Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft
File:                     JNuhs13nN_cbfFUN9fS0ToNka40.mft (raw, json)
Hash identifier:          7E4t0zOPbq+qqaRgxcqPi5nEtN8dunnPlOnfWRXx/zQ=
Subject key identifier:   63:04:DB:68:A2:B8:5D:86:C1:73:B2:AC:0A:2E:34:1C:DF:21:FF:C5
Authority key identifier: 24:DB:A1:B3:5D:E7:37:F7:1B:7C:55:0D:F5:F4:B4:4E:83:64:6B:8D
Certificate issuer:       /CN=24dba1b35de737f71b7c550df5f4b44e83646b8d
Certificate serial:       019A725C67235798132BFD1861C48E1BDBBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JNuhs13nN_cbfFUN9fS0ToNka40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft
Manifest number:          0A17
Signing time:             Tue 11 Nov 2025 10:00:49 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:49 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:49 +0000
Files and hashes:         1: JNuhs13nN_cbfFUN9fS0ToNka40.crl (hash: 6o05t9EnplosewcHIol7Ty+HMlcQNAmMKo8TdONw9gg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JNuhs13nN_cbfFUN9fS0ToNka40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:67:23:57:98:13:2b:fd:18:61:c4:8e:1b:db:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24dba1b35de737f71b7c550df5f4b44e83646b8d
        Validity
            Not Before: Nov 11 10:00:49 2025 GMT
            Not After : Nov 12 10:00:49 2025 GMT
        Subject: CN=6304db68a2b85d86c173b2ac0a2e341cdf21ffc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a4:62:b6:48:da:36:ac:6f:10:c2:f9:9b:6a:
                    e1:bb:55:ff:22:ad:22:5d:97:51:1d:c9:bf:06:ad:
                    34:c2:87:4c:b1:c0:27:95:26:5d:0b:b0:2b:c7:45:
                    e4:14:5d:b6:2f:de:e8:4a:c1:bc:75:8e:e7:c4:5d:
                    23:7b:0d:75:63:12:3e:73:6e:37:79:2a:f4:5c:f2:
                    d4:23:73:29:23:84:73:e0:9b:d1:b7:20:90:4b:16:
                    e7:0f:a8:36:77:6d:07:f3:09:05:db:fd:9f:a1:9a:
                    da:bc:e5:bb:d6:b2:19:ff:f2:03:b8:28:8b:2e:dd:
                    8e:d9:2b:67:dc:6e:92:70:0c:15:3c:bb:76:c3:76:
                    87:fd:b6:8e:63:b5:f9:96:c5:51:a6:6a:e2:e6:9d:
                    24:37:ca:a6:34:1e:66:d7:46:1a:ea:11:ab:27:99:
                    3c:99:93:70:fc:92:b9:dc:ea:e0:c2:16:ad:4f:00:
                    c8:7f:04:63:be:22:9b:27:17:a3:29:e2:1d:53:d3:
                    15:ed:07:27:94:c7:9b:46:91:fd:dd:e9:69:38:77:
                    54:f7:fb:76:97:60:bb:56:3a:8d:e1:32:b2:d7:57:
                    e7:25:07:7a:7c:8a:b2:22:99:1f:42:c8:4d:09:81:
                    e6:0c:41:9f:eb:a3:da:02:7c:28:dc:05:74:81:d5:
                    87:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:04:DB:68:A2:B8:5D:86:C1:73:B2:AC:0A:2E:34:1C:DF:21:FF:C5
            X509v3 Authority Key Identifier:
