Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
File:                     fkL5qpHFODs-cnVy67GVWRqHYM4.mft (raw, json)
Hash identifier:          jl5lrhxRCrWTf75PJ3Yl8lS0qNOCJ+p0PVQKa7tf6BI=
Subject key identifier:   51:F9:96:DE:39:E6:FB:BC:50:4D:38:BA:D0:55:42:6A:32:3D:1F:BE
Authority key identifier: 7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE
Certificate issuer:       /CN=7e42f9aa91c5383b3e727572ebb195591a8760ce
Certificate serial:       019A71B7CD3E982022BABA4708EEF9DBAF9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
Manifest number:          07B6
Signing time:             Tue 11 Nov 2025 07:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:02 +0000
Files and hashes:         1: fkL5qpHFODs-cnVy67GVWRqHYM4.crl (hash: Sx5JmnpIAuPbiZmXLZZ3UvctUFPkiH0wTTXvm6IAsTk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:cd:3e:98:20:22:ba:ba:47:08:ee:f9:db:af:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e42f9aa91c5383b3e727572ebb195591a8760ce
        Validity
            Not Before: Nov 11 07:01:02 2025 GMT
            Not After : Nov 12 07:01:02 2025 GMT
        Subject: CN=51f996de39e6fbbc504d38bad055426a323d1fbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c6:34:34:46:d2:f7:02:4a:ae:27:e4:0a:99:
                    4a:6a:d4:ef:dc:8a:9d:71:46:74:c1:f0:35:42:fd:
                    1c:8a:a6:5c:25:52:88:6a:fe:9d:cb:e7:11:36:ee:
                    50:47:2c:cb:d5:e7:5c:4b:e9:32:13:db:45:7d:03:
                    ab:f7:13:a9:96:f1:f8:f2:f8:89:85:79:94:81:b1:
                    fa:00:b8:ca:9d:ae:da:87:3d:5a:09:5a:46:25:05:
                    b2:bb:88:97:c0:b5:fe:4a:22:74:15:f3:9c:63:75:
                    35:2b:ba:be:8f:17:a8:d0:01:45:fb:3d:3f:10:ae:
                    1d:fe:02:84:be:bb:b9:78:8b:13:c3:b0:03:c7:16:
                    56:93:dc:88:00:01:ac:54:00:5a:05:89:31:f4:83:
                    e5:e2:b9:22:6d:9d:8c:01:61:4a:8a:ef:52:e1:6b:
                    df:5b:80:ba:3b:3f:f4:8c:70:0c:d4:e3:5b:2c:ed:
                    dd:af:65:8f:fe:79:d3:12:1f:94:b0:ce:e0:51:0f:
                    c6:54:85:a5:6d:cd:27:e4:2f:59:08:9c:f6:59:20:
                    cf:e5:7d:5f:16:4d:19:09:2e:ff:72:d5:61:62:47:
                    8d:f8:df:71:65:45:e3:ad:e5:f4:43:a3:2a:74:25:
                    f7:31:6c:b7:62:8d:40:40:5e:ce:be:d8:4e:ef:5d:
                    bd:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:F9:96:DE:39:E6:FB:BC:50:4D:38:BA:D0:55:42:6A:32:3D:1F:BE
            X509v3 Authority Key Identifier:
                keyid:7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:16:9f:be:32:0e:6b:0a:cc:e0:ca:52:a7:c7:e5:21:21:65:
         6e:d4:51:e8:4e:5c:f8:be:20:26:e9:64:51:4b:98:d3:0e:98:
         41:b2:ee:62:d5:4f:a9:57:74:0c:02:22:7e:be:bf:29:e3:09:
         79:5c:ec:e7:1b:e1:42:85:64:04:2f:00:6f:de:a9:a9:0d:70:
         9c:8b:a3:27:af:2f:12:e8:58:2a:95:a9:d2:8a:59:09:52:a9:
         c2:41:30:21:15:ce:14:c8:8a:cd:2a:1b:78:46:3f:cc:7a:9c:
         45:92:8d:0d:a4:3d:81:1d:f4:3c:8f:c6:5e:44:b4:26:97:bd:
         eb:f5:be:a7:a5:09:2f:b0:d1:05:ef:65:f2:c5:f9:6d:70:5c:
         4f:af:cd:c2:ad:c0:af:91:58:f4:45:35:f8:4f:b7:36:ed:27:
         0f:94:1d:f7:0c:44:f2:2f:77:0c:32:8d:5d:49:01:66:53:f0:
         fb:21:d3:2c:2e:68:26:61:d3:f4:ee:15:6e:53:07:a6:a7:d6:
         c1:ff:7c:27:5c:25:b0:f2:04:bd:68:31:a4:20:b2:5a:5f:96:
         d3:12:13:bd:78:9e:96:7b:b3:98:26:a9:80:97:aa:ec:95:1b:
         b2:3e:19:12:44:54:cf:79:41:79:be:08:39:c4:60:5a:36:01:
         19:e7:61:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt80+mCAiurpHCO7526+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNDJmOWFhOTFjNTM4M2IzZTcyNzU3MmViYjE5NTU5MWE4
NzYwY2UwHhcNMjUxMTExMDcwMTAyWhcNMjUxMTEyMDcwMTAyWjAzMTEwLwYDVQQD
Eyg1MWY5OTZkZTM5ZTZmYmJjNTA0ZDM4YmFkMDU1NDI2YTMyM2QxZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsY0NEbS9wJKrifkCplKatTv3Iqd
cUZ0wfA1Qv0ciqZcJVKIav6dy+cRNu5QRyzL1edcS+kyE9tFfQOr9xOplvH48viJ
hXmUgbH6ALjKna7ahz1aCVpGJQWyu4iXwLX+SiJ0FfOcY3U1K7q+jxeo0AFF+z0/
EK4d/gKEvru5eIsTw7ADxxZWk9yIAAGsVABaBYkx9IPl4rkibZ2MAWFKiu9S4Wvf
W4C6Oz/0jHAM1ONbLO3dr2WP/nnTEh+UsM7gUQ/GVIWlbc0n5C9ZCJz2WSDP5X1f
Fk0ZCS7/ctVhYkeN+N9xZUXjreX0Q6MqdCX3MWy3Yo1AQF7OvthO7129+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFH5lt455vu8UE04utBVQmoyPR++MB8GA1UdIwQY
MBaAFH5C+aqRxTg7PnJ1cuuxlVkah2DOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjct
N2NkNDcyODY0YmY4LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjctN2NkNDcyODY0YmY4
LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGRafvjIO
awrM4MpSp8flISFlbtRR6E5c+L4gJulkUUuY0w6YQbLuYtVPqVd0DAIifr6/KeMJ
eVzs5xvhQoVkBC8Ab96pqQ1wnIujJ68vEuhYKpWp0opZCVKpwkEwIRXOFMiKzSob
eEY/zHqcRZKNDaQ9gR30PI/GXkS0Jpe96/W+p6UJL7DRBe9l8sX5bXBcT6/Nwq3A
r5FY9EU1+E+3Nu0nD5Qd9wxE8i93DDKNXUkBZlPw+yHTLC5oJmHT9O4VblMHpqfW
wf98J1wlsPIEvWgxpCCyWl+W0xITvXielnuzmCapgJeq7JUbsj4ZEkRUz3lBeb4I
OcRgWjYBGedheg==
-----END CERTIFICATE-----