Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
File:                     mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft (raw, json)
Hash identifier:          KHgnWRGBqh1QJkC0TqgRDGMaBff/hmhZKMFM9pRxng0=
Subject key identifier:   75:21:E5:EB:AA:4A:EB:88:1C:58:5E:3C:F3:27:7E:A6:55:0A:82:75
Authority key identifier: 99:C1:3C:B5:8D:2F:D3:1E:12:C5:E1:46:CC:6B:4F:2C:74:78:16:F4
Certificate issuer:       /CN=99c13cb58d2fd31e12c5e146cc6b4f2c747816f4
Certificate serial:       019A71B93825F51C04D118FADECB6F6ADC46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
Manifest number:          0A4A
Signing time:             Tue 11 Nov 2025 07:02:35 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:35 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:35 +0000
Files and hashes:         1: mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl (hash: ZVfs1EdzEW5bM7InasrV/gM5y0nx5zF53uqXHnsqR1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:38:25:f5:1c:04:d1:18:fa:de:cb:6f:6a:dc:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99c13cb58d2fd31e12c5e146cc6b4f2c747816f4
        Validity
            Not Before: Nov 11 07:02:35 2025 GMT
            Not After : Nov 12 07:02:35 2025 GMT
        Subject: CN=7521e5ebaa4aeb881c585e3cf3277ea6550a8275
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:31:cb:4d:0a:37:e5:32:6e:cb:52:b9:09:1b:
                    d1:00:35:33:02:1d:e9:f9:ab:c1:ed:91:89:08:2b:
                    dc:5a:01:8d:19:f3:d0:8b:1f:8c:62:31:5d:10:06:
                    54:a1:02:34:55:d9:56:35:e6:a8:ca:ca:e8:19:31:
                    13:b2:01:7b:f5:ce:53:74:96:9a:df:33:13:ce:2f:
                    59:04:01:f2:b8:5a:e2:76:0c:59:f9:7a:23:92:5b:
                    98:99:7e:80:d7:3b:ac:44:b2:0d:21:5b:88:8b:92:
                    34:cf:d9:c7:46:09:e4:0e:92:bb:e3:ae:e1:17:74:
                    c5:3e:58:5d:10:91:fd:39:b9:cc:4c:27:86:40:38:
                    ff:3e:cc:15:59:bb:a5:c8:42:39:e0:ae:31:b5:6b:
                    ee:c3:cc:93:af:0f:9b:10:35:b6:bc:8d:c7:9f:d2:
                    46:1f:71:f7:bf:03:3e:15:2e:21:08:26:aa:ff:f1:
                    0a:72:b4:9d:14:2c:50:4a:46:85:76:31:92:25:61:
                    63:bf:b8:7d:97:65:04:1f:ce:5b:0d:5d:84:1a:61:
                    53:e2:0d:15:0b:0d:f4:26:08:70:6c:16:68:77:e1:
                    f1:e7:7c:41:29:8a:4d:1c:95:2d:e0:23:a0:bc:0a:
                    fc:91:24:fb:16:5b:b7:3e:42:28:db:65:29:b2:aa:
                    de:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:21:E5:EB:AA:4A:EB:88:1C:58:5E:3C:F3:27:7E:A6:55:0A:82:75
