Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
File:                     urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft (raw, json)
Hash identifier:          cLqV7gnpjCvVIw87uKVnOJGW3H4VKD0KM+ElL98syzY=
Subject key identifier:   EB:25:41:5A:2C:07:68:73:3A:3C:55:C1:90:93:D7:77:38:5D:A9:6B
Authority key identifier: BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B
Certificate issuer:       /CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
Certificate serial:       019A71B7806C106B20936757122CFE1433F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
Manifest number:          0C3C
Signing time:             Tue 11 Nov 2025 07:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:42 +0000
Files and hashes:         1: urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl (hash: rxqEEbdrIQkutFBATH8Aa2kdhvjihmpFXw5pp1yeYl4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:80:6c:10:6b:20:93:67:57:12:2c:fe:14:33:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
        Validity
            Not Before: Nov 11 07:00:42 2025 GMT
            Not After : Nov 12 07:00:42 2025 GMT
        Subject: CN=eb25415a2c0768733a3c55c19093d777385da96b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:50:e3:0a:cd:9d:a7:5b:a7:89:8d:0e:af:2c:
                    e4:60:be:8e:f4:a7:ec:aa:bb:b5:5e:f4:3d:70:2d:
                    0c:7d:7c:1d:ea:1f:df:b7:32:3d:ba:16:50:94:75:
                    d7:cf:27:bd:fb:11:ea:4d:e3:3d:df:b0:59:06:f6:
                    03:db:4d:6b:e9:e7:a2:d7:af:10:7b:e8:54:2d:d2:
                    69:e3:00:f0:de:d0:ae:92:9f:7c:1c:1b:6b:8c:97:
                    97:af:5f:d3:69:11:80:04:71:ee:95:96:84:2e:8a:
                    01:a0:e6:1a:1a:e9:78:8d:a8:40:77:79:ce:01:db:
                    59:57:72:e9:6c:48:6d:87:41:f4:89:48:9f:69:04:
                    1e:18:fa:e5:f4:fb:ef:cb:a3:83:bf:fb:e1:2f:8e:
                    f7:e2:54:85:f8:77:63:56:b9:33:ad:e9:fb:ec:4e:
                    51:4f:5f:6d:52:c5:fd:2e:cf:66:5e:8f:9b:08:52:
                    97:8f:d8:df:24:54:f2:be:35:26:24:2a:d7:84:6d:
                    b2:b4:5f:13:ee:ef:37:79:97:a0:6a:aa:86:fb:55:
                    08:9b:90:8f:a4:c1:3d:e0:ab:5a:d0:6d:72:17:b7:
                    e9:52:f2:7f:e0:d5:2f:66:34:74:67:4d:c2:a4:e5:
                    fa:18:51:0a:8d:c8:ef:76:e0:ec:7c:23:c6:0e:85:
                    5a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:25:41:5A:2C:07:68:73:3A:3C:55:C1:90:93:D7:77:38:5D:A9:6B
            X509v3 Authority Key Identifier:
                keyid:BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:73:6e:8a:05:6b:55:10:1a:3d:dd:8b:17:8e:8a:80:38:90:
         04:a9:16:16:c9:1b:c0:8e:b9:e4:b5:11:6e:8d:8e:ae:9a:04:
         59:60:bf:bc:67:19:bd:ae:33:30:fb:7c:72:e3:33:88:7f:34:
         e1:28:98:6f:bd:c8:12:43:c1:8a:79:7f:60:69:d6:79:64:cf:
         55:35:0b:6a:17:50:bb:d9:e9:9c:dd:72:fc:16:d0:22:1d:d4:
         2a:84:10:33:5d:63:6f:94:b2:5f:71:37:50:29:77:9c:61:f5:
         6e:36:a2:da:68:f4:54:54:f5:1a:ff:a9:e2:39:48:8a:95:5b:
         11:04:ae:b6:3a:22:e7:79:3c:79:79:16:a7:43:1c:5b:fa:d2:
         89:b0:63:67:8e:c3:8c:ff:7b:7a:48:1d:1f:16:7d:93:85:9a:
         e5:0b:76:87:d3:f5:57:02:7e:bb:ac:23:84:34:aa:9d:0f:9d:
         ce:47:62:34:d4:98:ca:22:c4:3a:6a:5f:1c:50:0a:80:a1:88:
         61:db:c7:00:5d:43:5c:e0:1d:ba:06:17:88:a7:44:27:08:01:
         82:56:42:aa:c9:8c:df:5b:36:b0:21:97:e8:50:be:c6:85:5e:
         94:3f:46:cf:6b:f9:92:1f:3a:64:de:c8:cb:24:73:36:ad:51:
         f6:67:b8:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4BsEGsgk2dXEiz+FDPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjliYmMyNGU5YWMzZDllYzdlMTBiZjk1NzQ3ZGFiNWM0
NWRkMmIwHhcNMjUxMTExMDcwMDQyWhcNMjUxMTEyMDcwMDQyWjAzMTEwLwYDVQQD
EyhlYjI1NDE1YTJjMDc2ODczM2EzYzU1YzE5MDkzZDc3NzM4NWRhOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1DjCs2dp1uniY0OryzkYL6O9Kfs
qru1XvQ9cC0MfXwd6h/ftzI9uhZQlHXXzye9+xHqTeM937BZBvYD201r6eei168Q
e+hULdJp4wDw3tCukp98HBtrjJeXr1/TaRGABHHulZaELooBoOYaGul4jahAd3nO
AdtZV3LpbEhth0H0iUifaQQeGPrl9Pvvy6ODv/vhL4734lSF+HdjVrkzren77E5R
T19tUsX9Ls9mXo+bCFKXj9jfJFTyvjUmJCrXhG2ytF8T7u83eZegaqqG+1UIm5CP
pME94Kta0G1yF7fpUvJ/4NUvZjR0Z03CpOX6GFEKjcjvduDsfCPGDoVa4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOslQVosB2hzOjxVwZCT13c4XalrMB8GA1UdIwQY
MBaAFLq5u8JOmsPZ7H4Qv5V0fatcRd0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjIt
MmViYzY0NDhmNjAyLzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjItMmViYzY0NDhmNjAy
LzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkXNuigVr
VRAaPd2LF46KgDiQBKkWFskbwI655LURbo2OrpoEWWC/vGcZva4zMPt8cuMziH80
4SiYb73IEkPBinl/YGnWeWTPVTULahdQu9npnN1y/BbQIh3UKoQQM11jb5SyX3E3
UCl3nGH1bjai2mj0VFT1Gv+p4jlIipVbEQSutjoi53k8eXkWp0McW/rSibBjZ47D
jP97ekgdHxZ9k4Wa5Qt2h9P1VwJ+u6wjhDSqnQ+dzkdiNNSYyiLEOmpfHFAKgKGI
YdvHAF1DXOAdugYXiKdEJwgBglZCqsmM31s2sCGX6FC+xoVelD9Gz2v5kh86ZN7I
yyRzNq1R9me4yw==
-----END CERTIFICATE-----