Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
File:                     spK68_TAei7dR9iMKxW2Wir33q0.mft (raw, json)
Hash identifier:          FkMjEWSUIzgT+KUT/AwXRkEwIQtIB8jgVc+arFbymEU=
Subject key identifier:   C4:5D:FF:EB:B4:C3:96:7D:08:A0:A3:BA:D3:BD:DF:76:BB:A7:18:50
Authority key identifier: B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD
Certificate issuer:       /CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
Certificate serial:       019A71B8B867B99F829F10EDCB4FD8AD724D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
Manifest number:          0DB7
Signing time:             Tue 11 Nov 2025 07:02:02 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:02 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:02 +0000
Files and hashes:         1: spK68_TAei7dR9iMKxW2Wir33q0.crl (hash: neA/xbD/t8IDIkoI2q84yllG8AJhM0kRgU2r7IDfPPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:b8:67:b9:9f:82:9f:10:ed:cb:4f:d8:ad:72:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
        Validity
            Not Before: Nov 11 07:02:02 2025 GMT
            Not After : Nov 12 07:02:02 2025 GMT
        Subject: CN=c45dffebb4c3967d08a0a3bad3bddf76bba71850
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:28:2e:52:2c:88:87:b6:75:00:80:79:1b:e1:
                    83:0f:cf:e2:5e:60:ca:12:d3:b3:b3:02:6a:01:3d:
                    25:ec:bc:55:86:c8:54:e2:8d:ad:ff:c5:82:3f:27:
                    c2:07:22:67:45:0c:6b:fd:0a:a0:fc:37:5f:e5:f4:
                    a1:d8:c7:d1:01:67:9d:c2:17:b1:24:6f:24:37:da:
                    d6:6e:3d:25:83:bc:c5:c2:6c:89:2b:12:fe:b6:c2:
                    c9:7b:46:aa:a6:11:05:41:71:0a:59:35:bc:32:d0:
                    93:0d:36:d3:f9:ff:df:e6:cd:e7:e6:f2:ca:e8:9f:
                    82:38:6e:87:7b:e0:a7:43:f6:42:74:4f:4a:43:86:
                    f9:05:0d:d7:dd:4a:5f:bd:30:23:c7:fa:ce:04:64:
                    9a:11:82:0c:28:aa:1e:18:ba:5c:e2:7e:75:5c:10:
                    ef:87:ad:06:28:4e:b6:82:b2:0b:37:c1:65:ab:77:
                    9a:58:df:2b:96:01:8d:56:84:c2:0b:6a:42:13:41:
                    7e:37:ea:d2:aa:1f:82:93:cf:9e:2c:53:67:5b:f4:
                    b8:a6:a0:30:62:9e:97:17:1c:b4:1f:d0:dd:9a:8e:
                    20:ec:69:67:cf:91:48:6f:cb:45:40:94:11:d4:cb:
                    23:d4:9f:99:03:4c:df:e5:15:39:87:43:1d:7b:67:
                    13:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:5D:FF:EB:B4:C3:96:7D:08:A0:A3:BA:D3:BD:DF:76:BB:A7:18:50
            X509v3 Authority Key Identifier:
                keyid:B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:f7:97:02:af:6f:99:8b:95:65:6d:0e:0b:0e:01:9d:06:fe:
         59:ec:0d:f4:45:d4:21:75:8d:78:0a:98:f7:06:8b:58:1e:e5:
         20:72:e3:81:d4:96:1c:9e:1c:2b:fa:5b:bc:a8:27:df:a3:02:
         d8:76:1b:de:57:84:7b:65:ab:4b:85:bd:e1:7c:bc:d6:cf:b3:
         ba:c1:43:55:9b:68:be:16:43:85:c0:7d:5e:57:73:7c:a8:49:
         69:d4:1b:0c:ad:52:86:a0:6a:ae:5c:ea:36:d5:7b:51:75:d9:
         47:bf:30:24:18:66:f9:03:6a:0f:57:72:a8:11:b3:71:3e:41:
         2e:8b:64:4c:9f:e1:2e:9c:46:88:e1:57:94:11:96:76:83:14:
         28:43:57:31:e8:ed:bb:93:40:fb:a0:59:f2:b5:28:de:6e:b4:
         ea:c6:85:a4:63:77:98:ba:a0:f6:68:5c:54:9c:60:8e:6f:d6:
         23:b5:50:02:83:00:7d:d1:ce:4f:bd:11:76:ad:cd:d0:e0:b1:
         88:73:ed:7f:ae:82:52:8a:7f:85:31:45:ec:4a:b6:10:d4:87:
         21:4a:23:d6:70:cc:4c:f8:29:12:fb:39:5b:32:e9:b3:1a:77:
         38:ac:9d:7d:e4:5e:97:3f:fe:7a:c5:20:a7:01:98:d8:ee:9c:
         7f:c0:a3:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLhnuZ+CnxDty0/YrXJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOTJiYWYzZjRjMDdhMmVkZDQ3ZDg4YzJiMTViNjVhMmFm
N2RlYWQwHhcNMjUxMTExMDcwMjAyWhcNMjUxMTEyMDcwMjAyWjAzMTEwLwYDVQQD
EyhjNDVkZmZlYmI0YzM5NjdkMDhhMGEzYmFkM2JkZGY3NmJiYTcxODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSguUiyIh7Z1AIB5G+GDD8/iXmDK
EtOzswJqAT0l7LxVhshU4o2t/8WCPyfCByJnRQxr/Qqg/Ddf5fSh2MfRAWedwhex
JG8kN9rWbj0lg7zFwmyJKxL+tsLJe0aqphEFQXEKWTW8MtCTDTbT+f/f5s3n5vLK
6J+COG6He+CnQ/ZCdE9KQ4b5BQ3X3UpfvTAjx/rOBGSaEYIMKKoeGLpc4n51XBDv
h60GKE62grILN8Flq3eaWN8rlgGNVoTCC2pCE0F+N+rSqh+Ck8+eLFNnW/S4pqAw
Yp6XFxy0H9Ddmo4g7Glnz5FIb8tFQJQR1Msj1J+ZA0zf5RU5h0Mde2cTNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRd/+u0w5Z9CKCjutO933a7pxhQMB8GA1UdIwQY
MBaAFLKSuvP0wHou3UfYjCsVtloq996tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGIt
MmE3MmMyODU4YmFjLzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGItMmE3MmMyODU4YmFj
LzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPeXAq9v
mYuVZW0OCw4BnQb+WewN9EXUIXWNeAqY9waLWB7lIHLjgdSWHJ4cK/pbvKgn36MC
2HYb3leEe2WrS4W94Xy81s+zusFDVZtovhZDhcB9XldzfKhJadQbDK1ShqBqrlzq
NtV7UXXZR78wJBhm+QNqD1dyqBGzcT5BLotkTJ/hLpxGiOFXlBGWdoMUKENXMejt
u5NA+6BZ8rUo3m606saFpGN3mLqg9mhcVJxgjm/WI7VQAoMAfdHOT70Rdq3N0OCx
iHPtf66CUop/hTFF7Eq2ENSHIUoj1nDMTPgpEvs5WzLpsxp3OKydfeRelz/+esUg
pwGY2O6cf8CjQQ==
-----END CERTIFICATE-----