Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
File:                     rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft (raw, json)
Hash identifier:          ehe9ADN5YqN2maXwJ9Nf+q7x+KTGSGe+vumgwjrQxA4=
Subject key identifier:   57:77:C7:18:A6:A9:BD:42:E2:F9:89:F1:2E:D1:EB:38:86:87:C8:53
Authority key identifier: AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9
Certificate issuer:       /CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
Certificate serial:       019A71B7714EAC08A7210D9F3A7FDFE78093
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
Manifest number:          0C1C
Signing time:             Tue 11 Nov 2025 07:00:38 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:38 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:38 +0000
Files and hashes:         1: rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl (hash: rfOn01uhKQxK6IwvQIH5Imcccji8WuXnypspR2cgg9M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:71:4e:ac:08:a7:21:0d:9f:3a:7f:df:e7:80:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
        Validity
            Not Before: Nov 11 07:00:38 2025 GMT
            Not After : Nov 12 07:00:38 2025 GMT
        Subject: CN=5777c718a6a9bd42e2f989f12ed1eb388687c853
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:42:3d:56:f9:65:33:bb:72:a2:d8:77:26:ee:
                    a7:10:40:cb:6f:9e:f0:83:50:b8:25:7f:c0:7a:cc:
                    19:6b:98:5f:90:0a:bb:41:b1:c2:14:7c:35:08:82:
                    2c:02:93:a6:a4:2b:c2:c8:6a:fe:0c:59:ed:ec:47:
                    e3:c4:ee:34:9a:2a:77:5e:7b:b9:50:c1:67:67:e1:
                    3f:85:a8:91:cc:f5:97:24:33:a5:5f:df:89:8c:99:
                    4d:e9:5b:a9:9c:f2:e7:65:3d:f1:91:d9:fc:79:6b:
                    37:6a:3c:3b:e0:53:e4:9a:ea:06:13:fb:ce:fa:26:
                    03:4a:92:7f:fd:fb:bd:ed:b6:9a:a2:dc:96:b4:1f:
                    93:53:cb:6c:7c:0c:4a:93:cd:ae:88:37:03:58:02:
                    90:00:20:12:55:c8:5a:e4:94:10:dd:b7:80:f4:1b:
                    3d:61:90:83:85:5a:bc:1a:2a:10:08:86:16:64:73:
                    8e:7c:8b:ab:ee:dd:bc:9e:66:af:18:d7:cd:85:a0:
                    47:71:b5:f2:c5:8a:54:fe:10:d6:6c:00:2f:c7:c6:
                    c8:55:e8:7b:f0:22:f2:d3:68:76:72:ad:7e:9a:f1:
                    f8:66:82:05:81:61:6e:d5:7f:e0:89:9b:92:86:7a:
                    9e:91:a3:84:0e:63:10:30:c7:96:60:57:28:f7:78:
                    56:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:77:C7:18:A6:A9:BD:42:E2:F9:89:F1:2E:D1:EB:38:86:87:C8:53
            X509v3 Authority Key Identifier:
                keyid:AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:b5:b2:61:77:96:92:e5:d9:86:0c:12:13:16:aa:98:9e:fc:
         b4:35:8d:05:42:c7:2a:91:9e:27:a7:aa:f3:32:ad:56:e4:3d:
         7b:b1:06:35:4c:17:ef:4e:9b:ff:c4:c8:5e:b8:96:b2:61:ae:
         01:be:0d:65:77:bb:80:8d:c5:67:0b:bd:6f:bf:7a:71:ad:d7:
         25:31:64:c8:5a:22:1f:56:21:57:0a:ac:c7:ba:71:68:c1:37:
         37:e5:d7:4b:4a:a1:6a:d0:a6:a0:a6:1c:4b:a1:7d:c8:9c:e8:
         63:6f:0c:4a:d6:99:d9:1a:bc:50:7b:4f:62:5f:0c:92:bd:24:
         4a:d3:3f:db:83:d6:2a:b4:f7:a5:a9:27:ac:c8:31:ed:a2:4d:
         97:d1:38:ad:52:1b:88:30:57:fb:5d:78:d1:d5:00:f3:d9:8f:
         f4:53:af:6c:d1:dc:da:b2:e5:df:e8:d2:b3:4f:c3:81:bf:03:
         56:c7:4a:0c:30:a0:16:32:fe:97:4a:5a:53:7c:9e:69:db:f6:
         83:95:26:fd:12:24:08:b1:31:de:33:59:80:be:fb:4b:87:ff:
         28:f6:34:44:46:ce:ec:38:4d:6d:83:ee:58:b0:d6:fa:9d:0b:
         a5:f8:36:a4:60:20:fe:f7:e9:90:e2:eb:6c:3b:04:b9:91:f5:
         f5:ca:21:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3FOrAinIQ2fOn/f54CTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYzVjN2FiNWI3MjE4MWU0ZTQyMTEzMjIyMTVlOTc3NmI0
OTAwZjkwHhcNMjUxMTExMDcwMDM4WhcNMjUxMTEyMDcwMDM4WjAzMTEwLwYDVQQD
Eyg1Nzc3YzcxOGE2YTliZDQyZTJmOTg5ZjEyZWQxZWIzODg2ODdjODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UI9VvllM7tyoth3Ju6nEEDLb57w
g1C4JX/AeswZa5hfkAq7QbHCFHw1CIIsApOmpCvCyGr+DFnt7EfjxO40mip3Xnu5
UMFnZ+E/haiRzPWXJDOlX9+JjJlN6VupnPLnZT3xkdn8eWs3ajw74FPkmuoGE/vO
+iYDSpJ//fu97baaotyWtB+TU8tsfAxKk82uiDcDWAKQACASVcha5JQQ3beA9Bs9
YZCDhVq8GioQCIYWZHOOfIur7t28nmavGNfNhaBHcbXyxYpU/hDWbAAvx8bIVeh7
8CLy02h2cq1+mvH4ZoIFgWFu1X/giZuShnqekaOEDmMQMMeWYFco93hWzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFd3xximqb1C4vmJ8S7R6ziGh8hTMB8GA1UdIwQY
MBaAFK7Fx6tbchgeTkIRMiIV6XdrSQD5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgt
MzAyZDkyMjI0Y2IyLzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgtMzAyZDkyMjI0Y2Iy
LzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgbWyYXeW
kuXZhgwSExaqmJ78tDWNBULHKpGeJ6eq8zKtVuQ9e7EGNUwX706b/8TIXriWsmGu
Ab4NZXe7gI3FZwu9b796ca3XJTFkyFoiH1YhVwqsx7pxaME3N+XXS0qhatCmoKYc
S6F9yJzoY28MStaZ2Rq8UHtPYl8Mkr0kStM/24PWKrT3paknrMgx7aJNl9E4rVIb
iDBX+1140dUA89mP9FOvbNHc2rLl3+jSs0/Dgb8DVsdKDDCgFjL+l0paU3yeadv2
g5Um/RIkCLEx3jNZgL77S4f/KPY0REbO7DhNbYPuWLDW+p0Lpfg2pGAg/vfpkOLr
bDsEuZH19cohvw==
-----END CERTIFICATE-----