Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
File:                     jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft (raw, json)
Hash identifier:          7SJM0FRc4CNeG7jLNOFkCojvWJbhYOstvTxqhZL2ryA=
Subject key identifier:   AE:50:96:05:72:BF:1F:67:28:CC:D9:3B:21:7A:34:D6:50:70:25:57
Authority key identifier: 8C:1E:72:0F:D7:5D:D6:01:34:5B:98:76:AE:A7:F9:1A:B4:46:D4:7F
Certificate issuer:       /CN=8c1e720fd75dd601345b9876aea7f91ab446d47f
Certificate serial:       019A71B86EF6B4A86C47A13B9DECC79B2667
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
Manifest number:          0B10
Signing time:             Tue 11 Nov 2025 07:01:43 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:43 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:43 +0000
Files and hashes:         1: jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl (hash: KJUh21eHVIx0qsBGbIQ49Id+UYGGjlJdvO7Z/UbB694=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:6e:f6:b4:a8:6c:47:a1:3b:9d:ec:c7:9b:26:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c1e720fd75dd601345b9876aea7f91ab446d47f
        Validity
            Not Before: Nov 11 07:01:43 2025 GMT
            Not After : Nov 12 07:01:43 2025 GMT
        Subject: CN=ae50960572bf1f6728ccd93b217a34d650702557
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e7:16:3d:d3:f7:25:36:2b:b3:40:af:48:03:
                    c3:6c:b2:3a:54:f3:02:50:52:bb:14:5f:91:7f:2e:
                    d9:c3:45:26:c1:a2:28:31:90:ad:f0:c6:f7:55:ae:
                    d6:14:7f:9c:0c:f8:fc:9e:17:3b:e8:da:82:2e:04:
                    08:16:39:08:a8:42:7d:ca:6d:dc:0f:d3:bb:2c:9f:
                    b9:f9:d8:44:4a:d9:30:13:51:09:6b:65:00:30:b5:
                    dc:42:bf:0d:f5:b0:66:24:0f:d3:06:8c:d6:3e:e3:
                    03:d4:0e:94:23:c4:fe:d3:90:1e:0e:1f:81:30:e1:
                    68:eb:dd:76:00:24:77:40:1e:1c:e9:74:8d:ee:cb:
                    f1:16:c9:73:33:9d:7d:f1:1d:bf:9f:1f:1b:95:9d:
                    93:f0:8f:6a:4e:9c:57:a9:2e:db:01:a5:cd:43:a8:
                    7c:2b:2d:a8:dc:58:c6:d0:36:a6:1a:f8:33:ee:1f:
                    45:8a:73:e4:c6:fa:65:a1:5e:b3:1a:04:45:75:8e:
                    fa:77:0a:c1:0f:18:43:88:bf:da:d2:6d:5c:03:06:
                    f7:0b:dc:79:52:68:f6:a5:7f:46:db:62:07:4f:8c:
                    f4:c5:d5:57:7d:e4:8c:14:cc:de:86:d4:58:97:a9:
                    fa:84:05:6f:8f:b4:97:48:13:95:9f:a8:79:43:09:
                    35:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:50:96:05:72:BF:1F:67:28:CC:D9:3B:21:7A:34:D6:50:70:25:57
            X509v3 Authority Key Identifier:
