Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
File:                     1PhqmjxCnBvCbsBqOuTkF8p0394.mft (raw, json)
Hash identifier:          d4KoDzoVpxoCXWPX9yS3dEKCIwKXGRUtnUDxjpkFgyU=
Subject key identifier:   D9:D6:A1:E3:A0:2F:30:B6:91:64:07:AB:B5:09:84:C8:C5:03:0F:74
Authority key identifier: D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE
Certificate issuer:       /CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
Certificate serial:       019A7293B12BFD8EFF75942F16DAA82E24BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
Manifest number:          09A7
Signing time:             Tue 11 Nov 2025 11:01:12 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:12 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:12 +0000
Files and hashes:         1: 1PhqmjxCnBvCbsBqOuTkF8p0394.crl (hash: cCxDLBZzyAAALzOvpgwBacOUnj5QAcHVnFjouLOGfq8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:b1:2b:fd:8e:ff:75:94:2f:16:da:a8:2e:24:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
        Validity
            Not Before: Nov 11 11:01:12 2025 GMT
            Not After : Nov 12 11:01:12 2025 GMT
        Subject: CN=d9d6a1e3a02f30b6916407abb50984c8c5030f74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:85:a4:48:67:97:5c:a8:ff:c3:e4:34:31:89:
                    17:33:31:42:01:20:42:60:d1:37:26:55:b6:da:23:
                    f6:c6:47:3d:a2:2b:06:7a:51:40:27:b1:94:1b:a3:
                    c8:1a:41:d5:8e:bd:7c:c1:ec:e6:a8:45:79:82:d0:
                    d9:9e:e3:d1:77:cc:7d:05:da:d1:08:91:81:b3:d6:
                    1e:c3:1a:17:90:31:c7:49:84:bb:17:05:62:be:7c:
                    30:bb:ba:5c:52:d8:ea:69:5d:cf:ba:9b:ab:33:1b:
                    0a:d4:25:19:b4:94:21:76:46:75:d7:2a:4c:9e:1c:
                    18:cc:fd:c0:28:bb:53:5d:6f:0c:24:bb:37:3a:c1:
                    71:62:66:4a:fb:8f:f0:87:33:b4:6e:64:26:5f:ae:
                    fe:58:b1:4f:0b:a7:7c:72:41:c9:90:1e:7a:87:fc:
                    6b:d9:10:34:35:b8:ec:f3:90:ee:fb:8e:07:e3:d2:
                    76:66:15:88:2a:30:51:17:35:03:0f:68:83:5e:ff:
                    71:64:d9:65:73:7a:21:38:04:e8:62:58:93:4d:6b:
                    5b:53:d1:0e:96:d1:c3:ad:25:54:db:fc:bb:2c:bb:
                    55:cd:c5:93:03:a6:6f:33:23:94:2c:d4:0c:8b:7a:
                    95:41:5c:4c:04:6f:21:2d:2f:29:0a:a0:58:27:b8:
                    de:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:D6:A1:E3:A0:2F:30:B6:91:64:07:AB:B5:09:84:C8:C5:03:0F:74
            X509v3 Authority Key Identifier:
                keyid:D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:28:46:28:c3:8b:80:21:9a:87:24:60:b2:bc:40:3e:1a:f4:
         7c:81:73:4a:59:c1:5b:52:8e:3d:37:cd:2a:c9:89:3d:e6:78:
         c3:bf:8b:8c:1f:7e:11:40:43:cf:cc:58:03:1c:e8:f1:76:89:
         8c:16:cd:96:cf:6d:f6:0a:50:23:22:c5:3f:6a:c3:20:aa:17:
         5a:c1:07:02:f1:21:ca:24:d5:b5:5e:48:7d:ed:f1:ca:26:6a:
         89:bd:f6:1e:6a:41:37:3f:83:eb:85:f0:74:7c:e1:97:c5:31:
         ee:78:3e:16:6f:49:e5:31:7a:5f:02:cc:a1:13:15:5d:ae:8e:
         27:f6:e7:2f:ee:d6:da:07:5b:bf:2f:19:20:cf:cd:99:a0:26:
         98:ce:31:ba:85:92:ce:4b:62:b1:ba:64:6f:94:67:ec:72:fd:
         36:5c:2a:a4:fe:4d:41:92:e8:cf:ac:07:52:f5:c5:5e:9e:7c:
         21:dd:db:5e:f2:20:5a:f5:67:da:4d:9f:79:fe:eb:e7:a2:fc:
         2d:d1:2a:d0:37:f7:5a:f4:c0:f3:4c:9b:ad:f8:0d:c4:47:a7:
         06:26:b2:36:2b:bc:c7:c7:9f:31:fa:45:7e:25:00:61:54:9b:
         73:4b:21:d4:32:55:0e:31:ec:e4:5b:f2:50:4f:89:65:bf:5b:
         3e:02:3a:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk7Er/Y7/dZQvFtqoLiS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Zjg2YTlhM2M0MjljMWJjMjZlYzA2YTNhZTRlNDE3Y2E3
NGRmZGUwHhcNMjUxMTExMTEwMTEyWhcNMjUxMTEyMTEwMTEyWjAzMTEwLwYDVQQD
EyhkOWQ2YTFlM2EwMmYzMGI2OTE2NDA3YWJiNTA5ODRjOGM1MDMwZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIWkSGeXXKj/w+Q0MYkXMzFCASBC
YNE3JlW22iP2xkc9oisGelFAJ7GUG6PIGkHVjr18wezmqEV5gtDZnuPRd8x9BdrR
CJGBs9YewxoXkDHHSYS7FwVivnwwu7pcUtjqaV3PupurMxsK1CUZtJQhdkZ11ypM
nhwYzP3AKLtTXW8MJLs3OsFxYmZK+4/whzO0bmQmX67+WLFPC6d8ckHJkB56h/xr
2RA0Nbjs85Du+44H49J2ZhWIKjBRFzUDD2iDXv9xZNllc3ohOAToYliTTWtbU9EO
ltHDrSVU2/y7LLtVzcWTA6ZvMyOULNQMi3qVQVxMBG8hLS8pCqBYJ7jemQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnWoeOgLzC2kWQHq7UJhMjFAw90MB8GA1UdIwQY
MBaAFNT4apo8Qpwbwm7Aajrk5BfKdN/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgt
NDgzMjY1OTk5NGNiLzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgtNDgzMjY1OTk5NGNi
LzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcyhGKMOL
gCGahyRgsrxAPhr0fIFzSlnBW1KOPTfNKsmJPeZ4w7+LjB9+EUBDz8xYAxzo8XaJ
jBbNls9t9gpQIyLFP2rDIKoXWsEHAvEhyiTVtV5Ife3xyiZqib32HmpBNz+D64Xw
dHzhl8Ux7ng+Fm9J5TF6XwLMoRMVXa6OJ/bnL+7W2gdbvy8ZIM/NmaAmmM4xuoWS
zktisbpkb5Rn7HL9NlwqpP5NQZLoz6wHUvXFXp58Id3bXvIgWvVn2k2fef7r56L8
LdEq0Df3WvTA80ybrfgNxEenBiayNiu8x8efMfpFfiUAYVSbc0sh1DJVDjHs5Fvy
UE+JZb9bPgI6BQ==
-----END CERTIFICATE-----