Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
File:                     f35evW-kacXjcL_BBsTUqtHh25Q.mft (raw, json)
Hash identifier:          IrZYJlJ8FLuj4bGO0oJnU/6OsjI0YlRWT8I02dhPjSg=
Subject key identifier:   DA:87:81:70:D1:38:06:E3:F5:87:D2:27:6E:66:71:92:A9:A4:CC:22
Authority key identifier: 7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94
Certificate issuer:       /CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
Certificate serial:       019A72266FACE66A44A856E84EBBA5E2E587
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
Manifest number:          0F87
Signing time:             Tue 11 Nov 2025 09:01:52 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:52 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:52 +0000
Files and hashes:         1: f35evW-kacXjcL_BBsTUqtHh25Q.crl (hash: EpHepdTRB0GrXd1tY40jQr7qr4Voh5u4ibj+13raw18=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:6f:ac:e6:6a:44:a8:56:e8:4e:bb:a5:e2:e5:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
        Validity
            Not Before: Nov 11 09:01:52 2025 GMT
            Not After : Nov 12 09:01:52 2025 GMT
        Subject: CN=da878170d13806e3f587d2276e667192a9a4cc22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:38:42:76:a0:76:af:4a:d5:44:ce:5d:61:c4:
                    4d:64:a8:d1:7c:4b:16:b3:81:76:de:b4:92:9a:45:
                    04:14:0e:54:be:fa:0b:c3:98:2f:0c:a3:ea:ce:c8:
                    36:1b:2f:d0:a7:96:76:e9:73:21:a8:54:31:7d:02:
                    98:8d:b0:d7:8b:9c:fd:5b:81:f6:35:ca:d2:4f:c3:
                    0c:76:8c:01:a4:42:f3:c4:4e:90:8e:75:75:71:68:
                    bb:5e:3c:94:bd:ef:45:2d:63:b5:b5:25:02:6a:e8:
                    0c:51:d1:96:b4:f2:90:a8:1e:05:4b:34:f8:ec:48:
                    44:3e:dc:6f:6c:51:00:3c:ec:0c:c3:f3:cc:54:fd:
                    28:7c:69:7f:01:66:03:04:e5:5b:63:54:63:ab:36:
                    93:74:d3:a7:38:14:f7:89:12:3f:d9:5f:a6:4c:e9:
                    d7:93:07:bc:c1:b4:99:8a:9c:d8:71:e4:30:29:df:
                    b4:41:d8:c5:75:86:c8:ea:0e:b9:01:b4:9c:82:5f:
                    64:90:6f:bc:49:7c:46:47:67:6e:1e:ea:67:38:9d:
                    dd:e8:7c:3d:9e:f5:38:c3:be:8b:4d:2a:e6:e2:a7:
                    46:7f:94:ce:2a:a4:72:d1:cf:3f:63:70:f9:d2:33:
                    4e:16:49:58:76:c9:39:f7:1f:7a:8a:30:06:d3:ab:
                    48:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:87:81:70:D1:38:06:E3:F5:87:D2:27:6E:66:71:92:A9:A4:CC:22
            X509v3 Authority Key Identifier:
                keyid:7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:e8:60:e5:f9:75:71:3d:47:1d:05:58:12:e3:8b:76:34:2e:
         fd:97:de:8b:ae:cc:29:be:8a:5f:54:ee:9a:29:cc:13:5a:47:
         e1:d4:ad:23:b7:1c:6e:f5:ce:13:95:48:50:7b:e0:10:dc:ab:
         05:f3:0e:6f:b3:c6:44:3d:cd:d0:4b:cc:92:16:b1:bd:07:e6:
         de:5e:69:80:f6:4a:23:1d:58:f6:92:af:1e:7d:b6:ba:db:b7:
         fc:10:17:34:d0:90:0e:9c:87:b7:b5:15:4f:61:93:88:b6:50:
         de:cf:14:1d:38:ff:cf:d8:f4:86:90:3c:2c:e8:8a:15:39:78:
         38:7f:47:9f:61:ac:81:83:cd:4b:7b:e5:ef:9f:00:39:2f:4d:
         57:83:d3:35:e2:0e:45:1c:06:a0:80:95:36:12:ae:35:bd:a3:
         a0:ba:26:61:bb:b4:ee:c8:0f:ab:64:cd:36:7b:63:f9:30:85:
         a7:37:1e:0d:2a:88:fa:cc:45:94:0a:ef:5b:67:f2:ec:6e:07:
         99:42:db:a6:07:d8:ad:18:ce:76:0a:72:e1:87:34:bd:70:48:
         43:0e:54:3d:b3:c7:f1:01:74:10:17:64:46:09:38:1f:3a:92:
         3a:0d:11:39:17:57:05:61:94:14:68:53:b7:fa:6e:fd:72:38:
         f6:2e:5e:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJm+s5mpEqFboTrul4uWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmN2U1ZWJkNmZhNDY5YzVlMzcwYmZjMTA2YzRkNGFhZDFl
MWRiOTQwHhcNMjUxMTExMDkwMTUyWhcNMjUxMTEyMDkwMTUyWjAzMTEwLwYDVQQD
EyhkYTg3ODE3MGQxMzgwNmUzZjU4N2QyMjc2ZTY2NzE5MmE5YTRjYzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujhCdqB2r0rVRM5dYcRNZKjRfEsW
s4F23rSSmkUEFA5UvvoLw5gvDKPqzsg2Gy/Qp5Z26XMhqFQxfQKYjbDXi5z9W4H2
NcrST8MMdowBpELzxE6QjnV1cWi7XjyUve9FLWO1tSUCaugMUdGWtPKQqB4FSzT4
7EhEPtxvbFEAPOwMw/PMVP0ofGl/AWYDBOVbY1RjqzaTdNOnOBT3iRI/2V+mTOnX
kwe8wbSZipzYceQwKd+0QdjFdYbI6g65AbScgl9kkG+8SXxGR2duHupnOJ3d6Hw9
nvU4w76LTSrm4qdGf5TOKqRy0c8/Y3D50jNOFklYdsk59x96ijAG06tIRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqHgXDROAbj9YfSJ25mcZKppMwiMB8GA1UdIwQY
MBaAFH9+Xr1vpGnF43C/wQbE1KrR4duUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMt
OTgyY2ZiMzU5YWVlLzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMtOTgyY2ZiMzU5YWVl
LzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQOhg5fl1
cT1HHQVYEuOLdjQu/Zfei67MKb6KX1TuminME1pH4dStI7ccbvXOE5VIUHvgENyr
BfMOb7PGRD3N0EvMkhaxvQfm3l5pgPZKIx1Y9pKvHn22utu3/BAXNNCQDpyHt7UV
T2GTiLZQ3s8UHTj/z9j0hpA8LOiKFTl4OH9Hn2GsgYPNS3vl758AOS9NV4PTNeIO
RRwGoICVNhKuNb2joLomYbu07sgPq2TNNntj+TCFpzceDSqI+sxFlArvW2fy7G4H
mULbpgfYrRjOdgpy4Yc0vXBIQw5UPbPH8QF0EBdkRgk4HzqSOg0RORdXBWGUFGhT
t/pu/XI49i5ebA==
-----END CERTIFICATE-----