Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft
File:                     gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft (raw, json)
Hash identifier:          Il74WwSqtBVB2Xzn6oK8Z/E79fI9NMz/eN8d+F0mzb4=
Subject key identifier:   48:6E:07:5D:D5:F8:71:13:61:83:39:5C:BB:CB:B0:FE:08:57:29:D2
Authority key identifier: 80:7C:5A:7B:04:1D:DE:40:EF:4A:35:9E:EB:21:99:D4:5A:33:D1:D3
Certificate issuer:       /CN=807c5a7b041dde40ef4a359eeb2199d45a33d1d3
Certificate serial:       019A711352938010C15EE5851C1432D704A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gHxaewQd3kDvSjWe6yGZ1Foz0dM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft
Manifest number:          03
Signing time:             Tue 11 Nov 2025 04:01:22 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:22 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:22 +0000
Files and hashes:         1: gHxaewQd3kDvSjWe6yGZ1Foz0dM.crl (hash: zUl7ljdTnrgwcgvBMguey2awbX+zZJBawZjOdbOH0Kg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gHxaewQd3kDvSjWe6yGZ1Foz0dM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:52:93:80:10:c1:5e:e5:85:1c:14:32:d7:04:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=807c5a7b041dde40ef4a359eeb2199d45a33d1d3
        Validity
            Not Before: Nov 11 04:01:22 2025 GMT
            Not After : Nov 12 04:01:22 2025 GMT
        Subject: CN=486e075dd5f871136183395cbbcbb0fe085729d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d2:b9:44:4c:14:ed:3e:e1:d5:42:9b:d1:cd:
                    3c:c9:bb:3c:bb:ad:f4:24:47:a1:a2:22:6c:e2:f6:
                    ab:a7:0f:e9:55:b1:40:ad:ac:ea:d4:4d:a0:0d:df:
                    ab:26:fa:6b:21:33:d4:b3:3f:15:a7:a0:c6:a5:63:
                    fa:2b:2d:fd:e1:a2:45:ed:59:08:b4:34:ea:c2:7d:
                    2f:b0:17:8c:4c:c9:99:aa:ab:f0:44:90:40:27:b6:
                    49:63:51:28:ea:7a:2a:c9:7e:2f:06:19:e0:74:5b:
                    35:eb:48:28:2b:06:4d:ab:fb:8a:61:31:5b:6a:1d:
                    6c:2b:b1:3b:de:a9:44:c7:c8:06:db:50:f2:58:db:
                    e3:83:ab:39:5a:90:23:e9:42:87:0c:3a:c2:05:5f:
                    76:38:a2:ea:97:a7:ba:8d:7c:48:69:a0:ba:16:15:
                    5f:fa:fa:70:ac:56:ee:ac:e8:a7:7d:3c:28:49:1c:
                    a1:4b:6f:80:31:d4:39:4d:21:f2:dc:e9:7b:3b:83:
                    9c:3d:38:4f:24:1f:fa:7a:d5:5f:31:a8:bd:5d:23:
                    7f:d8:6b:a7:56:09:da:5c:51:54:cb:1b:36:38:9f:
                    c5:66:29:cc:1c:f2:9a:9d:14:c7:09:f2:20:1c:7f:
                    64:34:6a:b1:d9:55:8a:f2:ba:bd:00:26:06:36:69:
                    80:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:6E:07:5D:D5:F8:71:13:61:83:39:5C:BB:CB:B0:FE:08:57:29:D2
            X509v3 Authority Key Identifier:
