Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          p6pJpg9G0U3U2f4j/NtmUQyikWdUc/PjneSXnd6dQ4c=
Subject key identifier:   F1:8E:8F:FF:79:71:24:05:4A:83:62:C2:0C:B0:D8:49:00:58:81:5A
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       019A73013FB55F813A31D18F48B7B6E94780
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          0577
Signing time:             Tue 11 Nov 2025 13:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 13:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 13:00:52 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: 45ei7a2S3YTO/u6YyjynR1nxW0HkYtW8aKhcinqvG/E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:3f:b5:5f:81:3a:31:d1:8f:48:b7:b6:e9:47:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: Nov 11 13:00:52 2025 GMT
            Not After : Nov 12 13:00:52 2025 GMT
        Subject: CN=f18e8fff797124054a8362c20cb0d8490058815a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:99:15:0e:2f:15:9b:1e:90:46:7b:53:be:05:
                    ad:b8:ce:27:00:cc:7c:e0:4e:e6:67:6c:d5:19:04:
                    4f:bb:81:c2:88:64:32:07:ab:d3:0d:c4:86:12:f7:
                    1e:48:f2:da:2d:3c:42:bc:30:bc:44:b3:2c:43:1d:
                    ee:59:36:0c:e6:65:2e:de:2d:e9:f0:e7:2d:d6:32:
                    fe:d9:79:c3:15:a5:64:9d:2e:41:84:e7:a3:46:a1:
                    c0:5f:a1:16:a1:a8:da:89:6b:e1:38:b8:9a:02:8d:
                    32:96:70:eb:cc:8b:0b:7a:be:74:40:89:c1:4a:81:
                    99:5e:e3:df:6e:63:c8:64:54:69:f2:be:8f:04:3c:
                    b0:19:73:ad:48:26:fe:90:c7:49:7d:eb:22:02:af:
                    8a:74:1f:c5:f0:90:a0:06:21:17:c5:a4:52:72:ee:
                    29:a6:53:0e:b7:16:7e:76:36:8d:cf:8d:c7:25:48:
                    27:55:99:8c:18:4d:84:b7:a8:f2:66:21:0c:73:c2:
                    73:ae:28:c1:05:26:83:e8:9c:f2:cf:69:52:ca:bb:
                    7a:c1:53:20:b9:95:7c:0f:56:00:1b:a0:d4:7a:a5:
                    0f:78:fd:8a:44:ba:e5:70:85:d3:f1:c2:99:58:b5:
                    ae:04:d6:fc:f6:9e:d2:40:2e:23:c0:9c:fb:45:73:
                    6a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:8E:8F:FF:79:71:24:05:4A:83:62:C2:0C:B0:D8:49:00:58:81:5A
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:8e:90:03:19:ef:68:89:bd:09:d0:22:73:93:20:64:60:de:
         3f:2a:7d:65:6a:90:b9:98:66:a3:b8:25:b8:9b:56:f8:13:2a:
         32:3e:47:79:76:6c:de:35:1c:08:30:c0:42:3d:83:07:d1:2a:
         80:40:00:f7:8b:83:e0:2e:d2:0f:71:9f:27:29:8f:e6:69:83:
         33:af:85:dd:34:cc:55:94:60:1b:7e:ac:5a:55:8e:89:d3:4e:
         49:b6:57:1d:35:dd:a6:42:31:bb:3c:8b:fb:89:37:2b:cd:0d:
         ac:d3:5f:ff:88:a1:d1:ff:ed:e6:02:a3:7e:da:f9:e9:f7:06:
         29:28:9a:02:55:d8:a8:e1:26:26:f8:74:db:f6:95:e4:f7:06:
         91:9e:5c:bd:8d:fe:a2:95:60:8c:04:3c:55:32:78:0a:14:e3:
         50:9a:30:23:5f:1c:cf:0f:83:39:ad:1e:b0:84:60:cf:3d:44:
         96:a6:22:ed:69:93:f0:40:05:17:a8:7d:a6:8b:2b:89:7f:3c:
         33:56:e6:76:54:ba:0b:ac:a7:11:e7:d8:2f:36:f2:74:df:d5:
         2f:00:a1:cd:ed:6b:9a:f6:30:60:0a:b5:90:89:01:b6:20:b9:
         52:ce:63:1b:a1:6d:e9:2a:36:36:ff:34:75:8d:38:c2:12:7f:
         ce:85:24:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAT+1X4E6MdGPSLe26UeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjUxMTExMTMwMDUyWhcNMjUxMTEyMTMwMDUyWjAzMTEwLwYDVQQD
EyhmMThlOGZmZjc5NzEyNDA1NGE4MzYyYzIwY2IwZDg0OTAwNTg4MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppkVDi8Vmx6QRntTvgWtuM4nAMx8
4E7mZ2zVGQRPu4HCiGQyB6vTDcSGEvceSPLaLTxCvDC8RLMsQx3uWTYM5mUu3i3p
8Oct1jL+2XnDFaVknS5BhOejRqHAX6EWoajaiWvhOLiaAo0ylnDrzIsLer50QInB
SoGZXuPfbmPIZFRp8r6PBDywGXOtSCb+kMdJfesiAq+KdB/F8JCgBiEXxaRScu4p
plMOtxZ+djaNz43HJUgnVZmMGE2Et6jyZiEMc8JzrijBBSaD6Jzyz2lSyrt6wVMg
uZV8D1YAG6DUeqUPeP2KRLrlcIXT8cKZWLWuBNb89p7SQC4jwJz7RXNqLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGOj/95cSQFSoNiwgyw2EkAWIFaMB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK46QAxnv
aIm9CdAic5MgZGDePyp9ZWqQuZhmo7gluJtW+BMqMj5HeXZs3jUcCDDAQj2DB9Eq
gEAA94uD4C7SD3GfJymP5mmDM6+F3TTMVZRgG36sWlWOidNOSbZXHTXdpkIxuzyL
+4k3K80NrNNf/4ih0f/t5gKjftr56fcGKSiaAlXYqOEmJvh02/aV5PcGkZ5cvY3+
opVgjAQ8VTJ4ChTjUJowI18czw+DOa0esIRgzz1ElqYi7WmT8EAFF6h9posriX88
M1bmdlS6C6ynEefYLzbydN/VLwChze1rmvYwYAq1kIkBtiC5Us5jG6Ft6So2Nv80
dY04whJ/zoUkgQ==
-----END CERTIFICATE-----