Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
File:                     JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json)
Hash identifier:          lqdubN6L3yNsJCwIwM/4BdeOBe7SvzWyQrOkEpZoAcQ=
Subject key identifier:   32:14:A7:F8:F5:5C:3E:01:DC:84:9A:74:A5:EA:7D:A2:32:BF:32:1D
Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27
Certificate issuer:       /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
Certificate serial:       019A725C7050F83A8DB5C3E34BC207EFDB10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
Manifest number:          08BF
Signing time:             Tue 11 Nov 2025 10:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:51 +0000
Files and hashes:         1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: LVaX09kAuGN7FoeLfkRB0MrHcPc1iekxybwJl5DkvI4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:70:50:f8:3a:8d:b5:c3:e3:4b:c2:07:ef:db:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
        Validity
            Not Before: Nov 11 10:00:51 2025 GMT
            Not After : Nov 12 10:00:51 2025 GMT
        Subject: CN=3214a7f8f55c3e01dc849a74a5ea7da232bf321d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f5:51:48:d2:cc:86:93:48:55:88:8d:63:61:
                    a8:f8:94:b8:a6:99:6d:ac:0f:ee:1e:90:f3:3d:3c:
                    70:9d:73:60:71:3f:35:bc:b9:22:e1:34:5a:ad:67:
                    d8:04:e8:9b:d5:e7:88:f7:fd:84:69:f6:90:53:84:
                    f3:e0:5e:a2:5e:97:e8:86:d4:ac:68:c7:c3:0f:b1:
                    23:54:d7:b5:0f:c5:69:36:b2:8f:8b:9f:c4:c2:8b:
                    64:c3:99:08:78:6d:6a:e7:ef:1d:a0:7f:72:1f:57:
                    67:d7:a6:dd:0f:72:a8:79:10:3a:20:82:2b:ac:22:
                    af:c5:26:7c:d9:1e:52:b1:64:48:03:70:11:5e:cb:
                    3c:63:51:27:26:6d:69:aa:12:2a:9a:9e:14:4b:e1:
                    38:6b:ac:b8:99:a7:8c:42:be:bc:2e:27:b6:b1:06:
                    46:46:24:53:b9:46:91:cb:73:14:74:04:b0:e8:56:
                    c2:bb:e5:65:55:02:35:af:48:4c:2c:55:5f:9a:47:
                    a4:78:e3:a7:00:49:43:e4:b6:4e:d8:b0:15:37:73:
                    e6:d6:c2:aa:bc:aa:04:82:10:59:68:69:90:87:06:
                    14:37:3d:a5:6f:1f:75:dc:a4:f1:25:63:ff:83:35:
                    57:a3:a9:56:eb:8d:4c:ce:ad:15:dc:a7:69:56:6e:
                    b3:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:14:A7:F8:F5:5C:3E:01:DC:84:9A:74:A5:EA:7D:A2:32:BF:32:1D
            X509v3 Authority Key Identifier:
                keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:9e:51:ec:26:8c:61:3d:03:26:1a:2e:7a:6c:6c:06:6e:61:
         1f:2c:16:51:ec:39:f1:b5:f9:b1:65:a4:d3:5d:49:8f:d9:60:
         24:06:93:a7:82:fd:73:be:a1:f6:85:d3:c9:fa:82:f8:83:0f:
         56:eb:47:f8:e6:9c:cf:be:ff:06:9d:84:5b:ea:59:f0:16:04:
         d2:5e:75:3d:a1:e2:6c:84:92:10:06:89:c3:2c:68:91:4c:b9:
         59:9b:bb:3c:d9:d6:92:c3:b3:9f:d9:0d:c8:97:ac:e2:fa:74:
         fd:2d:30:ed:86:75:2f:54:4d:b6:7a:5d:33:01:5c:21:82:12:
         c6:f4:ae:5d:a0:b2:b8:b9:ac:c9:3b:41:ee:0c:fd:2c:db:62:
         e4:82:62:55:61:27:2c:69:98:b8:5c:e2:82:13:96:1f:2a:e6:
         24:d1:28:1f:22:90:39:c4:cb:fd:cc:13:39:0a:a8:46:d4:c5:
         ee:ff:0f:d5:17:31:30:e3:3b:b2:34:07:a4:4c:b6:36:fa:b4:
         9d:76:d4:ee:10:5b:2f:cf:20:4f:2b:64:52:ee:31:26:bc:30:
         8a:81:03:e3:83:ef:4d:d0:21:f7:b7:f3:be:63:97:45:32:a4:
         8b:f1:41:a6:7b:a4:ec:c8:c9:0a:1a:62:cd:66:16:8e:13:82:
         a7:b9:e8:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXHBQ+DqNtcPjS8IH79sQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh
N2JkMjcwHhcNMjUxMTExMTAwMDUxWhcNMjUxMTEyMTAwMDUxWjAzMTEwLwYDVQQD
EygzMjE0YTdmOGY1NWMzZTAxZGM4NDlhNzRhNWVhN2RhMjMyYmYzMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifVRSNLMhpNIVYiNY2Go+JS4pplt
rA/uHpDzPTxwnXNgcT81vLki4TRarWfYBOib1eeI9/2EafaQU4Tz4F6iXpfohtSs
aMfDD7EjVNe1D8VpNrKPi5/Ewotkw5kIeG1q5+8doH9yH1dn16bdD3KoeRA6IIIr
rCKvxSZ82R5SsWRIA3ARXss8Y1EnJm1pqhIqmp4US+E4a6y4maeMQr68Lie2sQZG
RiRTuUaRy3MUdASw6FbCu+VlVQI1r0hMLFVfmkekeOOnAElD5LZO2LAVN3Pm1sKq
vKoEghBZaGmQhwYUNz2lbx913KTxJWP/gzVXo6lW641Mzq0V3KdpVm6zhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIUp/j1XD4B3ISadKXqfaIyvzIdMB8GA1UdIwQY
MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt
MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk
LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALp5R7CaM
YT0DJhouemxsBm5hHywWUew58bX5sWWk011Jj9lgJAaTp4L9c76h9oXTyfqC+IMP
VutH+Oacz77/Bp2EW+pZ8BYE0l51PaHibISSEAaJwyxokUy5WZu7PNnWksOzn9kN
yJes4vp0/S0w7YZ1L1RNtnpdMwFcIYISxvSuXaCyuLmsyTtB7gz9LNti5IJiVWEn
LGmYuFzighOWHyrmJNEoHyKQOcTL/cwTOQqoRtTF7v8P1RcxMOM7sjQHpEy2Nvq0
nXbU7hBbL88gTytkUu4xJrwwioED44PvTdAh97fzvmOXRTKki/FBpnuk7MjJChpi
zWYWjhOCp7no9Q==
-----END CERTIFICATE-----