                keyid:80:7C:5A:7B:04:1D:DE:40:EF:4A:35:9E:EB:21:99:D4:5A:33:D1:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHxaewQd3kDvSjWe6yGZ1Foz0dM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:f1:6e:d8:30:7f:41:0a:23:78:19:86:c8:9f:18:f3:57:09:
         fa:ba:4e:2d:e7:d5:d9:3d:ab:e6:cf:71:37:b7:1c:13:4d:1d:
         be:d4:fd:b1:69:fd:4f:76:5f:52:74:ed:0a:ff:e0:49:71:38:
         48:3b:24:0d:cb:8c:29:91:61:9b:89:a8:9f:60:64:72:4d:85:
         66:6d:fa:06:27:f4:79:2f:21:e2:90:a1:27:aa:11:11:81:ff:
         a6:52:f6:3d:ed:d5:fc:16:27:1c:33:9d:7f:fb:0d:27:07:18:
         84:7b:e9:d0:bd:ff:24:3f:3b:c9:b6:fa:a8:a1:ed:a8:fd:6a:
         ec:dc:38:6e:34:cb:a9:77:f6:49:85:27:f4:99:69:df:12:43:
         51:f2:72:9a:d6:aa:d1:3f:25:ec:a5:15:8f:a0:8c:77:0e:70:
         b0:da:b0:06:39:3a:c9:53:40:93:90:4e:71:22:72:16:d2:3b:
         3d:89:95:46:35:75:49:0e:cf:14:52:ad:1a:be:0c:0b:a5:38:
         93:e1:2d:1d:7c:1f:0b:3d:1a:1a:a2:b4:70:b0:a3:ef:4a:5c:
         fa:81:8f:24:d9:f4:7f:dc:32:b1:18:35:ec:ef:f5:34:bc:44:
         93:1d:21:9b:e4:7e:25:51:cd:8b:70:8d:77:89:74:3d:ba:41:
         a6:b3:d1:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1KTgBDBXuWFHBQy1wSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwN2M1YTdiMDQxZGRlNDBlZjRhMzU5ZWViMjE5OWQ0NWEz
M2QxZDMwHhcNMjUxMTExMDQwMTIyWhcNMjUxMTEyMDQwMTIyWjAzMTEwLwYDVQQD
Eyg0ODZlMDc1ZGQ1Zjg3MTEzNjE4MzM5NWNiYmNiYjBmZTA4NTcyOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdK5REwU7T7h1UKb0c08ybs8u630
JEehoiJs4varpw/pVbFArazq1E2gDd+rJvprITPUsz8Vp6DGpWP6Ky394aJF7VkI
tDTqwn0vsBeMTMmZqqvwRJBAJ7ZJY1Eo6noqyX4vBhngdFs160goKwZNq/uKYTFb
ah1sK7E73qlEx8gG21DyWNvjg6s5WpAj6UKHDDrCBV92OKLql6e6jXxIaaC6FhVf
+vpwrFburOinfTwoSRyhS2+AMdQ5TSHy3Ol7O4OcPThPJB/6etVfMai9XSN/2Gun
VgnaXFFUyxs2OJ/FZinMHPKanRTHCfIgHH9kNGqx2VWK8rq9ACYGNmmASQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhuB13V+HETYYM5XLvLsP4IVynSMB8GA1UdIwQY
MBaAFIB8WnsEHd5A70o1nushmdRaM9HTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0h4YWV3UWQza0R2U2pXZTZ5R1oxRm96MGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy82Y2ZjNTktNDU5NS00YmQzLThhMjIt
MDk2MTlmZTY0ZDczLzEvZ0h4YWV3UWQza0R2U2pXZTZ5R1oxRm96MGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy82Y2ZjNTktNDU5NS00YmQzLThhMjItMDk2MTlmZTY0ZDcz
LzEvZ0h4YWV3UWQza0R2U2pXZTZ5R1oxRm96MGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADPFu2DB/
QQojeBmGyJ8Y81cJ+rpOLefV2T2r5s9xN7ccE00dvtT9sWn9T3ZfUnTtCv/gSXE4
SDskDcuMKZFhm4mon2Bkck2FZm36Bif0eS8h4pChJ6oREYH/plL2Pe3V/BYnHDOd
f/sNJwcYhHvp0L3/JD87ybb6qKHtqP1q7Nw4bjTLqXf2SYUn9Jlp3xJDUfJymtaq
0T8l7KUVj6CMdw5wsNqwBjk6yVNAk5BOcSJyFtI7PYmVRjV1SQ7PFFKtGr4MC6U4
k+EtHXwfCz0aGqK0cLCj70pc+oGPJNn0f9wysRg17O/1NLxEkx0hm+R+JVHNi3CN
d4l0PbpBprPRsA==
-----END CERTIFICATE-----