Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
File:                     R0NPTmaYKfhsbea6PrDo9m2piLY.mft (raw, json)
Hash identifier:          ucL76CZhACRZ6ilLbNDUl9F9EKFLYXyizee2ZUUSuKM=
Subject key identifier:   A4:AF:DA:CB:2F:A5:15:76:F1:46:4F:AE:66:3A:A7:2E:4B:26:D1:E0
Authority key identifier: 47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6
Certificate issuer:       /CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
Certificate serial:       019A71B7E013410D09D0A444FABB4CB1BEC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
Manifest number:          0151
Signing time:             Tue 11 Nov 2025 07:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:07 +0000
Files and hashes:         1: R0NPTmaYKfhsbea6PrDo9m2piLY.crl (hash: zlLxiGMYaT2LPqVgYMOG3NqKswflTjy4Sf9eD/VFDkE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:e0:13:41:0d:09:d0:a4:44:fa:bb:4c:b1:be:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
        Validity
            Not Before: Nov 11 07:01:07 2025 GMT
            Not After : Nov 12 07:01:07 2025 GMT
        Subject: CN=a4afdacb2fa51576f1464fae663aa72e4b26d1e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ff:1b:9e:76:ba:4f:20:0d:ba:83:47:10:5d:
                    34:fa:31:42:b6:d7:f6:2e:9f:ac:0d:91:2b:55:50:
                    ce:e1:91:10:24:01:49:ea:6d:bc:ff:b3:70:1a:65:
                    bc:c6:a5:5a:a3:cb:d0:87:26:8c:6f:08:f7:ec:84:
                    02:d7:e0:60:5b:ec:53:6b:1d:89:fa:fa:0b:df:de:
                    cd:8a:f7:aa:fd:ba:29:14:27:b9:45:67:31:b4:df:
                    8a:07:e5:68:2a:cd:de:c6:31:19:9e:64:96:7e:e2:
                    15:9d:1d:59:ee:42:fa:0a:8f:4f:69:0b:5e:e0:f1:
                    2c:75:0c:63:a0:6b:df:fa:97:52:8e:35:b2:1c:c7:
                    6a:c1:21:be:17:4d:cb:c2:d2:e2:57:3e:da:14:af:
                    92:b8:4f:f9:d0:88:4e:cd:a5:c1:36:de:a4:e7:f8:
                    40:9e:4e:6f:d1:13:fc:b1:49:51:4f:71:30:a2:1c:
                    d6:98:4d:21:7c:fa:3c:28:d1:db:08:a9:f5:c9:06:
                    7f:f5:7c:0f:10:37:d9:f1:6f:68:0d:cb:14:14:a9:
                    c9:99:a1:69:d5:da:f2:ea:bc:bd:54:3c:11:67:ed:
                    94:47:81:4e:b6:93:e2:32:29:b5:aa:2b:5d:03:c3:
                    b2:5a:6b:07:a8:35:1d:a6:4b:84:66:3b:b1:18:66:
                    0d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:AF:DA:CB:2F:A5:15:76:F1:46:4F:AE:66:3A:A7:2E:4B:26:D1:E0
            X509v3 Authority Key Identifier:
                keyid:47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:a4:c1:aa:95:ee:65:12:28:86:33:25:eb:75:9d:12:75:77:
         b2:ed:e6:e9:c9:e5:e5:e4:b9:d6:58:4a:c0:5f:9e:91:86:41:
         27:7a:ab:9f:3f:e2:0e:f3:c8:4a:22:8c:0f:74:9f:7e:07:0f:
         c2:f1:f6:25:f2:f0:fb:86:2c:76:f8:a3:fe:4a:06:79:26:c6:
         ac:7f:e8:1d:ce:a2:ac:cd:2f:7b:ec:50:c2:df:25:39:cd:45:
         03:10:c4:d4:e3:30:40:65:01:21:3f:97:b4:b7:40:28:64:11:
         b9:4a:b0:17:71:8b:cf:13:47:bf:a9:de:4b:ce:fa:25:c8:8e:
         6d:7e:52:24:07:06:da:fe:ab:7b:e2:77:13:ec:33:24:f6:9b:
         22:55:4e:ea:68:3a:24:b7:7a:87:99:a3:35:eb:9a:32:53:82:
         6b:e6:47:78:47:09:74:5d:d4:c6:a1:03:e0:b9:4e:df:13:18:
         28:ce:23:33:e8:df:a9:a9:49:55:16:4b:ff:f8:6c:5e:20:aa:
         f1:6f:49:2c:95:17:39:2c:b9:5e:9c:e3:a2:8a:47:e1:42:7a:
         f3:f3:82:d0:ec:7e:2a:8f:46:96:6f:88:d6:35:01:39:be:a3:
         32:3b:fc:60:0d:91:9f:26:0a:bb:98:b5:62:3f:07:ee:27:56:
         b8:c6:75:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+ATQQ0J0KRE+rtMsb7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NDM0ZjRlNjY5ODI5Zjg2YzZkZTZiYTNlYjBlOGY2NmRh
OTg4YjYwHhcNMjUxMTExMDcwMTA3WhcNMjUxMTEyMDcwMTA3WjAzMTEwLwYDVQQD
EyhhNGFmZGFjYjJmYTUxNTc2ZjE0NjRmYWU2NjNhYTcyZTRiMjZkMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/8bnna6TyANuoNHEF00+jFCttf2
Lp+sDZErVVDO4ZEQJAFJ6m28/7NwGmW8xqVao8vQhyaMbwj37IQC1+BgW+xTax2J
+voL397Niveq/bopFCe5RWcxtN+KB+VoKs3exjEZnmSWfuIVnR1Z7kL6Co9PaQte
4PEsdQxjoGvf+pdSjjWyHMdqwSG+F03LwtLiVz7aFK+SuE/50IhOzaXBNt6k5/hA
nk5v0RP8sUlRT3EwohzWmE0hfPo8KNHbCKn1yQZ/9XwPEDfZ8W9oDcsUFKnJmaFp
1dry6ry9VDwRZ+2UR4FOtpPiMim1qitdA8OyWmsHqDUdpkuEZjuxGGYNKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSv2ssvpRV28UZPrmY6py5LJtHgMB8GA1UdIwQY
MBaAFEdDT05mmCn4bG3muj6w6PZtqYi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODkt
NWI5ZmZmZjA4MmYxLzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODktNWI5ZmZmZjA4MmYx
LzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjaTBqpXu
ZRIohjMl63WdEnV3su3m6cnl5eS51lhKwF+ekYZBJ3qrnz/iDvPISiKMD3SffgcP
wvH2JfLw+4Ysdvij/koGeSbGrH/oHc6irM0ve+xQwt8lOc1FAxDE1OMwQGUBIT+X
tLdAKGQRuUqwF3GLzxNHv6neS876JciObX5SJAcG2v6re+J3E+wzJPabIlVO6mg6
JLd6h5mjNeuaMlOCa+ZHeEcJdF3UxqED4LlO3xMYKM4jM+jfqalJVRZL//hsXiCq
8W9JLJUXOSy5XpzjoopH4UJ68/OC0Ox+Ko9Glm+I1jUBOb6jMjv8YA2RnyYKu5i1
Yj8H7idWuMZ1Kg==
-----END CERTIFICATE-----