Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          IS/9WKWSwJ3tiZedP5geg+euZBgWxQIq8qOHIw0RC7g=
Subject key identifier:   65:45:5B:8B:95:A2:03:C1:C7:31:F0:62:DC:F0:2E:70:DF:CF:F8:22
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       019A729358F8A6BE763D976EFBA6B7FD7290
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          0437
Signing time:             Tue 11 Nov 2025 11:00:50 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:50 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:50 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: iRoXJXdZM3/H11l4ilBNg3YX/roeNNbvtyPY9PLxc+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:58:f8:a6:be:76:3d:97:6e:fb:a6:b7:fd:72:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Nov 11 11:00:50 2025 GMT
            Not After : Nov 12 11:00:50 2025 GMT
        Subject: CN=65455b8b95a203c1c731f062dcf02e70dfcff822
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:93:89:54:c1:fa:c3:49:55:0d:22:bc:e3:d1:
                    7d:f8:53:02:aa:6b:18:a9:4a:bc:75:07:56:08:bb:
                    d0:3b:00:0e:2e:e7:f6:c8:7b:e5:b8:45:4e:ce:4d:
                    56:c6:c7:a6:1b:be:ab:3b:31:e7:1f:d4:53:e4:28:
                    dd:2e:51:aa:7a:2f:93:f9:4a:78:e8:70:7a:03:07:
                    b2:c4:e7:d4:0d:13:32:46:0b:c7:3d:60:d5:9b:7b:
                    e8:80:cb:81:2f:e4:be:44:97:73:a5:f7:af:2d:97:
                    ce:d6:64:80:4b:42:39:1c:b0:96:11:64:e0:c8:4a:
                    d1:a4:0b:11:84:73:c8:a6:0c:59:63:8c:81:9f:fd:
                    40:71:4b:36:3d:16:d4:2c:1f:7a:14:2c:00:ad:eb:
                    04:02:88:bc:05:d8:2e:7a:69:b5:8c:bc:29:e1:26:
                    a5:85:cd:0f:12:85:cd:b5:7e:79:76:88:63:3c:5e:
                    dd:e7:ac:35:c6:76:56:94:d8:12:d4:77:17:6d:3d:
                    ff:72:35:53:4e:1d:1c:89:d3:09:87:64:01:30:67:
                    3d:a8:99:3b:81:1f:5b:e9:e3:f6:2e:6d:0f:42:43:
                    e9:e4:14:6e:1c:e7:cd:38:37:8f:5a:c8:88:88:7d:
                    70:e5:00:77:a5:55:a7:65:38:1a:a6:b8:2c:9d:3f:
                    8e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:45:5B:8B:95:A2:03:C1:C7:31:F0:62:DC:F0:2E:70:DF:CF:F8:22
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:ce:d7:6c:3e:fd:81:cc:26:e6:a7:aa:84:13:59:a7:c2:d9:
         27:52:da:8c:21:d7:2d:52:ea:16:1b:fa:3e:4a:cd:4a:c9:34:
         96:2c:3c:0d:7a:ef:21:23:b9:3f:ae:fe:31:4e:be:c3:66:81:
         b2:b3:55:90:27:8d:57:dc:07:e6:e8:ef:d6:99:5a:1d:bd:3a:
         c4:c5:0c:a7:20:ab:ea:11:51:f7:a4:77:fb:47:05:59:d0:fe:
         66:a2:f9:7a:43:a2:54:03:41:d9:0f:a3:1f:85:31:f8:82:42:
         86:e3:c4:b1:51:0c:f7:37:44:c5:76:42:38:d5:dd:8c:02:73:
         25:1e:cb:c2:9c:32:b9:68:6d:94:cf:c1:11:c2:a0:33:eb:b4:
         9e:80:0b:83:8f:f2:6a:32:4d:1f:e9:1d:23:d6:9a:66:08:57:
         aa:da:b8:4d:ac:f0:a7:0a:01:d2:f9:61:8b:27:a7:89:ca:6d:
         92:c0:95:4d:fc:e5:ff:e8:46:93:3d:5e:31:ed:9f:d0:15:fc:
         d7:30:50:7f:94:dd:8a:6f:66:c3:16:6f:7c:e7:01:f4:a0:b4:
         17:8d:88:78:c5:ed:bc:16:45:1b:6c:f9:83:a8:d2:68:43:cd:
         fa:55:eb:4d:a8:9a:50:56:a6:35:c5:0e:c0:05:62:1b:52:b2:
         97:22:1a:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk1j4pr52PZdu+6a3/XKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUxMTExMTEwMDUwWhcNMjUxMTEyMTEwMDUwWjAzMTEwLwYDVQQD
Eyg2NTQ1NWI4Yjk1YTIwM2MxYzczMWYwNjJkY2YwMmU3MGRmY2ZmODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJOJVMH6w0lVDSK849F9+FMCqmsY
qUq8dQdWCLvQOwAOLuf2yHvluEVOzk1WxsemG76rOzHnH9RT5CjdLlGqei+T+Up4
6HB6AweyxOfUDRMyRgvHPWDVm3vogMuBL+S+RJdzpfevLZfO1mSAS0I5HLCWEWTg
yErRpAsRhHPIpgxZY4yBn/1AcUs2PRbULB96FCwAresEAoi8Bdguemm1jLwp4Sal
hc0PEoXNtX55dohjPF7d56w1xnZWlNgS1HcXbT3/cjVTTh0cidMJh2QBMGc9qJk7
gR9b6eP2Lm0PQkPp5BRuHOfNODePWsiIiH1w5QB3pVWnZTgaprgsnT+OQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVFW4uVogPBxzHwYtzwLnDfz/giMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKs7XbD79
gcwm5qeqhBNZp8LZJ1LajCHXLVLqFhv6PkrNSsk0liw8DXrvISO5P67+MU6+w2aB
srNVkCeNV9wH5ujv1plaHb06xMUMpyCr6hFR96R3+0cFWdD+ZqL5ekOiVANB2Q+j
H4Ux+IJChuPEsVEM9zdExXZCONXdjAJzJR7LwpwyuWhtlM/BEcKgM+u0noALg4/y
ajJNH+kdI9aaZghXqtq4TazwpwoB0vlhiyenicptksCVTfzl/+hGkz1eMe2f0BX8
1zBQf5Tdim9mwxZvfOcB9KC0F42IeMXtvBZFG2z5g6jSaEPN+lXrTaiaUFamNcUO
wAViG1KylyIadg==
-----END CERTIFICATE-----