Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
File:                     P9WU69efjdhbR5LpUzvkaBaohgY.mft (raw, json)
Hash identifier:          Cpvs0x0hTyjNBJUkVIDJUoqVVEx8dsM11JHOdl1ez0A=
Subject key identifier:   DA:C6:FA:4D:7A:95:02:10:95:02:B2:8F:66:7B:95:F7:DE:5A:EC:84
Authority key identifier: 3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06
Certificate issuer:       /CN=3fd594ebd79f8dd85b4792e9533be46816a88606
Certificate serial:       019A730182EC23CFA39B9765F1FEBCAE9A61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
Manifest number:          129E
Signing time:             Tue 11 Nov 2025 13:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:10 +0000
Files and hashes:         1: P9WU69efjdhbR5LpUzvkaBaohgY.crl (hash: AwFd+/lmqln/U0jPgAjXtjaQqZWIcmB+P4M7RjR83Jc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:82:ec:23:cf:a3:9b:97:65:f1:fe:bc:ae:9a:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd594ebd79f8dd85b4792e9533be46816a88606
        Validity
            Not Before: Nov 11 13:01:10 2025 GMT
            Not After : Nov 12 13:01:10 2025 GMT
        Subject: CN=dac6fa4d7a9502109502b28f667b95f7de5aec84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2d:86:fd:78:d7:0e:0a:5a:28:7e:63:6e:6f:
                    a4:31:2f:43:04:12:ee:42:95:79:6a:4e:79:85:c7:
                    e6:51:48:f3:a1:26:ae:9a:b5:6c:f4:27:d3:ed:a7:
                    22:9a:0c:0d:21:c6:a4:ff:be:7f:28:94:2c:08:af:
                    5c:61:2a:38:9c:a4:76:f2:3f:6b:45:3f:f9:9e:cf:
                    a0:7e:35:14:da:2f:26:64:a5:e1:8f:a4:8e:63:5b:
                    73:db:f0:10:9f:ef:9d:fc:09:c7:05:2f:1c:bb:c1:
                    db:1d:c4:3b:de:af:36:f4:26:4b:57:80:09:4a:71:
                    17:84:74:c7:d7:c8:77:a8:bf:f6:bf:49:e2:64:7e:
                    5b:bf:0a:a8:a8:8e:00:2d:d9:94:ea:9b:0e:8f:ca:
                    6e:05:50:b5:00:80:89:e8:8f:0b:60:7c:c6:0e:75:
                    19:88:ce:7b:ab:5f:76:3a:85:d2:33:c0:be:95:5e:
                    b0:5d:f6:cf:ba:57:18:7c:11:1a:ae:6f:cc:c6:fa:
                    ee:bc:d1:98:0e:12:42:dc:1e:d8:8c:1e:28:d8:2b:
                    ef:17:39:b5:e7:97:7f:ac:0d:50:49:04:6a:e7:b2:
                    76:2c:6a:e6:42:2b:ce:31:88:16:18:ce:39:5f:3b:
                    3f:a7:cd:5b:ab:41:4e:0d:25:2b:de:74:56:ee:75:
                    00:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:C6:FA:4D:7A:95:02:10:95:02:B2:8F:66:7B:95:F7:DE:5A:EC:84
            X509v3 Authority Key Identifier:
                keyid:3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:76:fb:5c:64:59:ee:18:6c:dd:e6:ca:51:18:1e:34:a8:78:
         a7:34:9d:d3:21:08:f6:b2:0a:3f:51:b1:02:3f:95:64:10:d5:
         ca:4b:0b:26:9c:f4:35:62:9d:9d:61:f3:c0:4e:5a:6e:d1:99:
         f1:f6:00:16:88:14:13:cf:c1:47:9b:d5:ff:cf:86:0a:6c:99:
         43:43:a9:a6:49:d8:64:a6:3b:88:26:73:e1:55:70:cf:72:6f:
         4c:5e:dd:f7:df:ac:c7:5d:88:c6:e9:55:6e:e3:a9:5d:6c:1e:
         43:17:fc:fd:95:99:5e:9a:df:f7:21:04:af:64:d6:7a:d9:c4:
         83:7a:8e:ea:90:f7:ee:29:43:71:76:e2:05:82:1b:a6:3d:e5:
         2b:93:d6:11:77:69:ee:85:9e:25:39:76:e7:e8:1c:47:65:dd:
         98:ad:d9:a5:b6:f9:1f:82:a1:5b:5a:1c:cf:4d:39:c3:b8:c9:
         81:e9:66:d7:37:87:c7:a0:0d:c4:d0:77:cf:f7:d7:00:11:0b:
         bf:44:84:a7:c2:49:cb:45:b6:57:bb:e4:85:1c:53:ea:75:c4:
         a4:65:0f:16:95:e5:54:fc:40:3a:4b:23:06:f8:4e:f1:34:14:
         c8:6a:d2:6f:66:7d:64:f2:b8:3e:38:d8:50:17:34:01:a0:37:
         28:e2:09:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAYLsI8+jm5dl8f68rpphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDU5NGViZDc5ZjhkZDg1YjQ3OTJlOTUzM2JlNDY4MTZh
ODg2MDYwHhcNMjUxMTExMTMwMTEwWhcNMjUxMTEyMTMwMTEwWjAzMTEwLwYDVQQD
EyhkYWM2ZmE0ZDdhOTUwMjEwOTUwMmIyOGY2NjdiOTVmN2RlNWFlYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmC2G/XjXDgpaKH5jbm+kMS9DBBLu
QpV5ak55hcfmUUjzoSaumrVs9CfT7acimgwNIcak/75/KJQsCK9cYSo4nKR28j9r
RT/5ns+gfjUU2i8mZKXhj6SOY1tz2/AQn++d/AnHBS8cu8HbHcQ73q829CZLV4AJ
SnEXhHTH18h3qL/2v0niZH5bvwqoqI4ALdmU6psOj8puBVC1AICJ6I8LYHzGDnUZ
iM57q192OoXSM8C+lV6wXfbPulcYfBEarm/MxvruvNGYDhJC3B7YjB4o2CvvFzm1
55d/rA1QSQRq57J2LGrmQivOMYgWGM45Xzs/p81bq0FODSUr3nRW7nUABwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrG+k16lQIQlQKyj2Z7lffeWuyEMB8GA1UdIwQY
MBaAFD/VlOvXn43YW0eS6VM75GgWqIYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEt
NjYyNDY5MWY2ZjEzLzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEtNjYyNDY5MWY2ZjEz
LzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiHb7XGRZ
7hhs3ebKURgeNKh4pzSd0yEI9rIKP1GxAj+VZBDVyksLJpz0NWKdnWHzwE5abtGZ
8fYAFogUE8/BR5vV/8+GCmyZQ0OppknYZKY7iCZz4VVwz3JvTF7d99+sx12IxulV
buOpXWweQxf8/ZWZXprf9yEEr2TWetnEg3qO6pD37ilDcXbiBYIbpj3lK5PWEXdp
7oWeJTl25+gcR2XdmK3Zpbb5H4KhW1ocz005w7jJgelm1zeHx6ANxNB3z/fXABEL
v0SEp8JJy0W2V7vkhRxT6nXEpGUPFpXlVPxAOksjBvhO8TQUyGrSb2Z9ZPK4PjjY
UBc0AaA3KOIJFA==
-----END CERTIFICATE-----