Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6037a5-5640-4b41-92e9-f6f2546bc60e/1/pHFXAbAK3kiVo5p2oNgQDsleq-M.mft
File:                     pHFXAbAK3kiVo5p2oNgQDsleq-M.mft (raw, json)
Hash identifier:          D+IJvD6CSPMbpnOlDGbr0GxH0V2+M0RRBYEU8d2z57E=
Subject key identifier:   DD:F3:89:93:D6:4D:DD:23:E2:C2:C9:7C:57:B7:BB:DD:CB:72:FE:89
Authority key identifier: A4:71:57:01:B0:0A:DE:48:95:A3:9A:76:A0:D8:10:0E:C9:5E:AB:E3
Certificate issuer:       /CN=a4715701b00ade4895a39a76a0d8100ec95eabe3
Certificate serial:       019A714A1F3BE6CF20C5636EAC331DC3D67A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pHFXAbAK3kiVo5p2oNgQDsleq-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6037a5-5640-4b41-92e9-f6f2546bc60e/1/pHFXAbAK3kiVo5p2oNgQDsleq-M.mft
Manifest number:          0370
Signing time:             Tue 11 Nov 2025 05:01:14 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:14 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:14 +0000
Files and hashes:         1: pHFXAbAK3kiVo5p2oNgQDsleq-M.crl (hash: xEVggYAtj/hQSiUluVDRgTPoJQfAWLP7EEgdq0Iey38=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/6037a5-5640-4b41-92e9-f6f2546bc60e/1/pHFXAbAK3kiVo5p2oNgQDsleq-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/6037a5-5640-4b41-92e9-f6f2546bc60e/1/pHFXAbAK3kiVo5p2oNgQDsleq-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pHFXAbAK3kiVo5p2oNgQDsleq-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:4a:1f:3b:e6:cf:20:c5:63:6e:ac:33:1d:c3:d6:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4715701b00ade4895a39a76a0d8100ec95eabe3
        Validity
            Not Before: Nov 11 05:01:14 2025 GMT
            Not After : Nov 12 05:01:14 2025 GMT
        Subject: CN=ddf38993d64ddd23e2c2c97c57b7bbddcb72fe89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:14:c3:cf:f8:ca:ca:c0:a8:3f:9b:9d:b5:8d:
                    a7:db:15:0a:33:13:f7:ab:7c:c2:13:a1:be:74:98:
                    42:01:00:08:c2:90:84:80:b4:3a:97:1e:33:b9:b6:
                    97:0f:a1:75:5d:f7:cd:b2:b8:cf:4a:ad:b9:42:9d:
                    ca:1b:40:6a:51:b2:05:a6:ba:2e:dd:fa:7b:a3:89:
                    43:33:11:81:a2:c6:48:0f:6c:fe:67:df:ae:03:8d:
                    0a:15:bb:86:f8:93:cd:e9:81:bb:e6:4a:a1:cc:f3:
                    99:24:cc:86:d2:72:f9:43:3e:25:c8:d0:d8:58:03:
                    77:d6:80:7e:ed:39:bc:da:26:d3:68:d8:41:35:6d:
                    25:fa:1c:91:49:34:0e:bc:54:4c:28:f4:91:78:4a:
                    6d:18:55:20:d1:a2:0d:4a:91:4d:9b:3e:08:c3:05:
                    45:37:47:14:5c:db:8e:7d:0f:7b:73:7a:18:87:c8:
                    92:bd:ef:4c:37:23:07:4e:63:b2:59:d1:a1:e2:ac:
                    fb:d1:77:dd:63:75:30:cf:0c:78:ca:a0:f9:80:da:
                    af:30:42:d8:6d:39:52:a9:ca:5b:66:5b:54:9a:e8:
                    0f:09:43:23:6a:f6:38:91:ea:39:36:1c:f2:56:7c:
                    12:0d:7a:86:71:ca:93:0e:ec:a4:dd:bd:87:d6:8f:
                    cc:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:F3:89:93:D6:4D:DD:23:E2:C2:C9:7C:57:B7:BB:DD:CB:72:FE:89
