Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          QRNFUGF8uGUVbiZJcHpBo7GfgFTgWGcExoBzJBj6sFo=
Subject key identifier:   5B:79:18:B8:1F:89:FD:B5:C1:07:0C:DE:9C:55:C3:C2:5B:EF:A2:76
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       019A71B83602A27A6401631EF16FD0B0B301
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          126A
Signing time:             Tue 11 Nov 2025 07:01:29 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:29 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:29 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: iisWNWSvpPiln/1CQNjedJKcOu5rERip3CMGd+/yqT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:36:02:a2:7a:64:01:63:1e:f1:6f:d0:b0:b3:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: Nov 11 07:01:29 2025 GMT
            Not After : Nov 12 07:01:29 2025 GMT
        Subject: CN=5b7918b81f89fdb5c1070cde9c55c3c25befa276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:4d:3f:f5:e3:2a:b9:86:07:27:89:57:32:1f:
                    78:68:05:da:4e:45:8a:85:00:97:e0:ec:49:81:4c:
                    1f:27:92:f5:2a:5b:a2:0e:e2:14:fb:be:5d:d7:c3:
                    b4:e0:71:48:fe:2e:61:89:1f:a6:bb:a2:c4:98:1e:
                    b0:cb:f0:f7:3f:ae:b4:83:1a:78:9a:b2:4a:35:0e:
                    79:7b:6d:89:26:13:89:8a:e0:18:cd:4b:94:8f:52:
                    94:69:ae:cd:75:c8:f0:ef:f4:69:29:fe:ba:7a:90:
                    b6:9d:c6:f0:5f:12:a0:e7:f6:11:fd:e1:77:39:45:
                    1c:00:b6:2c:2c:88:3d:a9:14:13:3c:73:23:d6:8b:
                    d7:30:9d:e6:97:7d:f5:c9:96:48:94:c0:0a:c1:da:
                    98:60:5a:04:f4:b3:62:72:3f:6b:35:34:b9:e4:1f:
                    4f:2c:da:49:45:f9:e0:87:30:2f:db:ce:f7:c0:7e:
                    80:11:f2:0c:5a:3f:96:64:b5:6c:ae:1d:93:57:a9:
                    d6:61:13:7e:9b:96:f1:d0:ad:16:25:37:f1:2d:29:
                    21:27:b5:a0:cc:5d:0f:36:35:7b:96:97:e4:19:fa:
                    19:8f:03:7a:7f:ae:e4:37:a6:31:43:2b:f0:87:0c:
                    ea:22:74:6d:1b:77:06:fe:c2:e3:2d:a5:80:f3:40:
                    67:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:79:18:B8:1F:89:FD:B5:C1:07:0C:DE:9C:55:C3:C2:5B:EF:A2:76
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:99:ef:08:8b:65:2b:ae:f9:eb:4f:4f:45:d7:a8:58:10:91:
         c9:cc:47:29:49:9e:46:de:43:7e:fb:df:48:29:0b:6a:c0:7f:
         27:95:6e:89:a0:46:3d:6e:da:81:40:5b:f4:f2:0b:9e:8c:15:
         61:58:20:52:b3:63:da:af:7f:c7:97:57:cd:c6:f5:69:89:7e:
         e5:99:ba:69:3e:56:cb:95:74:4c:15:1d:f9:0d:d9:72:f2:98:
         dc:53:5a:b3:51:af:23:a7:8d:7e:95:28:8b:e4:08:d1:04:28:
         87:e3:1a:0f:3c:fe:83:e8:c9:9d:8d:53:8b:fb:15:9b:19:1b:
         15:18:2e:cb:7c:a5:24:48:43:96:96:7a:47:83:2b:11:b7:68:
         db:4b:26:92:ef:0e:0a:0a:01:bb:3b:a8:09:fc:b0:61:1b:8e:
         d8:45:9f:bf:18:2c:67:ee:db:27:08:4f:8b:56:87:58:a3:69:
         39:e9:b6:31:24:34:19:26:ac:ff:e8:b8:2a:a4:47:fe:8f:28:
         dd:6a:f1:83:35:33:de:01:ce:a3:59:4e:06:8c:89:0a:70:7b:
         25:c5:82:11:24:6c:ad:a0:30:2c:2a:7a:9f:77:d3:8f:01:90:
         6b:3f:de:8b:8b:c7:93:1e:eb:ca:a4:7f:b6:3e:47:69:e8:43:
         a5:6c:cd:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDYConpkAWMe8W/QsLMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjUxMTExMDcwMTI5WhcNMjUxMTEyMDcwMTI5WjAzMTEwLwYDVQQD
Eyg1Yjc5MThiODFmODlmZGI1YzEwNzBjZGU5YzU1YzNjMjViZWZhMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnE0/9eMquYYHJ4lXMh94aAXaTkWK
hQCX4OxJgUwfJ5L1KluiDuIU+75d18O04HFI/i5hiR+mu6LEmB6wy/D3P660gxp4
mrJKNQ55e22JJhOJiuAYzUuUj1KUaa7Ndcjw7/RpKf66epC2ncbwXxKg5/YR/eF3
OUUcALYsLIg9qRQTPHMj1ovXMJ3ml331yZZIlMAKwdqYYFoE9LNicj9rNTS55B9P
LNpJRfnghzAv2873wH6AEfIMWj+WZLVsrh2TV6nWYRN+m5bx0K0WJTfxLSkhJ7Wg
zF0PNjV7lpfkGfoZjwN6f67kN6YxQyvwhwzqInRtG3cG/sLjLaWA80BnUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFt5GLgfif21wQcM3pxVw8Jb76J2MB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEJnvCItl
K675609PRdeoWBCRycxHKUmeRt5DfvvfSCkLasB/J5VuiaBGPW7agUBb9PILnowV
YVggUrNj2q9/x5dXzcb1aYl+5Zm6aT5Wy5V0TBUd+Q3ZcvKY3FNas1GvI6eNfpUo
i+QI0QQoh+MaDzz+g+jJnY1Ti/sVmxkbFRguy3ylJEhDlpZ6R4MrEbdo20smku8O
CgoBuzuoCfywYRuO2EWfvxgsZ+7bJwhPi1aHWKNpOem2MSQ0GSas/+i4KqRH/o8o
3WrxgzUz3gHOo1lOBoyJCnB7JcWCESRsraAwLCp6n3fTjwGQaz/ei4vHkx7ryqR/
tj5HaehDpWzNfw==
-----END CERTIFICATE-----