Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
File:                     RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft (raw, json)
Hash identifier:          YFBSCJJu03NAgjRVx+5qJLQxHzPxVViDHCNoS7KVpAU=
Subject key identifier:   69:9A:94:D1:9A:55:3D:D3:D4:E7:AE:7D:26:EF:E1:19:86:F2:45:74
Authority key identifier: 46:54:F3:E6:92:7E:C4:C7:C9:7D:0F:23:6A:8C:24:53:4A:7F:CD:D4
Certificate issuer:       /CN=4654f3e6927ec4c7c97d0f236a8c24534a7fcdd4
Certificate serial:       019A7293DE85EC61FEB6B490882A319CE13F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
Manifest number:          0866
Signing time:             Tue 11 Nov 2025 11:01:24 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:24 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:24 +0000
Files and hashes:         1: RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl (hash: MDPUZ/JhqBL16AOQ83qF56K9C6+E9LYLprsxJ1ieCQQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:de:85:ec:61:fe:b6:b4:90:88:2a:31:9c:e1:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4654f3e6927ec4c7c97d0f236a8c24534a7fcdd4
        Validity
            Not Before: Nov 11 11:01:24 2025 GMT
            Not After : Nov 12 11:01:24 2025 GMT
        Subject: CN=699a94d19a553dd3d4e7ae7d26efe11986f24574
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:26:42:67:f0:38:0a:4b:5f:36:71:bf:65:db:
                    c6:6b:cf:22:7c:c0:27:b7:5e:26:b0:b4:ee:0d:99:
                    85:44:5a:26:83:ab:78:5b:9a:7f:c0:4a:04:f1:ff:
                    12:66:a9:ea:8f:45:9c:4d:ac:82:ef:5f:d9:ef:51:
                    64:c5:e0:c1:6f:e1:e4:a6:c5:9b:1f:b3:d1:db:3e:
                    cc:46:94:80:4d:b8:65:aa:62:90:f7:dd:e4:de:52:
                    e2:b0:40:95:44:b4:e8:b6:7b:5a:22:87:a3:62:a4:
                    d9:88:5a:23:b1:13:3e:68:1e:e0:4c:7f:65:b2:34:
                    bd:74:d5:7e:c8:22:ac:db:d6:69:04:8e:c1:91:bf:
                    ad:9a:e6:df:55:69:3f:95:39:94:b8:96:df:be:23:
                    0d:c8:bb:ce:80:ee:d6:cb:e3:1f:06:3f:14:d5:37:
                    e4:df:4f:75:7b:3f:a2:7c:67:42:c5:1c:cc:a3:34:
                    5f:d8:d1:66:5c:a6:45:86:fc:97:3c:d0:4c:d1:f6:
                    ad:30:34:10:6a:10:99:2b:82:19:9e:9c:54:4a:f7:
                    7f:5c:1b:d0:b4:32:4b:3d:39:4f:30:7d:6b:58:c5:
                    44:03:2a:9d:e4:4b:bf:84:31:66:a3:6a:df:48:44:
                    0a:0c:d5:d7:a2:7e:ce:9d:25:36:60:7c:49:c3:7a:
                    41:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:9A:94:D1:9A:55:3D:D3:D4:E7:AE:7D:26:EF:E1:19:86:F2:45:74
