Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          GJPXPThrMV0492PC2u025gstnYLBNcRUrk9oeJ3C0d8=
Subject key identifier:   49:21:95:ED:66:FE:5F:17:14:22:5F:89:E2:48:0B:F7:B6:33:7B:84
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       019A71499E0A00E15B46679BDD23B7608898
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          05F8
Signing time:             Tue 11 Nov 2025 05:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 05:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 05:00:41 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: oAj3sMmwBVqw2Zpzay+xAfYrfuHZfYJKj96AZljfVCo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:9e:0a:00:e1:5b:46:67:9b:dd:23:b7:60:88:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Nov 11 05:00:41 2025 GMT
            Not After : Nov 12 05:00:41 2025 GMT
        Subject: CN=492195ed66fe5f1714225f89e2480bf7b6337b84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:30:66:51:24:80:07:72:6f:10:a6:a6:bf:93:
                    36:97:51:14:66:fb:10:bb:19:bf:29:ff:80:0a:61:
                    f4:20:51:fb:97:5e:03:f6:7b:b5:58:db:b4:13:d0:
                    83:ba:f7:a8:a8:0c:82:19:81:d4:ac:4f:9a:30:20:
                    ae:b1:dc:55:fb:c1:d0:df:7f:c6:03:55:2c:7c:fa:
                    02:64:c2:83:c0:e7:a3:7e:3e:88:e8:e6:ca:9e:67:
                    48:d5:28:5c:aa:12:0c:f3:88:f7:b5:dc:cb:4b:48:
                    14:0c:e9:78:70:27:9c:33:a9:b3:fa:8c:1e:be:3d:
                    c6:3f:7d:65:d6:1e:e7:2e:3b:b4:c7:01:0d:4c:b4:
                    a6:e5:17:90:bd:ae:bf:e6:c1:ee:36:24:0a:fb:34:
                    0f:d1:cf:a3:7e:75:e7:93:7f:5c:b1:8b:2a:71:06:
                    f7:e1:37:dc:5a:3b:83:a8:f8:72:a7:89:27:a7:6e:
                    cb:9b:83:05:cf:57:cb:b0:20:27:48:57:a7:44:f1:
                    48:63:7b:2d:25:21:6d:d3:8e:7f:2e:aa:4c:cd:c3:
                    45:f3:ca:07:9d:60:b0:42:9d:bb:0f:b4:81:95:b2:
                    f1:96:6b:14:bf:ad:c9:cf:41:94:70:64:22:99:06:
                    a3:0b:8b:c2:3d:22:78:3c:15:d8:95:bc:50:cb:44:
                    a5:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:21:95:ED:66:FE:5F:17:14:22:5F:89:E2:48:0B:F7:B6:33:7B:84
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:4c:f3:6d:44:e0:b3:f9:6b:40:36:78:cc:e0:de:fb:cf:61:
         81:d0:ec:a0:63:f3:0a:ba:78:9c:42:ea:82:ae:d1:95:8b:5a:
         94:83:72:23:f6:19:85:7f:19:4c:8e:39:dc:66:8a:d2:80:d0:
         d3:03:53:a0:41:4f:c0:25:b6:cc:f6:9b:10:48:36:8e:ec:09:
         2e:43:c2:e7:81:a9:f6:6d:91:b1:46:3c:54:94:4a:b6:b8:11:
         11:da:c6:8a:60:7d:07:46:ac:64:57:b9:ee:2f:2f:24:9d:6f:
         73:1c:9e:97:a9:ac:46:8f:0c:a0:58:90:1c:c7:82:d3:78:c5:
         53:56:ae:0c:cb:00:47:73:99:e2:b6:16:49:1b:18:db:7e:01:
         40:aa:bb:06:97:31:db:8e:52:9c:74:c3:fb:ff:37:34:64:95:
         ca:17:14:5e:95:79:72:02:90:53:99:9d:3e:43:db:69:25:71:
         c1:43:fe:02:a9:0b:1d:1e:e2:8b:ab:26:2a:c0:96:ac:95:50:
         66:99:b1:18:6a:c6:ec:fd:ce:aa:3e:4f:e1:6f:34:d6:43:86:
         c3:65:a7:2d:5c:da:b1:3b:06:c0:c9:3f:16:d4:f8:25:68:ef:
         f9:2c:e5:35:7b:fe:ba:15:a7:4c:df:20:1e:d9:e6:f0:92:34:
         66:64:55:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSZ4KAOFbRmeb3SO3YIiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjUxMTExMDUwMDQxWhcNMjUxMTEyMDUwMDQxWjAzMTEwLwYDVQQD
Eyg0OTIxOTVlZDY2ZmU1ZjE3MTQyMjVmODllMjQ4MGJmN2I2MzM3Yjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zBmUSSAB3JvEKamv5M2l1EUZvsQ
uxm/Kf+ACmH0IFH7l14D9nu1WNu0E9CDuveoqAyCGYHUrE+aMCCusdxV+8HQ33/G
A1UsfPoCZMKDwOejfj6I6ObKnmdI1ShcqhIM84j3tdzLS0gUDOl4cCecM6mz+owe
vj3GP31l1h7nLju0xwENTLSm5ReQva6/5sHuNiQK+zQP0c+jfnXnk39csYsqcQb3
4TfcWjuDqPhyp4knp27Lm4MFz1fLsCAnSFenRPFIY3stJSFt045/LqpMzcNF88oH
nWCwQp27D7SBlbLxlmsUv63Jz0GUcGQimQajC4vCPSJ4PBXYlbxQy0Sl1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkhle1m/l8XFCJfieJIC/e2M3uEMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnEzzbUTg
s/lrQDZ4zODe+89hgdDsoGPzCrp4nELqgq7RlYtalINyI/YZhX8ZTI453GaK0oDQ
0wNToEFPwCW2zPabEEg2juwJLkPC54Gp9m2RsUY8VJRKtrgREdrGimB9B0asZFe5
7i8vJJ1vcxyel6msRo8MoFiQHMeC03jFU1auDMsAR3OZ4rYWSRsY234BQKq7Bpcx
245SnHTD+/83NGSVyhcUXpV5cgKQU5mdPkPbaSVxwUP+AqkLHR7ii6smKsCWrJVQ
ZpmxGGrG7P3Oqj5P4W801kOGw2WnLVzasTsGwMk/FtT4JWjv+SzlNXv+uhWnTN8g
Htnm8JI0ZmRVPg==
-----END CERTIFICATE-----