Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
File:                     bMfzcUDRMXn5pckglknIDDfGpxM.mft (raw, json)
Hash identifier:          vnY4gZg0vnr7xl2L2vAT+i4Kz/PqLYlNSyA4RNlOzII=
Subject key identifier:   1D:5C:43:90:AD:F9:FE:29:07:F5:20:10:01:F2:77:66:B6:60:DA:A6
Authority key identifier: 6C:C7:F3:71:40:D1:31:79:F9:A5:C9:20:96:49:C8:0C:37:C6:A7:13
Certificate issuer:       /CN=6cc7f37140d13179f9a5c9209649c80c37c6a713
Certificate serial:       019A7226191B8FF0EE657872AC1448483A88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
Manifest number:          1337
Signing time:             Tue 11 Nov 2025 09:01:30 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:30 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:30 +0000
Files and hashes:         1: bMfzcUDRMXn5pckglknIDDfGpxM.crl (hash: krPDha4zOyoUZkrOQA2+jIwj+dPCmtPNuVUj/Tsra2c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:19:1b:8f:f0:ee:65:78:72:ac:14:48:48:3a:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cc7f37140d13179f9a5c9209649c80c37c6a713
        Validity
            Not Before: Nov 11 09:01:30 2025 GMT
            Not After : Nov 12 09:01:30 2025 GMT
        Subject: CN=1d5c4390adf9fe2907f5201001f27766b660daa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ca:48:32:94:87:99:57:eb:9c:d4:cc:cf:dc:
                    d9:7b:8d:8d:bc:57:9b:bf:bd:61:2c:5e:eb:83:bf:
                    33:e2:67:43:65:e7:97:1c:c5:4f:5f:9f:57:b3:4c:
                    61:3c:ca:53:3b:33:29:8a:ad:05:38:07:99:1d:82:
                    18:b9:10:56:a2:b3:7f:13:b7:88:6a:ba:21:16:ab:
                    6d:d0:0b:d8:e4:d9:87:1b:5e:23:af:1c:22:71:58:
                    3e:9d:82:31:ec:a4:05:a5:4d:b7:1a:94:4a:5f:c1:
                    92:3a:ff:72:9d:1d:cc:eb:68:3d:d4:f8:20:27:a0:
                    db:f0:38:83:42:4e:41:c7:19:a8:71:03:92:54:b0:
                    68:f7:df:46:ad:d1:33:a4:28:41:f9:8d:65:c3:f9:
                    40:d4:ff:03:b5:4a:b5:ba:c5:43:e2:31:f4:13:e1:
                    5d:33:fd:a3:3f:46:23:24:19:31:d9:99:68:4e:01:
                    cf:82:03:90:ef:1c:1e:a5:97:19:25:18:1a:8b:08:
                    b9:17:9f:d6:21:ca:09:5b:1c:d6:cd:7c:4b:0d:82:
                    2d:87:f4:8c:48:84:dc:91:ae:ce:55:c7:59:41:55:
                    a4:08:1f:60:4f:b8:43:c3:e9:a0:5b:cc:87:b2:e4:
                    e2:11:0d:ee:3d:8b:63:57:06:87:dd:c2:53:41:84:
                    f5:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:5C:43:90:AD:F9:FE:29:07:F5:20:10:01:F2:77:66:B6:60:DA:A6
