Key Identifier:
                keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:bf:26:61:1e:7f:2c:78:3e:90:b0:bc:d9:04:dc:c7:18:c3:
         ea:b7:ea:70:0f:dc:76:0a:70:37:fe:50:c4:a9:cb:b6:fe:38:
         20:2a:31:d0:f9:fc:0b:28:c9:ec:80:bf:c7:16:5f:c6:5f:96:
         bd:f8:a4:91:0e:4f:d6:ee:2d:65:44:cb:ad:7d:d7:b2:9d:fc:
         09:ec:a8:c6:0b:5b:02:2d:5b:27:35:c5:84:2d:63:56:c6:bc:
         5a:74:f7:32:a8:0a:f9:17:bc:6f:ea:0c:6a:fc:6a:5a:15:6f:
         7e:db:e1:7e:42:b5:8b:4e:40:ca:ee:84:b7:55:96:52:b1:7d:
         dd:6e:9f:a1:a1:1e:b8:9b:62:1b:c4:df:23:5b:25:82:09:6e:
         9a:05:f3:52:dd:dd:ae:af:b7:6b:12:69:29:8d:fc:33:72:d7:
         8c:2f:c7:ca:db:76:cb:90:5a:ed:a9:18:ac:da:2e:38:bb:48:
         8e:a2:20:04:7d:20:85:8b:8c:8e:04:d4:21:70:9c:9c:f7:c4:
         76:23:f0:c7:04:48:c0:97:e8:af:5e:9e:8d:48:06:90:3b:55:
         1e:51:d8:34:68:41:6e:63:fb:7c:f5:f1:3e:08:1c:ac:5a:0f:
         d9:d9:26:bc:9d:d9:c9:0a:8a:fe:ad:5f:3c:ca:e8:02:2a:06:
         49:b2:fc:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOfB2Ot0VTkRM0hrmW8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3
NTVmMTYwHhcNMjUxMTExMDcwMjE0WhcNMjUxMTEyMDcwMjE0WjAzMTEwLwYDVQQD
EygxYmU1MzVhNTNjNTVjMTM3ZTU2MTlkM2Y0MDgwMzYxMWQ5YTBlNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XFkuzMQiH3i+6/+/84x0kNH3TQ0
UcQ+rO/c+02ax7zstVwbCof7vaWs7dQ0vt0kxeBySJXUZsdtQET4niZnc+Xtif/C
G+mD3CmG0jPdVDyM1R4NXBnV9GqP7v2EPhhGVc5OutoY1Jn0ASRGVjubdWn06WV5
ZHHZqXaO8bQfw4CclcNIso9ihnd9tb4eOfxZ2/oIskw3VwCBe7oheLLN9zQbms2b
9yk1neiwAiKc40uog136JDZqU6ieMTDYVEWSPuVufC5mC6+D2q/9h7yWCBN9o/+w
jw781MTladt0HJgBEJDP6iKMuZccANTaXWCfubBP3KlEdZbbpq8E9jAs7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvlNaU8VcE35WGdP0CANhHZoOXzMB8GA1UdIwQY
MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt
MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx
LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWb8mYR5/
LHg+kLC82QTcxxjD6rfqcA/cdgpwN/5QxKnLtv44ICox0Pn8CyjJ7IC/xxZfxl+W
vfikkQ5P1u4tZUTLrX3Xsp38CeyoxgtbAi1bJzXFhC1jVsa8WnT3MqgK+Re8b+oM
avxqWhVvftvhfkK1i05Ayu6Et1WWUrF93W6foaEeuJtiG8TfI1slgglumgXzUt3d
rq+3axJpKY38M3LXjC/Hytt2y5Ba7akYrNouOLtIjqIgBH0ghYuMjgTUIXCcnPfE
diPwxwRIwJfor16ejUgGkDtVHlHYNGhBbmP7fPXxPggcrFoP2dkmvJ3ZyQqK/q1f
PMroAioGSbL8/A==
-----END CERTIFICATE-----