Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
File:                     M4YMg3IhmQcJz1rqKduBaJU-feA.mft (raw, json)
Hash identifier:          W+7Q0JQsmvk/4M3l3507VKubK1IcRYcX1onVYLTGr+Q=
Subject key identifier:   DE:0A:B9:C8:87:B3:E9:F0:15:67:AC:52:59:2C:0A:F6:33:B9:0E:9C
Authority key identifier: 33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0
Certificate issuer:       /CN=33860c837221990709cf5aea29db8168953e7de0
Certificate serial:       019A7225949010C6E394043B295CA0D0F8B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
Manifest number:          0856
Signing time:             Tue 11 Nov 2025 09:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:56 +0000
Files and hashes:         1: M4YMg3IhmQcJz1rqKduBaJU-feA.crl (hash: Wva5CrnWx6sI//OsctD7xhoFjl1uSFZse2P9/KA8oI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:94:90:10:c6:e3:94:04:3b:29:5c:a0:d0:f8:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33860c837221990709cf5aea29db8168953e7de0
        Validity
            Not Before: Nov 11 09:00:56 2025 GMT
            Not After : Nov 12 09:00:56 2025 GMT
        Subject: CN=de0ab9c887b3e9f01567ac52592c0af633b90e9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c1:81:72:95:5b:f6:b9:da:5c:90:13:8b:80:
                    5b:f7:2e:9d:ba:65:43:8e:22:94:81:bf:27:57:7e:
                    c0:41:bf:07:0f:eb:95:37:61:9f:89:10:ba:41:c8:
                    bb:ea:8d:21:32:15:8e:a7:a9:b8:67:b9:ed:00:9e:
                    bb:07:04:50:62:8b:e2:6e:0f:6b:90:bc:8a:52:3e:
                    7f:1f:4c:12:c0:d2:59:ee:2b:38:27:23:5d:a1:e0:
                    df:e9:8f:56:86:e4:68:b5:1e:7c:4f:2f:d4:e6:90:
                    2d:e5:5d:b8:0b:5f:66:71:13:0a:a1:6a:c6:5e:08:
                    99:de:e9:f4:95:95:7e:29:bd:70:b4:f9:82:d8:4b:
                    5b:69:48:37:4f:79:7e:8d:87:83:5a:a5:a7:3d:84:
                    f8:42:8a:d0:65:d9:89:e9:92:75:df:5c:a5:19:39:
                    04:4b:7a:03:27:31:75:3f:45:10:08:8d:fa:f9:51:
                    a9:57:00:7f:5b:97:62:45:3a:79:47:b8:a8:7b:d0:
                    b2:71:d0:90:ca:1b:1c:a3:96:79:af:24:b1:4e:6d:
                    62:c9:36:90:91:a8:99:31:c4:9d:22:bd:0e:11:de:
                    f0:c2:1f:bb:81:79:eb:05:36:f1:eb:85:d5:c5:18:
                    8c:cc:88:2c:f7:02:88:1e:db:71:41:1e:4a:5b:36:
                    bc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:0A:B9:C8:87:B3:E9:F0:15:67:AC:52:59:2C:0A:F6:33:B9:0E:9C
            X509v3 Authority Key Identifier:
                keyid:33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:2d:8d:b4:56:73:8b:f9:67:63:71:ec:85:5a:f5:ef:80:f4:
         53:8f:d7:5b:14:cd:0e:6e:8b:5f:15:e7:f5:41:f8:71:dd:14:
         ba:cf:65:0e:7d:8e:78:b5:99:28:7c:8f:77:a6:15:01:3b:73:
         72:a8:d3:03:5f:70:ad:b8:2a:07:55:6b:80:66:f3:32:8c:e9:
         70:e1:31:f0:66:f4:9a:db:fb:ba:0d:4f:4f:96:8e:8e:7f:35:
         16:60:3b:82:e3:af:aa:2d:a8:9d:34:ec:50:a4:0e:30:f5:6d:
         0c:03:31:b5:57:b8:6f:63:a1:92:49:47:4c:08:e1:dd:1d:df:
         6a:60:49:88:c0:d8:53:64:da:fb:7e:3f:50:a7:62:75:8c:e3:
         8c:68:43:ad:fa:18:a8:7a:db:b2:17:8c:a1:48:2f:91:4d:c0:
         30:c2:92:dc:56:f7:87:d3:1c:fa:f9:0c:ab:39:e3:87:fd:3c:
         7d:f8:e8:a8:e9:cb:a9:b1:cb:ec:e3:47:bd:cf:bd:d2:d4:3a:
         52:48:b5:ad:52:98:16:22:19:0b:bd:56:38:84:56:d1:a6:27:
         42:07:45:c8:57:e0:3e:62:f7:15:19:88:47:bb:d0:24:3a:13:
         ef:c6:39:5f:16:4f:d5:fd:5e:0b:91:e5:95:8e:db:28:ca:39:
         67:ba:e7:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZSQEMbjlAQ7KVyg0Pi1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzODYwYzgzNzIyMTk5MDcwOWNmNWFlYTI5ZGI4MTY4OTUz
ZTdkZTAwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
EyhkZTBhYjljODg3YjNlOWYwMTU2N2FjNTI1OTJjMGFmNjMzYjkwZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMGBcpVb9rnaXJATi4Bb9y6dumVD
jiKUgb8nV37AQb8HD+uVN2GfiRC6Qci76o0hMhWOp6m4Z7ntAJ67BwRQYovibg9r
kLyKUj5/H0wSwNJZ7is4JyNdoeDf6Y9WhuRotR58Ty/U5pAt5V24C19mcRMKoWrG
XgiZ3un0lZV+Kb1wtPmC2EtbaUg3T3l+jYeDWqWnPYT4QorQZdmJ6ZJ131ylGTkE
S3oDJzF1P0UQCI36+VGpVwB/W5diRTp5R7ioe9CycdCQyhsco5Z5rySxTm1iyTaQ
kaiZMcSdIr0OEd7wwh+7gXnrBTbx64XVxRiMzIgs9wKIHttxQR5KWza8RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4KuciHs+nwFWesUlksCvYzuQ6cMB8GA1UdIwQY
MBaAFDOGDINyIZkHCc9a6inbgWiVPn3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYt
YjgyZTUzMDEwNTk3LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYtYjgyZTUzMDEwNTk3
LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtC2NtFZz
i/lnY3HshVr174D0U4/XWxTNDm6LXxXn9UH4cd0Uus9lDn2OeLWZKHyPd6YVATtz
cqjTA19wrbgqB1VrgGbzMozpcOEx8Gb0mtv7ug1PT5aOjn81FmA7guOvqi2onTTs
UKQOMPVtDAMxtVe4b2OhkklHTAjh3R3famBJiMDYU2Ta+34/UKdidYzjjGhDrfoY
qHrbsheMoUgvkU3AMMKS3Fb3h9Mc+vkMqznjh/08ffjoqOnLqbHL7ONHvc+90tQ6
Uki1rVKYFiIZC71WOIRW0aYnQgdFyFfgPmL3FRmIR7vQJDoT78Y5XxZP1f1eC5Hl
lY7bKMo5Z7rn1w==
-----END CERTIFICATE-----