Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
File:                     RmSgU4XAYmgVApGX6xUGSF09bRw.mft (raw, json)
Hash identifier:          MVVRh5pptY+VB1gdS5GGF6loL0W7f5mRs2ZK7hEx2Hg=
Subject key identifier:   F1:6E:D2:E9:32:37:5B:34:70:21:B9:B2:B8:05:16:92:18:5F:20:5F
Authority key identifier: 46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C
Certificate issuer:       /CN=4664a05385c0626815029197eb1506485d3d6d1c
Certificate serial:       019A7113009AC3DC7882369E83EA8C31FEB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
Manifest number:          0874
Signing time:             Tue 11 Nov 2025 04:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:02 +0000
Files and hashes:         1: RmSgU4XAYmgVApGX6xUGSF09bRw.crl (hash: pbmenPzW8EY+85AAyTB8F++SgasyaiwDVEA1VCe3atM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:00:9a:c3:dc:78:82:36:9e:83:ea:8c:31:fe:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4664a05385c0626815029197eb1506485d3d6d1c
        Validity
            Not Before: Nov 11 04:01:02 2025 GMT
            Not After : Nov 12 04:01:02 2025 GMT
        Subject: CN=f16ed2e932375b347021b9b2b8051692185f205f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d0:bb:2e:4d:05:30:c1:5b:04:1e:68:6e:8b:
                    6a:74:6e:05:c9:9d:8c:4c:01:af:89:b7:10:43:fe:
                    9e:f2:03:9f:7e:96:0b:16:1a:8b:84:b1:9c:c7:d0:
                    a8:bc:51:fa:37:21:e8:6d:3e:96:ad:ef:28:43:c3:
                    5a:66:ac:a0:4d:9f:e0:10:02:a5:24:a1:29:cb:30:
                    9c:e2:30:bb:15:07:c2:9a:12:9e:e3:7a:82:ab:43:
                    bd:86:e9:b4:16:8c:92:be:e1:e1:06:fe:1d:0a:ff:
                    08:5a:6d:d1:60:5f:28:67:95:23:ef:ac:28:7b:98:
                    87:87:69:79:55:af:9d:4c:60:1d:7c:0e:df:bd:27:
                    e5:d0:5e:c2:f9:37:b3:6f:f0:91:a2:db:9d:7a:b8:
                    28:a1:70:4b:87:8e:fc:50:bd:0c:f5:f2:68:a6:32:
                    08:ff:4f:02:27:47:46:93:c9:c0:ba:6a:2a:7f:6a:
                    68:5a:3f:81:d2:60:5a:a4:8b:9e:24:08:ca:10:88:
                    ac:03:74:f9:e0:80:df:06:53:3f:24:85:1e:76:06:
                    74:11:4e:52:eb:b6:43:03:d2:2a:03:78:c5:91:6a:
                    af:7a:97:1f:b5:13:63:f3:7a:7a:35:15:1e:86:62:
                    3e:ed:46:15:ca:29:9d:62:92:40:b6:67:c1:40:3c:
                    a5:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:6E:D2:E9:32:37:5B:34:70:21:B9:B2:B8:05:16:92:18:5F:20:5F
            X509v3 Authority Key Identifier:
                keyid:46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:e9:0b:a6:fc:d1:22:d6:73:15:64:9c:d5:f3:f0:a9:2a:06:
         e4:22:7f:cd:8a:7d:87:72:7a:df:37:3b:de:ba:f0:09:3b:6b:
         41:ec:8e:49:c5:ab:b0:0a:50:16:e0:35:60:98:b6:dd:cd:a6:
         1a:79:b6:aa:06:7a:66:4c:69:cf:25:1f:51:e4:f1:49:9d:6a:
         fe:25:cf:6f:5b:9e:0a:d5:12:f9:f2:a5:6b:c8:b1:59:29:c8:
         07:50:d8:a5:19:ec:33:46:9c:14:f5:b0:87:37:bf:26:da:21:
         9c:8c:c5:5a:fb:8f:38:ef:26:e7:5a:a4:2e:b0:59:c6:95:90:
         b0:73:0a:ce:0c:82:aa:f5:ad:c9:eb:25:f2:2c:bb:88:dd:46:
         3e:02:98:13:6c:7f:1c:65:7b:a2:99:bf:b1:50:f4:6e:ed:67:
         a3:d4:cc:f6:6c:02:bc:7a:1a:57:c8:37:b1:bf:d2:1e:5d:c5:
         fa:b2:e1:11:68:35:f5:13:e4:89:85:ce:8e:66:1b:cc:1a:cb:
         07:73:88:19:5b:af:b4:ad:9d:12:a3:a5:ed:e9:90:c3:41:49:
         77:6d:2b:40:55:47:b0:bf:96:16:86:e9:d8:cf:25:35:03:f2:
         9a:fe:8e:39:03:d6:9a:33:3f:28:d8:1b:dc:1a:0c:ca:7f:93:
         81:e0:a5:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEwCaw9x4gjaeg+qMMf65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NjRhMDUzODVjMDYyNjgxNTAyOTE5N2ViMTUwNjQ4NWQz
ZDZkMWMwHhcNMjUxMTExMDQwMTAyWhcNMjUxMTEyMDQwMTAyWjAzMTEwLwYDVQQD
EyhmMTZlZDJlOTMyMzc1YjM0NzAyMWI5YjJiODA1MTY5MjE4NWYyMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9C7Lk0FMMFbBB5obotqdG4FyZ2M
TAGvibcQQ/6e8gOffpYLFhqLhLGcx9CovFH6NyHobT6Wre8oQ8NaZqygTZ/gEAKl
JKEpyzCc4jC7FQfCmhKe43qCq0O9hum0FoySvuHhBv4dCv8IWm3RYF8oZ5Uj76wo
e5iHh2l5Va+dTGAdfA7fvSfl0F7C+Tezb/CRotudergooXBLh478UL0M9fJopjII
/08CJ0dGk8nAumoqf2poWj+B0mBapIueJAjKEIisA3T54IDfBlM/JIUedgZ0EU5S
67ZDA9IqA3jFkWqvepcftRNj83p6NRUehmI+7UYVyimdYpJAtmfBQDylGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFu0ukyN1s0cCG5srgFFpIYXyBfMB8GA1UdIwQY
MBaAFEZkoFOFwGJoFQKRl+sVBkhdPW0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTkt
OWM4NDg1NDgzZDU5LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTktOWM4NDg1NDgzZDU5
LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkOkLpvzR
ItZzFWSc1fPwqSoG5CJ/zYp9h3J63zc73rrwCTtrQeyOScWrsApQFuA1YJi23c2m
Gnm2qgZ6ZkxpzyUfUeTxSZ1q/iXPb1ueCtUS+fKla8ixWSnIB1DYpRnsM0acFPWw
hze/JtohnIzFWvuPOO8m51qkLrBZxpWQsHMKzgyCqvWtyesl8iy7iN1GPgKYE2x/
HGV7opm/sVD0bu1no9TM9mwCvHoaV8g3sb/SHl3F+rLhEWg19RPkiYXOjmYbzBrL
B3OIGVuvtK2dEqOl7emQw0FJd20rQFVHsL+WFobp2M8lNQPymv6OOQPWmjM/KNgb
3BoMyn+TgeClrw==
-----END CERTIFICATE-----