Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          ZwwHQeGjoctZY/weHqBwSEi6ztRGwt6scXiShTO/CDk=
Subject key identifier:   DD:19:08:52:DA:72:A1:F9:8B:9F:14:87:4B:79:21:8F:23:E8:41:F9
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       019A71B7AFFD2195975DF7AE4F15B37E258B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          1183
Signing time:             Tue 11 Nov 2025 07:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:54 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: RtSe7Jboht+uJfozl6/2V2n/H8+fblMIo8ow69GGLSk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:af:fd:21:95:97:5d:f7:ae:4f:15:b3:7e:25:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Nov 11 07:00:54 2025 GMT
            Not After : Nov 12 07:00:54 2025 GMT
        Subject: CN=dd190852da72a1f98b9f14874b79218f23e841f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c2:e6:93:2d:1a:05:d9:81:15:69:33:91:d1:
                    f3:23:20:a1:97:d0:db:44:cc:e0:c2:a9:89:b2:8d:
                    3b:96:cb:78:fa:51:3e:52:50:4f:e6:74:fd:e1:51:
                    38:40:1d:59:72:f1:ac:0e:d3:2d:5a:99:54:69:4e:
                    45:93:14:28:85:36:51:e3:a8:9b:b9:c3:60:2b:11:
                    0a:eb:ea:c1:3b:01:09:cd:a9:f5:29:6d:8e:4f:74:
                    e0:75:18:b7:9d:44:d3:c6:a1:22:51:24:94:42:04:
                    fa:df:4b:54:26:2a:09:5c:5d:74:47:23:9e:a1:65:
                    1d:12:06:27:02:9c:6b:8d:3a:6d:5a:37:e2:c0:cf:
                    30:85:24:66:fb:72:7e:71:7c:b8:c4:ed:e2:fb:09:
                    af:02:cb:00:86:1d:fc:b9:5b:b2:82:9e:8e:ad:ef:
                    1b:e0:5f:f0:ba:0a:4d:ee:a9:99:20:6b:57:d0:d6:
                    1f:bc:7c:68:8f:2a:ab:ba:06:8e:bc:f1:26:3c:54:
                    99:63:b8:b6:88:83:3d:0e:12:a2:c1:1e:58:c3:0d:
                    b2:96:4d:5b:db:21:fd:7e:a3:fc:85:0e:3f:61:1d:
                    44:c8:0e:c5:72:4b:68:61:c3:d1:7c:29:b6:8a:19:
                    06:62:cc:19:b5:8e:63:94:0a:d8:34:e9:de:aa:e3:
                    97:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:19:08:52:DA:72:A1:F9:8B:9F:14:87:4B:79:21:8F:23:E8:41:F9
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:8c:4b:20:db:fc:64:21:32:02:b1:bf:5e:03:b5:fb:35:a4:
         25:79:73:98:4c:04:d5:b8:f2:57:28:7d:70:4e:c3:3a:1c:fc:
         82:81:b7:13:38:03:58:bd:89:dc:2e:3f:72:2e:f2:f2:93:55:
         7a:fd:21:4c:59:3a:4c:cf:8a:eb:c7:62:93:7c:b0:1f:b8:93:
         75:d7:22:1f:ab:65:f1:cc:fa:f6:27:dd:cc:92:94:f3:ce:71:
         da:9c:fe:11:1f:ca:d4:50:ce:a9:23:48:9a:94:ff:17:af:9b:
         dd:ea:9c:d5:de:59:b1:33:86:86:d3:ee:f8:f0:92:d9:e5:b3:
         c8:36:c5:f6:5d:02:6e:31:3c:cf:8f:18:6d:be:1c:dd:e3:84:
         ed:42:a8:84:7f:92:ea:79:cb:f2:e2:28:82:53:2c:4b:39:b9:
         fe:d6:67:d1:97:60:71:f0:ad:eb:b8:73:15:b5:f4:39:29:9b:
         f0:41:8a:a6:c8:fd:62:09:6f:44:3b:37:83:2c:64:27:1a:3f:
         5a:8f:7f:fa:e2:f6:4b:5b:fe:52:71:a3:83:43:00:df:31:53:
         5a:d6:5e:a6:14:03:03:5f:6c:cf:f2:80:26:cb:0a:32:5b:f3:
         36:9e:7a:1c:fc:ec:d8:b9:5b:e7:98:0e:01:30:9f:08:37:81:
         36:f3:1f:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6/9IZWXXfeuTxWzfiWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjUxMTExMDcwMDU0WhcNMjUxMTEyMDcwMDU0WjAzMTEwLwYDVQQD
EyhkZDE5MDg1MmRhNzJhMWY5OGI5ZjE0ODc0Yjc5MjE4ZjIzZTg0MWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMLmky0aBdmBFWkzkdHzIyChl9Db
RMzgwqmJso07lst4+lE+UlBP5nT94VE4QB1ZcvGsDtMtWplUaU5FkxQohTZR46ib
ucNgKxEK6+rBOwEJzan1KW2OT3TgdRi3nUTTxqEiUSSUQgT630tUJioJXF10RyOe
oWUdEgYnApxrjTptWjfiwM8whSRm+3J+cXy4xO3i+wmvAssAhh38uVuygp6Ore8b
4F/wugpN7qmZIGtX0NYfvHxojyqrugaOvPEmPFSZY7i2iIM9DhKiwR5Yww2ylk1b
2yH9fqP8hQ4/YR1EyA7FcktoYcPRfCm2ihkGYswZtY5jlArYNOnequOXWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0ZCFLacqH5i58Uh0t5IY8j6EH5MB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcIxLINv8
ZCEyArG/XgO1+zWkJXlzmEwE1bjyVyh9cE7DOhz8goG3EzgDWL2J3C4/ci7y8pNV
ev0hTFk6TM+K68dik3ywH7iTddciH6tl8cz69ifdzJKU885x2pz+ER/K1FDOqSNI
mpT/F6+b3eqc1d5ZsTOGhtPu+PCS2eWzyDbF9l0CbjE8z48Ybb4c3eOE7UKohH+S
6nnL8uIoglMsSzm5/tZn0ZdgcfCt67hzFbX0OSmb8EGKpsj9YglvRDs3gyxkJxo/
Wo9/+uL2S1v+UnGjg0MA3zFTWtZephQDA19sz/KAJssKMlvzNp56HPzs2Llb55gO
ATCfCDeBNvMfFg==
-----END CERTIFICATE-----