                keyid:24:DB:A1:B3:5D:E7:37:F7:1B:7C:55:0D:F5:F4:B4:4E:83:64:6B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNuhs13nN_cbfFUN9fS0ToNka40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/895e9f-d541-4564-9947-da04e2f39b88/1/JNuhs13nN_cbfFUN9fS0ToNka40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:9a:35:b0:59:90:aa:51:52:f6:46:ea:13:de:41:cb:7d:d8:
         51:10:df:76:aa:9e:93:13:83:9d:18:7e:b5:33:ba:50:3b:c2:
         2c:cb:74:3f:2e:b2:e5:fd:48:e8:0a:27:2e:09:c4:50:f6:46:
         27:7b:ac:b2:e0:0b:b9:0f:0b:70:a6:3b:f0:c9:12:fd:2b:c8:
         5a:74:09:0b:3d:0a:75:21:70:b4:6c:23:c3:07:d9:f3:7c:a1:
         3d:56:72:2f:05:97:2f:d7:f5:eb:e5:e4:ee:cc:f0:9c:ce:1d:
         48:f2:fc:6b:70:14:90:17:71:07:c2:ae:bf:b0:4d:df:de:bd:
         d2:33:c2:88:0d:8f:75:03:79:40:82:81:1e:c4:0d:77:16:e2:
         15:54:5e:0a:66:ab:d4:22:5c:8a:1b:4b:4d:6e:99:21:55:f5:
         f1:c5:b4:7e:5d:86:29:c3:53:7b:2c:d2:32:eb:70:c9:17:1d:
         ef:14:90:2f:dd:77:8f:44:f3:3b:cc:e3:69:c5:2b:d6:3b:25:
         5d:08:27:93:d1:d5:21:68:8a:9d:cb:dd:54:aa:b4:43:fa:52:
         17:b4:4e:1d:05:05:1a:11:18:c7:e7:38:c8:b6:90:ea:d1:29:
         58:d4:f9:b8:31:80:ec:4a:b4:93:78:a8:97:96:be:45:66:a7:
         44:8e:24:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGcjV5gTK/0YYcSOG9u9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZGJhMWIzNWRlNzM3ZjcxYjdjNTUwZGY1ZjRiNDRlODM2
NDZiOGQwHhcNMjUxMTExMTAwMDQ5WhcNMjUxMTEyMTAwMDQ5WjAzMTEwLwYDVQQD
Eyg2MzA0ZGI2OGEyYjg1ZDg2YzE3M2IyYWMwYTJlMzQxY2RmMjFmZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aRitkjaNqxvEML5m2rhu1X/Iq0i
XZdRHcm/Bq00wodMscAnlSZdC7Arx0XkFF22L97oSsG8dY7nxF0jew11YxI+c243
eSr0XPLUI3MpI4Rz4JvRtyCQSxbnD6g2d20H8wkF2/2foZravOW71rIZ//IDuCiL
Lt2O2Stn3G6ScAwVPLt2w3aH/baOY7X5lsVRpmri5p0kN8qmNB5m10Ya6hGrJ5k8
mZNw/JK53OrgwhatTwDIfwRjviKbJxejKeIdU9MV7QcnlMebRpH93elpOHdU9/t2
l2C7VjqN4TKy11fnJQd6fIqyIpkfQshNCYHmDEGf66PaAnwo3AV0gdWH3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGME22iiuF2GwXOyrAouNBzfIf/FMB8GA1UdIwQY
MBaAFCTbobNd5zf3G3xVDfX0tE6DZGuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk51aHMxM25OX2NiZkZVTjlmUzBUb05rYTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTVlOWYtZDU0MS00NTY0LTk5NDct
ZGEwNGUyZjM5Yjg4LzEvSk51aHMxM25OX2NiZkZVTjlmUzBUb05rYTQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTVlOWYtZDU0MS00NTY0LTk5NDctZGEwNGUyZjM5Yjg4
LzEvSk51aHMxM25OX2NiZkZVTjlmUzBUb05rYTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbZo1sFmQ
qlFS9kbqE95By33YURDfdqqekxODnRh+tTO6UDvCLMt0Py6y5f1I6AonLgnEUPZG
J3ussuALuQ8LcKY78MkS/SvIWnQJCz0KdSFwtGwjwwfZ83yhPVZyLwWXL9f16+Xk
7szwnM4dSPL8a3AUkBdxB8Kuv7BN39690jPCiA2PdQN5QIKBHsQNdxbiFVReCmar
1CJcihtLTW6ZIVX18cW0fl2GKcNTeyzSMutwyRcd7xSQL913j0TzO8zjacUr1jsl
XQgnk9HVIWiKncvdVKq0Q/pSF7ROHQUFGhEYx+c4yLaQ6tEpWNT5uDGA7Eq0k3io
l5a+RWanRI4kVQ==
-----END CERTIFICATE-----