            X509v3 Authority Key Identifier:
                keyid:6C:C7:F3:71:40:D1:31:79:F9:A5:C9:20:96:49:C8:0C:37:C6:A7:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:21:d8:a1:57:18:b1:bb:24:4e:3e:77:cf:1b:47:b6:b1:3b:
         16:c8:f7:3f:fa:5a:a0:97:da:24:3d:7d:10:9d:66:68:58:60:
         b6:d7:c2:bf:4d:4a:fb:86:36:08:19:55:d4:d2:5b:44:2a:e0:
         8a:f7:df:1d:8f:ce:ba:5f:54:99:62:42:a8:a4:93:b6:7c:8f:
         a7:2a:c9:32:5d:96:c7:05:79:42:e4:d3:5c:17:28:3c:2d:c5:
         fe:c4:ca:65:3b:34:b7:f5:cf:33:52:cd:bf:47:32:4c:6e:54:
         b4:80:6d:dc:9b:9c:e8:a0:3d:c0:59:95:dd:8d:cb:85:30:10:
         1f:b4:10:50:42:65:b2:00:a5:0a:f5:1c:07:f8:8f:8c:6b:42:
         9e:2e:9c:62:12:52:40:c7:8c:40:cd:a6:b6:b5:18:a5:05:48:
         51:7d:69:05:96:d1:30:bc:c4:28:1c:c9:95:e5:0c:c8:59:fa:
         ea:ad:a6:ee:5a:e5:e1:92:bd:21:6e:be:01:ed:fd:55:9b:fa:
         22:42:a5:50:c6:a7:e8:97:90:35:bd:74:60:08:2c:e8:03:2c:
         3d:cd:ae:3e:99:29:8a:99:e8:ec:44:dc:aa:c2:5e:a0:54:38:
         b1:1b:8e:47:b6:3a:fc:1a:2b:34:62:ec:96:15:8f:86:2c:13:
         18:1f:07:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhkbj/DuZXhyrBRISDqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzdmMzcxNDBkMTMxNzlmOWE1YzkyMDk2NDljODBjMzdj
NmE3MTMwHhcNMjUxMTExMDkwMTMwWhcNMjUxMTEyMDkwMTMwWjAzMTEwLwYDVQQD
EygxZDVjNDM5MGFkZjlmZTI5MDdmNTIwMTAwMWYyNzc2NmI2NjBkYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8pIMpSHmVfrnNTMz9zZe42NvFeb
v71hLF7rg78z4mdDZeeXHMVPX59Xs0xhPMpTOzMpiq0FOAeZHYIYuRBWorN/E7eI
arohFqtt0AvY5NmHG14jrxwicVg+nYIx7KQFpU23GpRKX8GSOv9ynR3M62g91Pgg
J6Db8DiDQk5BxxmocQOSVLBo999GrdEzpChB+Y1lw/lA1P8DtUq1usVD4jH0E+Fd
M/2jP0YjJBkx2ZloTgHPggOQ7xwepZcZJRgaiwi5F5/WIcoJWxzWzXxLDYIth/SM
SITcka7OVcdZQVWkCB9gT7hDw+mgW8yHsuTiEQ3uPYtjVwaH3cJTQYT13wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1cQ5Ct+f4pB/UgEAHyd2a2YNqmMB8GA1UdIwQY
MBaAFGzH83FA0TF5+aXJIJZJyAw3xqcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNzU1MDctNWM1Yy00ODQyLWExYzQt
OGQ1NmRkY2ZhNGI4LzEvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNzU1MDctNWM1Yy00ODQyLWExYzQtOGQ1NmRkY2ZhNGI4
LzEvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcCHYoVcY
sbskTj53zxtHtrE7Fsj3P/paoJfaJD19EJ1maFhgttfCv01K+4Y2CBlV1NJbRCrg
ivffHY/Oul9UmWJCqKSTtnyPpyrJMl2WxwV5QuTTXBcoPC3F/sTKZTs0t/XPM1LN
v0cyTG5UtIBt3Juc6KA9wFmV3Y3LhTAQH7QQUEJlsgClCvUcB/iPjGtCni6cYhJS
QMeMQM2mtrUYpQVIUX1pBZbRMLzEKBzJleUMyFn66q2m7lrl4ZK9IW6+Ae39VZv6
IkKlUMan6JeQNb10YAgs6AMsPc2uPpkpipno7ETcqsJeoFQ4sRuOR7Y6/BorNGLs
lhWPhiwTGB8Hbw==
-----END CERTIFICATE-----