            X509v3 Authority Key Identifier:
                keyid:46:54:F3:E6:92:7E:C4:C7:C9:7D:0F:23:6A:8C:24:53:4A:7F:CD:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:98:e4:56:c9:e8:fa:72:fb:74:6c:5b:d5:b4:67:8e:a0:fd:
         9d:31:ff:2c:01:0c:f8:8f:70:1f:f5:22:75:c4:62:14:1e:64:
         c9:13:e2:f8:32:fe:07:31:8c:8d:7f:fd:1b:e7:1c:f6:52:79:
         9b:48:0e:86:5f:f9:c0:6c:12:d5:c9:14:18:f6:62:4b:6a:89:
         ff:53:64:22:e6:8e:2e:18:58:a9:6c:cb:fc:ba:4e:29:91:0a:
         c9:1d:fd:81:6d:4b:8b:23:23:33:3b:5d:22:e5:97:9c:63:b7:
         58:97:a0:56:6c:92:cf:66:70:b4:79:19:d3:5d:35:1e:e4:38:
         a9:97:f6:da:24:c7:1a:72:0e:a8:2b:2c:7e:c4:3f:e1:3d:15:
         6a:95:72:a0:ba:dc:62:3d:f6:d8:e9:0c:69:73:64:90:aa:85:
         e6:f7:23:b9:4c:54:c1:7e:e9:8d:fb:52:41:7c:2f:eb:9c:2f:
         2e:66:b1:d6:c4:ab:02:24:ee:37:1e:94:84:ba:bf:90:6e:be:
         34:2f:08:da:c6:d1:01:4d:4a:3b:3b:7e:e0:7f:f6:3b:de:3a:
         10:61:8b:3f:c2:be:f8:c9:e0:54:4e:fd:b9:ab:3f:c7:a9:d3:
         7a:40:d4:1a:14:f6:f5:4b:4f:5b:39:5e:b2:02:79:61:90:b4:
         83:3b:6e:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk96F7GH+trSQiCoxnOE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NTRmM2U2OTI3ZWM0YzdjOTdkMGYyMzZhOGMyNDUzNGE3
ZmNkZDQwHhcNMjUxMTExMTEwMTI0WhcNMjUxMTEyMTEwMTI0WjAzMTEwLwYDVQQD
Eyg2OTlhOTRkMTlhNTUzZGQzZDRlN2FlN2QyNmVmZTExOTg2ZjI0NTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8iZCZ/A4CktfNnG/ZdvGa88ifMAn
t14msLTuDZmFRFomg6t4W5p/wEoE8f8SZqnqj0WcTayC71/Z71FkxeDBb+HkpsWb
H7PR2z7MRpSATbhlqmKQ993k3lLisECVRLTotntaIoejYqTZiFojsRM+aB7gTH9l
sjS9dNV+yCKs29ZpBI7Bkb+tmubfVWk/lTmUuJbfviMNyLvOgO7Wy+MfBj8U1Tfk
3091ez+ifGdCxRzMozRf2NFmXKZFhvyXPNBM0fatMDQQahCZK4IZnpxUSvd/XBvQ
tDJLPTlPMH1rWMVEAyqd5Eu/hDFmo2rfSEQKDNXXon7OnSU2YHxJw3pBfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmalNGaVT3T1OeufSbv4RmG8kV0MB8GA1UdIwQY
MBaAFEZU8+aSfsTHyX0PI2qMJFNKf83UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83ZmY0YTMtZDE5MS00YzZiLTgzNWEt
YjgwNTA2MjJhYTk2LzEvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83ZmY0YTMtZDE5MS00YzZiLTgzNWEtYjgwNTA2MjJhYTk2
LzEvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX5jkVsno
+nL7dGxb1bRnjqD9nTH/LAEM+I9wH/UidcRiFB5kyRPi+DL+BzGMjX/9G+cc9lJ5
m0gOhl/5wGwS1ckUGPZiS2qJ/1NkIuaOLhhYqWzL/LpOKZEKyR39gW1LiyMjMztd
IuWXnGO3WJegVmySz2ZwtHkZ0101HuQ4qZf22iTHGnIOqCssfsQ/4T0VapVyoLrc
Yj322OkMaXNkkKqF5vcjuUxUwX7pjftSQXwv65wvLmax1sSrAiTuNx6UhLq/kG6+
NC8I2sbRAU1KOzt+4H/2O946EGGLP8K++MngVE79uas/x6nTekDUGhT29UtPWzle
sgJ5YZC0gztuOg==
-----END CERTIFICATE-----