Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          8xt0Kw0onyDQGnFSaQWpdGnoks7abOcgjHJrb2dtID8=
Subject key identifier:   B9:CE:4C:57:90:6B:0C:46:F3:8B:40:CC:B5:4B:4C:EC:96:33:03:34
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       019A73A6737FEB7A5B7DB811805744249D1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0B82
Signing time:             Tue 11 Nov 2025 16:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 16:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 16:01:19 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: GQAVS6ym466kTyX9Vwv1TasAyIrixObSr5rQhBsqIDM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:73:7f:eb:7a:5b:7d:b8:11:80:57:44:24:9d:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Nov 11 16:01:19 2025 GMT
            Not After : Nov 12 16:01:19 2025 GMT
        Subject: CN=b9ce4c57906b0c46f38b40ccb54b4cec96330334
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:cd:38:23:d6:fe:d9:3b:19:39:1e:5e:8f:0e:
                    a3:db:a4:f9:3f:fd:4f:45:bc:d5:d1:35:5c:dd:bb:
                    db:d9:a2:ec:91:07:e3:9f:37:ee:71:96:b5:6f:54:
                    cf:99:98:14:e5:9e:e2:76:46:32:4e:7e:09:15:06:
                    97:62:74:75:ae:4e:45:5b:93:ee:64:6e:b7:23:1d:
                    39:22:31:06:ca:39:0b:d6:1d:ca:12:8d:2e:d7:cf:
                    74:2e:f8:ea:13:8e:63:af:57:04:02:f0:fb:6d:7c:
                    cf:65:3f:b9:3f:5b:03:ec:c1:d4:12:5c:1b:f5:60:
                    c9:d2:9c:3c:24:2c:83:35:fd:57:52:ec:b9:0f:6f:
                    3a:d7:b4:eb:96:b4:d2:53:84:7d:8e:79:37:b8:b7:
                    7b:03:ae:3e:ba:3e:21:6f:7c:79:ae:64:15:e4:6b:
                    fc:4d:e9:b1:72:a6:a8:32:d9:0c:c4:07:69:23:95:
                    69:f9:e3:99:f1:75:36:32:08:73:03:d9:a5:61:43:
                    10:61:b1:52:3b:01:3f:a4:45:35:73:81:cb:26:59:
                    ba:1b:3f:2f:37:71:8c:01:30:5d:b3:aa:ef:2a:06:
                    1e:bd:68:ed:69:b4:45:6c:12:be:c1:ee:05:69:1a:
                    64:6a:e4:3b:1b:98:ca:e3:11:02:bd:e9:87:a9:28:
                    57:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:CE:4C:57:90:6B:0C:46:F3:8B:40:CC:B5:4B:4C:EC:96:33:03:34
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:b9:09:64:1c:12:b4:97:7a:f2:6a:40:bb:76:ac:a9:1e:9b:
         57:22:db:a7:0c:fb:2b:d6:b9:d1:96:39:d9:5b:17:6c:7c:22:
         2e:25:9f:2d:7a:06:d4:42:3f:82:0e:70:45:d0:2b:c0:68:0d:
         a7:61:0a:13:2f:02:23:fe:f7:a6:46:61:21:87:5f:aa:ff:eb:
         89:7d:06:97:de:12:c1:4c:65:c1:71:7e:37:a3:46:6c:89:1d:
         2c:ae:2d:58:e5:46:3f:07:ea:9f:7b:24:56:45:d0:99:98:8a:
         9d:ba:25:57:52:af:d2:6c:ab:e8:e4:37:66:52:e7:39:d3:a9:
         3e:a8:76:c0:91:85:a6:1e:5b:39:cd:7a:ed:21:c3:7e:8c:83:
         01:38:f6:d0:fd:93:48:29:7b:9d:2e:d2:6e:4d:9a:06:20:14:
         71:be:54:fe:06:a6:da:c5:dd:6b:14:2b:fb:0b:61:26:54:60:
         1b:22:c0:bf:b5:a0:76:1b:11:cb:64:09:7a:6a:ae:b1:70:41:
         1e:94:35:a0:d2:49:bd:83:27:29:0c:f8:a8:d6:b9:16:48:e5:
         48:7a:ca:7c:72:50:10:9a:48:b4:57:65:bb:23:f2:3e:4e:f4:
         a1:8b:c6:0d:c8:22:8e:55:10:01:40:ad:d4:22:01:ea:c6:28:
         21:18:46:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpnN/63pbfbgRgFdEJJ0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjUxMTExMTYwMTE5WhcNMjUxMTEyMTYwMTE5WjAzMTEwLwYDVQQD
EyhiOWNlNGM1NzkwNmIwYzQ2ZjM4YjQwY2NiNTRiNGNlYzk2MzMwMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM04I9b+2TsZOR5ejw6j26T5P/1P
RbzV0TVc3bvb2aLskQfjnzfucZa1b1TPmZgU5Z7idkYyTn4JFQaXYnR1rk5FW5Pu
ZG63Ix05IjEGyjkL1h3KEo0u1890LvjqE45jr1cEAvD7bXzPZT+5P1sD7MHUElwb
9WDJ0pw8JCyDNf1XUuy5D28617TrlrTSU4R9jnk3uLd7A64+uj4hb3x5rmQV5Gv8
TemxcqaoMtkMxAdpI5Vp+eOZ8XU2MghzA9mlYUMQYbFSOwE/pEU1c4HLJlm6Gz8v
N3GMATBds6rvKgYevWjtabRFbBK+we4FaRpkauQ7G5jK4xECvemHqShXyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnOTFeQawxG84tAzLVLTOyWMwM0MB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAerkJZBwS
tJd68mpAu3asqR6bVyLbpwz7K9a50ZY52VsXbHwiLiWfLXoG1EI/gg5wRdArwGgN
p2EKEy8CI/73pkZhIYdfqv/riX0Gl94SwUxlwXF+N6NGbIkdLK4tWOVGPwfqn3sk
VkXQmZiKnbolV1Kv0myr6OQ3ZlLnOdOpPqh2wJGFph5bOc167SHDfoyDATj20P2T
SCl7nS7Sbk2aBiAUcb5U/gam2sXdaxQr+wthJlRgGyLAv7WgdhsRy2QJemqusXBB
HpQ1oNJJvYMnKQz4qNa5FkjlSHrKfHJQEJpItFdluyPyPk70oYvGDcgijlUQAUCt
1CIB6sYoIRhGxQ==
-----END CERTIFICATE-----