Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
File:                     mXFUBuche_wTgSpHBMYq4JnnyP8.mft (raw, json)
Hash identifier:          dDDMJFxaaNsHFk/CMnTsxgg/6YcuyTD8JvDVV/SxmDA=
Subject key identifier:   82:F8:5A:A3:D9:47:FD:CA:90:0F:92:87:09:20:C1:9B:04:B2:15:EE
Authority key identifier: 99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF
Certificate issuer:       /CN=99715406e7217bfc13812a4704c62ae099e7c8ff
Certificate serial:       019A71134F2A377086CC4A9C8EB0AB99DB55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
Manifest number:          043C
Signing time:             Tue 11 Nov 2025 04:01:22 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:22 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:22 +0000
Files and hashes:         1: mXFUBuche_wTgSpHBMYq4JnnyP8.crl (hash: aqY+1Me8SHNIxYGrbu3SUsmlCG8g7XPqaLr4mTLTR6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:4f:2a:37:70:86:cc:4a:9c:8e:b0:ab:99:db:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99715406e7217bfc13812a4704c62ae099e7c8ff
        Validity
            Not Before: Nov 11 04:01:22 2025 GMT
            Not After : Nov 12 04:01:22 2025 GMT
        Subject: CN=82f85aa3d947fdca900f92870920c19b04b215ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:25:f6:ab:57:0c:50:c5:89:63:01:8f:cd:3d:
                    9d:1c:42:e9:0c:b8:1a:d9:94:57:73:4b:a5:1e:e1:
                    5d:4c:f8:5d:28:f9:31:02:55:17:7c:e0:a9:e3:69:
                    5c:39:a0:0a:1d:fd:e8:6e:eb:ba:0a:c9:89:9d:a0:
                    9c:3e:e8:73:ef:83:ba:8d:f2:a7:e5:47:43:16:83:
                    32:96:89:8e:4f:43:24:89:7e:5e:15:3b:06:3f:87:
                    68:9b:d1:fa:09:8d:f6:d7:37:0d:c4:6d:69:85:d2:
                    76:23:76:2f:ab:9c:98:09:91:ce:b0:17:74:3e:8a:
                    8f:18:33:fd:00:26:f6:01:e2:c8:7b:a2:a1:30:bf:
                    7b:05:ae:82:0e:06:68:5c:e4:92:bd:70:8f:b8:9a:
                    c7:d3:85:6e:76:46:7e:61:f4:a4:c2:1b:f8:a9:a2:
                    87:4a:67:4f:02:42:ea:fe:73:13:68:b1:44:af:87:
                    44:ba:b5:cd:b4:6e:31:72:0b:9b:4f:e4:8f:cc:e1:
                    3a:f8:2d:15:f9:ae:39:7e:5c:d7:29:2f:14:7e:82:
                    c9:5d:b3:77:40:64:b4:d8:5c:ae:42:ea:f6:3f:46:
                    bd:fa:6b:c5:ba:62:49:49:93:8c:e1:ff:d8:f9:9b:
                    7e:94:5a:0f:d9:d5:88:57:61:fa:3f:c7:be:b6:2d:
                    16:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:F8:5A:A3:D9:47:FD:CA:90:0F:92:87:09:20:C1:9B:04:B2:15:EE
            X509v3 Authority Key Identifier:
                keyid:99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:22:8a:b7:5f:07:60:89:15:2f:4b:ad:2f:58:08:43:26:8d:
         8d:5e:78:1d:6d:54:61:73:c9:1b:08:34:39:6d:68:cc:7a:c3:
         de:15:34:ac:ae:e1:73:85:00:0e:b5:94:50:7a:e6:a8:76:fc:
         4b:16:2e:07:a8:b0:7f:53:ec:2d:b6:34:e5:65:2f:c2:34:3d:
         a2:4a:a4:28:b2:35:f7:39:19:13:a0:54:35:a1:f0:05:94:fa:
         f4:05:69:57:8f:97:99:8e:57:61:a0:fc:4a:9b:c8:6e:30:df:
         f7:54:49:1b:b9:b3:7d:19:a2:11:2d:40:8e:5a:69:d2:c2:8c:
         7f:a9:da:17:38:d0:cf:bd:1c:6b:0c:15:5a:e9:8d:eb:b3:77:
         c2:41:bd:ae:c9:b0:f6:ea:8c:e1:04:88:57:9c:93:d4:f9:4d:
         a9:35:21:55:22:32:6a:d8:62:e7:c6:f8:ed:72:39:91:26:10:
         61:3f:12:3c:16:87:8a:52:56:48:e3:a5:74:9d:2d:98:9f:2e:
         0c:76:a7:41:db:5d:00:e3:09:af:68:53:c1:f3:29:0c:a9:c7:
         01:27:b6:08:e5:e4:9b:b7:5a:bc:14:5d:a9:2f:46:52:d0:96:
         e3:17:ec:51:15:a7:12:bf:04:c3:f1:b0:87:7a:57:7e:c9:37:
         5e:00:39:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE08qN3CGzEqcjrCrmdtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzE1NDA2ZTcyMTdiZmMxMzgxMmE0NzA0YzYyYWUwOTll
N2M4ZmYwHhcNMjUxMTExMDQwMTIyWhcNMjUxMTEyMDQwMTIyWjAzMTEwLwYDVQQD
Eyg4MmY4NWFhM2Q5NDdmZGNhOTAwZjkyODcwOTIwYzE5YjA0YjIxNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CX2q1cMUMWJYwGPzT2dHELpDLga
2ZRXc0ulHuFdTPhdKPkxAlUXfOCp42lcOaAKHf3obuu6CsmJnaCcPuhz74O6jfKn
5UdDFoMylomOT0MkiX5eFTsGP4dom9H6CY321zcNxG1phdJ2I3Yvq5yYCZHOsBd0
PoqPGDP9ACb2AeLIe6KhML97Ba6CDgZoXOSSvXCPuJrH04VudkZ+YfSkwhv4qaKH
SmdPAkLq/nMTaLFEr4dEurXNtG4xcgubT+SPzOE6+C0V+a45flzXKS8UfoLJXbN3
QGS02FyuQur2P0a9+mvFumJJSZOM4f/Y+Zt+lFoP2dWIV2H6P8e+ti0WPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIL4WqPZR/3KkA+ShwkgwZsEshXuMB8GA1UdIwQY
MBaAFJlxVAbnIXv8E4EqRwTGKuCZ58j/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTkt
MTUxNmI2ZDgyZTJkLzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTktMTUxNmI2ZDgyZTJk
LzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABiKKt18H
YIkVL0utL1gIQyaNjV54HW1UYXPJGwg0OW1ozHrD3hU0rK7hc4UADrWUUHrmqHb8
SxYuB6iwf1PsLbY05WUvwjQ9okqkKLI19zkZE6BUNaHwBZT69AVpV4+XmY5XYaD8
SpvIbjDf91RJG7mzfRmiES1Ajlpp0sKMf6naFzjQz70cawwVWumN67N3wkG9rsmw
9uqM4QSIV5yT1PlNqTUhVSIyathi58b47XI5kSYQYT8SPBaHilJWSOOldJ0tmJ8u
DHanQdtdAOMJr2hTwfMpDKnHASe2COXkm7davBRdqS9GUtCW4xfsURWnEr8Ew/Gw
h3pXfsk3XgA5FQ==
-----END CERTIFICATE-----