                keyid:8C:1E:72:0F:D7:5D:D6:01:34:5B:98:76:AE:A7:F9:1A:B4:46:D4:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jB5yD9dd1gE0W5h2rqf5GrRG1H8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4c2ebc-d795-4610-82ef-491fe7acc1a9/1/jB5yD9dd1gE0W5h2rqf5GrRG1H8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:34:ed:62:1a:ff:96:04:7b:68:ca:82:7d:fc:8d:86:e5:22:
         9c:96:ce:2f:44:82:99:e3:da:92:2b:4a:7c:f7:59:0e:4d:64:
         18:fa:b6:f9:f6:10:14:be:9a:cc:8d:67:78:90:87:5a:33:76:
         6b:7f:70:a4:ea:33:a4:be:55:f3:ba:40:fb:80:51:e7:5e:17:
         6c:14:68:c3:06:82:08:c1:95:ca:c8:9e:2e:75:5d:4a:35:6a:
         db:03:09:cf:f3:fe:fa:fc:9c:cd:ed:c8:7c:ba:5c:75:43:30:
         0d:ed:f2:a1:92:b9:59:2b:8d:b9:a5:f3:c2:e2:3c:ef:e2:d5:
         ca:76:fc:c6:e9:62:80:1e:84:5b:c2:a6:ae:20:ae:af:c5:74:
         46:99:f4:4e:ec:f2:d7:e0:45:23:19:62:fd:61:75:fd:c9:4f:
         89:7c:d2:9e:d8:2f:e8:4d:49:0a:6a:96:b1:3c:ad:bd:28:19:
         9c:a5:ef:81:1a:98:31:bb:08:0c:c1:ac:ce:57:a4:b6:83:4f:
         e4:59:0e:30:8e:8b:80:b2:11:6d:ea:67:be:35:59:7b:d6:0c:
         c9:61:fd:a0:27:49:c4:01:a6:bb:6f:16:b7:7d:db:40:b0:0b:
         a5:3d:4a:29:90:60:98:cb:72:d9:2b:b6:d2:b5:ed:47:a5:1c:
         30:12:0c:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuG72tKhsR6E7nezHmyZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMWU3MjBmZDc1ZGQ2MDEzNDViOTg3NmFlYTdmOTFhYjQ0
NmQ0N2YwHhcNMjUxMTExMDcwMTQzWhcNMjUxMTEyMDcwMTQzWjAzMTEwLwYDVQQD
EyhhZTUwOTYwNTcyYmYxZjY3MjhjY2Q5M2IyMTdhMzRkNjUwNzAyNTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+cWPdP3JTYrs0CvSAPDbLI6VPMC
UFK7FF+Rfy7Zw0UmwaIoMZCt8Mb3Va7WFH+cDPj8nhc76NqCLgQIFjkIqEJ9ym3c
D9O7LJ+5+dhEStkwE1EJa2UAMLXcQr8N9bBmJA/TBozWPuMD1A6UI8T+05AeDh+B
MOFo6912ACR3QB4c6XSN7svxFslzM5198R2/nx8blZ2T8I9qTpxXqS7bAaXNQ6h8
Ky2o3FjG0DamGvgz7h9FinPkxvploV6zGgRFdY76dwrBDxhDiL/a0m1cAwb3C9x5
Umj2pX9G22IHT4z0xdVXfeSMFMzehtRYl6n6hAVvj7SXSBOVn6h5Qwk19wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5QlgVyvx9nKMzZOyF6NNZQcCVXMB8GA1UdIwQY
MBaAFIwecg/XXdYBNFuYdq6n+Rq0RtR/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YzJlYmMtZDc5NS00NjEwLTgyZWYt
NDkxZmU3YWNjMWE5LzEvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YzJlYmMtZDc5NS00NjEwLTgyZWYtNDkxZmU3YWNjMWE5
LzEvakI1eUQ5ZGQxZ0UwVzVoMnJxZjVHclJHMUg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjTTtYhr/
lgR7aMqCffyNhuUinJbOL0SCmePakitKfPdZDk1kGPq2+fYQFL6azI1neJCHWjN2
a39wpOozpL5V87pA+4BR514XbBRowwaCCMGVysieLnVdSjVq2wMJz/P++vycze3I
fLpcdUMwDe3yoZK5WSuNuaXzwuI87+LVynb8xuligB6EW8KmriCur8V0Rpn0Tuzy
1+BFIxli/WF1/clPiXzSntgv6E1JCmqWsTytvSgZnKXvgRqYMbsIDMGszlektoNP
5FkOMI6LgLIRbepnvjVZe9YMyWH9oCdJxAGmu28Wt33bQLALpT1KKZBgmMty2Su2
0rXtR6UcMBIMRQ==
-----END CERTIFICATE-----