            X509v3 Authority Key Identifier:
                keyid:99:C1:3C:B5:8D:2F:D3:1E:12:C5:E1:46:CC:6B:4F:2C:74:78:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:80:b9:b5:24:e4:67:95:66:12:ae:ef:1a:11:14:86:d4:04:
         e3:05:61:86:02:92:1b:ab:3f:bf:66:83:d4:a5:68:65:71:57:
         e5:44:58:dc:ce:e6:1a:e5:ee:b0:92:a7:a3:19:b0:0e:9a:8c:
         8f:80:4f:98:e9:51:b3:9b:fd:50:c1:ae:d4:75:f8:2c:e0:f3:
         42:66:f2:d6:82:54:d6:a4:6c:5c:8d:e3:f5:3d:8d:8b:63:a8:
         09:e6:ce:ab:03:d1:78:2d:9d:1f:72:8e:f6:e0:22:af:27:6c:
         a0:89:1d:d2:25:79:1a:94:54:df:8a:a0:78:3e:41:9c:8f:96:
         7a:d4:55:9e:61:83:2d:95:e5:09:74:a4:29:db:b7:70:d9:a9:
         7f:6c:e6:63:f0:36:9f:32:ed:81:df:4a:fc:80:8b:a6:3d:7a:
         b9:e1:b2:2e:cf:88:a5:6b:9e:7d:c7:19:42:95:aa:df:00:a7:
         2e:d2:af:05:6c:ed:cd:a9:24:bb:a7:c7:b3:44:4b:ec:90:99:
         16:1f:42:1f:40:2b:9e:61:c1:0a:2e:ce:49:e3:ef:59:bf:9f:
         45:22:cf:3e:e1:94:8e:17:9f:e4:95:e9:07:10:54:30:9f:46:
         d3:c8:d8:0e:eb:c6:29:f1:6e:2d:80:c6:23:cd:bd:c7:99:08:
         2d:92:28:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTgl9RwE0Rj63stvatxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YzEzY2I1OGQyZmQzMWUxMmM1ZTE0NmNjNmI0ZjJjNzQ3
ODE2ZjQwHhcNMjUxMTExMDcwMjM1WhcNMjUxMTEyMDcwMjM1WjAzMTEwLwYDVQQD
Eyg3NTIxZTVlYmFhNGFlYjg4MWM1ODVlM2NmMzI3N2VhNjU1MGE4Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DHLTQo35TJuy1K5CRvRADUzAh3p
+avB7ZGJCCvcWgGNGfPQix+MYjFdEAZUoQI0VdlWNeaoysroGTETsgF79c5TdJaa
3zMTzi9ZBAHyuFridgxZ+XojkluYmX6A1zusRLINIVuIi5I0z9nHRgnkDpK7467h
F3TFPlhdEJH9ObnMTCeGQDj/PswVWbulyEI54K4xtWvuw8yTrw+bEDW2vI3Hn9JG
H3H3vwM+FS4hCCaq//EKcrSdFCxQSkaFdjGSJWFjv7h9l2UEH85bDV2EGmFT4g0V
Cw30JghwbBZod+Hx53xBKYpNHJUt4COgvAr8kST7Flu3PkIo22UpsqreCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHUh5euqSuuIHFhePPMnfqZVCoJ1MB8GA1UdIwQY
MBaAFJnBPLWNL9MeEsXhRsxrTyx0eBb0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9iOTJiMzAtOGFkYS00NzVjLWFhMmEt
NTY3ZGM5YTc5ZmRkLzEvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9iOTJiMzAtOGFkYS00NzVjLWFhMmEtNTY3ZGM5YTc5ZmRk
LzEvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZYC5tSTk
Z5VmEq7vGhEUhtQE4wVhhgKSG6s/v2aD1KVoZXFX5URY3M7mGuXusJKnoxmwDpqM
j4BPmOlRs5v9UMGu1HX4LODzQmby1oJU1qRsXI3j9T2Ni2OoCebOqwPReC2dH3KO
9uAirydsoIkd0iV5GpRU34qgeD5BnI+WetRVnmGDLZXlCXSkKdu3cNmpf2zmY/A2
nzLtgd9K/ICLpj16ueGyLs+IpWuefccZQpWq3wCnLtKvBWztzakku6fHs0RL7JCZ
Fh9CH0ArnmHBCi7OSePvWb+fRSLPPuGUjhef5JXpBxBUMJ9G08jYDuvGKfFuLYDG
I829x5kILZIoxQ==
-----END CERTIFICATE-----