            X509v3 Authority Key Identifier:
                keyid:A4:71:57:01:B0:0A:DE:48:95:A3:9A:76:A0:D8:10:0E:C9:5E:AB:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHFXAbAK3kiVo5p2oNgQDsleq-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6037a5-5640-4b41-92e9-f6f2546bc60e/1/pHFXAbAK3kiVo5p2oNgQDsleq-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6037a5-5640-4b41-92e9-f6f2546bc60e/1/pHFXAbAK3kiVo5p2oNgQDsleq-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:36:c8:a4:45:17:38:12:40:68:8e:ea:a1:53:aa:20:eb:04:
         6a:33:16:e5:37:18:9c:d4:3d:f4:d9:25:ff:7a:94:33:e1:e9:
         de:3e:4b:a8:72:f9:a6:93:c9:61:2a:c6:27:08:cf:ba:a3:1c:
         c9:8a:49:55:02:d3:f3:0e:2b:e8:ac:9a:b2:17:4a:5d:ca:49:
         be:85:a4:2a:ac:51:59:a4:9a:4d:ec:55:d0:d8:53:df:7c:53:
         47:dc:91:f1:55:bd:09:49:b5:af:7f:41:05:aa:5f:11:15:0c:
         f6:a0:1f:94:59:36:05:1c:ba:4d:a5:43:bf:0c:cf:19:0b:db:
         49:b2:8f:0e:25:28:d8:9f:8c:fd:1b:10:0e:37:57:9f:af:0b:
         7a:91:3e:5a:55:22:72:ed:61:b8:06:bd:90:e3:fc:df:cd:7a:
         08:47:f2:46:77:45:d3:1d:5a:0d:c7:3a:ed:14:3c:e7:7b:7c:
         4f:31:81:73:59:f5:c8:f4:f6:14:19:d7:03:76:30:7e:ea:67:
         00:be:c6:eb:ff:14:24:af:97:cd:45:d4:e4:ab:98:95:4b:aa:
         b4:f1:37:f0:df:12:3e:5e:25:cb:06:c5:cc:d2:77:d7:da:58:
         81:1c:2f:b6:c1:3f:82:91:37:45:c8:ce:65:72:4f:30:d4:37:
         83:e4:cf:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSh875s8gxWNurDMdw9Z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NzE1NzAxYjAwYWRlNDg5NWEzOWE3NmEwZDgxMDBlYzk1
ZWFiZTMwHhcNMjUxMTExMDUwMTE0WhcNMjUxMTEyMDUwMTE0WjAzMTEwLwYDVQQD
EyhkZGYzODk5M2Q2NGRkZDIzZTJjMmM5N2M1N2I3YmJkZGNiNzJmZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hTDz/jKysCoP5udtY2n2xUKMxP3
q3zCE6G+dJhCAQAIwpCEgLQ6lx4zubaXD6F1XffNsrjPSq25Qp3KG0BqUbIFprou
3fp7o4lDMxGBosZID2z+Z9+uA40KFbuG+JPN6YG75kqhzPOZJMyG0nL5Qz4lyNDY
WAN31oB+7Tm82ibTaNhBNW0l+hyRSTQOvFRMKPSReEptGFUg0aINSpFNmz4IwwVF
N0cUXNuOfQ97c3oYh8iSve9MNyMHTmOyWdGh4qz70XfdY3Uwzwx4yqD5gNqvMELY
bTlSqcpbZltUmugPCUMjavY4keo5NhzyVnwSDXqGccqTDuyk3b2H1o/MOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3ziZPWTd0j4sLJfFe3u93Lcv6JMB8GA1UdIwQY
MBaAFKRxVwGwCt5IlaOadqDYEA7JXqvjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEhGWEFiQUsza2lWbzVwMm9OZ1FEc2xlcS1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82MDM3YTUtNTY0MC00YjQxLTkyZTkt
ZjZmMjU0NmJjNjBlLzEvcEhGWEFiQUsza2lWbzVwMm9OZ1FEc2xlcS1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82MDM3YTUtNTY0MC00YjQxLTkyZTktZjZmMjU0NmJjNjBl
LzEvcEhGWEFiQUsza2lWbzVwMm9OZ1FEc2xlcS1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAczbIpEUX
OBJAaI7qoVOqIOsEajMW5TcYnNQ99Nkl/3qUM+Hp3j5LqHL5ppPJYSrGJwjPuqMc
yYpJVQLT8w4r6KyashdKXcpJvoWkKqxRWaSaTexV0NhT33xTR9yR8VW9CUm1r39B
BapfERUM9qAflFk2BRy6TaVDvwzPGQvbSbKPDiUo2J+M/RsQDjdXn68LepE+WlUi
cu1huAa9kOP83816CEfyRndF0x1aDcc67RQ853t8TzGBc1n1yPT2FBnXA3Ywfupn
AL7G6/8UJK+XzUXU5KuYlUuqtPE38N8SPl4lywbFzNJ319pYgRwvtsE/gpE3RcjO
ZXJPMNQ3g+TPUA==
-----END CERTIFICATE-----