Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          iu1RcwhtxfCAwx2O5NsliCqlLVXKcvsCmI0k5BjUHc4=
Subject key identifier:   BC:31:B7:96:E6:C7:23:9B:9F:B4:9D:6C:7D:1F:25:0A:7F:02:BE:EB
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       019A71EED0539F79FBDC7BFE5D7654243C40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0F9F
Signing time:             Tue 11 Nov 2025 08:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:07 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: WOrG5opN6/rUiAOjSxXWxgmZcU8273ond1rfD2Box7w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:d0:53:9f:79:fb:dc:7b:fe:5d:76:54:24:3c:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Nov 11 08:01:07 2025 GMT
            Not After : Nov 12 08:01:07 2025 GMT
        Subject: CN=bc31b796e6c7239b9fb49d6c7d1f250a7f02beeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a1:52:5b:81:66:d4:54:26:b1:30:5d:52:da:
                    d9:a7:80:13:45:f6:d9:66:f7:1d:2d:df:7f:a9:1b:
                    e4:17:4e:e6:26:25:6d:72:ed:37:d8:a9:10:27:6c:
                    5f:8c:77:22:6d:77:38:45:97:5b:75:1e:8e:c7:cf:
                    92:93:c2:35:ec:78:37:95:3b:ef:65:a2:02:a4:63:
                    73:af:89:f0:46:b7:7d:c5:e0:93:54:d5:fa:b0:7f:
                    1f:e8:b0:af:61:d5:b7:fa:2c:a7:d9:cb:26:ef:f0:
                    5a:3c:e4:fb:d4:4a:21:31:62:42:cd:e0:c3:2f:4e:
                    6e:78:6e:9e:e8:2f:72:d5:11:0e:48:dc:aa:33:50:
                    24:61:e6:d7:ec:fe:1c:8f:6f:a5:c5:5e:7a:3c:ff:
                    a8:2a:e1:8f:69:26:e0:b4:67:05:69:cd:73:2d:33:
                    8d:12:b4:f9:e1:09:0b:9e:5b:12:a1:b6:b5:3a:32:
                    ef:e3:03:7f:52:43:09:a0:34:ad:7f:d6:5a:a2:8d:
                    c9:82:11:64:37:ba:d9:85:f0:d5:be:44:f0:9e:6f:
                    37:2b:30:b5:86:12:58:05:27:29:7b:1b:73:f5:8d:
                    d8:c1:6e:80:d5:eb:63:64:a0:33:19:6b:75:83:57:
                    60:50:02:a4:2a:d0:f1:a6:8b:2a:01:a0:c9:1c:43:
                    dd:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:31:B7:96:E6:C7:23:9B:9F:B4:9D:6C:7D:1F:25:0A:7F:02:BE:EB
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:55:e6:c5:69:7a:15:ad:8b:79:7e:8a:06:e9:65:d2:27:fd:
         d1:49:a4:18:bf:9a:d9:f3:81:cc:90:ab:38:51:4e:cb:8c:ee:
         94:ec:ec:ba:5d:dd:47:77:f8:e7:b5:34:ad:19:9a:ef:9a:9a:
         22:4d:96:c1:5a:a6:77:b6:7f:dd:98:a0:eb:9d:27:f8:5c:5a:
         10:b0:cd:a7:e3:aa:aa:de:86:34:52:94:bb:8e:fb:fb:45:73:
         0e:b8:a5:4a:b6:1f:ba:34:b7:be:96:4c:0f:b1:12:90:93:02:
         4c:9c:19:00:df:c3:8b:84:88:f9:4e:14:e9:b9:88:78:00:08:
         4d:d4:11:40:5c:0d:59:b0:a1:7f:c2:a4:69:b4:f4:b6:35:87:
         ca:90:46:7c:72:15:af:da:4b:07:43:04:b9:46:15:d6:b7:c4:
         bf:4f:56:05:30:36:1d:db:5b:2d:87:36:31:c5:fc:43:88:62:
         a6:b4:ec:44:21:d9:51:64:a4:d0:d6:58:dc:9b:f5:4c:c8:c8:
         27:58:44:06:8e:58:68:99:c3:1d:0e:4e:27:1a:fc:68:c6:91:
         b4:75:7a:41:de:93:f5:5d:fe:e2:26:4e:8f:ff:0e:3f:13:76:
         40:d1:00:4f:92:0b:18:77:12:02:e4:2f:4b:dc:eb:9c:85:48:
         e7:1b:86:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7tBTn3n73Hv+XXZUJDxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUxMTExMDgwMTA3WhcNMjUxMTEyMDgwMTA3WjAzMTEwLwYDVQQD
EyhiYzMxYjc5NmU2YzcyMzliOWZiNDlkNmM3ZDFmMjUwYTdmMDJiZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaFSW4Fm1FQmsTBdUtrZp4ATRfbZ
ZvcdLd9/qRvkF07mJiVtcu032KkQJ2xfjHcibXc4RZdbdR6Ox8+Sk8I17Hg3lTvv
ZaICpGNzr4nwRrd9xeCTVNX6sH8f6LCvYdW3+iyn2csm7/BaPOT71EohMWJCzeDD
L05ueG6e6C9y1REOSNyqM1AkYebX7P4cj2+lxV56PP+oKuGPaSbgtGcFac1zLTON
ErT54QkLnlsSoba1OjLv4wN/UkMJoDStf9Zaoo3JghFkN7rZhfDVvkTwnm83KzC1
hhJYBScpextz9Y3YwW6A1etjZKAzGWt1g1dgUAKkKtDxposqAaDJHEPdVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwxt5bmxyObn7SdbH0fJQp/Ar7rMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABlXmxWl6
Fa2LeX6KBull0if90UmkGL+a2fOBzJCrOFFOy4zulOzsul3dR3f457U0rRma75qa
Ik2WwVqmd7Z/3Zig650n+FxaELDNp+Oqqt6GNFKUu477+0VzDrilSrYfujS3vpZM
D7ESkJMCTJwZAN/Di4SI+U4U6bmIeAAITdQRQFwNWbChf8KkabT0tjWHypBGfHIV
r9pLB0MEuUYV1rfEv09WBTA2HdtbLYc2McX8Q4hiprTsRCHZUWSk0NZY3Jv1TMjI
J1hEBo5YaJnDHQ5OJxr8aMaRtHV6Qd6T9V3+4iZOj/8OPxN2QNEAT5ILGHcSAuQv
S9zrnIVI5xuGZQ==
-----END CERTIFICATE-----