Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
File:                     JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft (raw, json)
Hash identifier:          gp3ACTzQ3Uzv9LxH2bb0MyB6oy6xOsgbS3CVwrZWpYo=
Subject key identifier:   AC:79:DD:D3:57:2F:82:CC:8B:3A:DB:65:16:91:B8:3A:A2:A3:94:BB
Authority key identifier: 25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39
Certificate issuer:       /CN=25a290559f72a701231c028e70a250690355a639
Certificate serial:       019A71B940809AED646E6E5D307933A3FA4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
Manifest number:          145E
Signing time:             Tue 11 Nov 2025 07:02:37 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:37 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:37 +0000
Files and hashes:         1: JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl (hash: Iu+YzXEAHMlEDVoWeTP6v5XOlAwFkNXwrQXIr/YNJNU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:40:80:9a:ed:64:6e:6e:5d:30:79:33:a3:fa:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a290559f72a701231c028e70a250690355a639
        Validity
            Not Before: Nov 11 07:02:37 2025 GMT
            Not After : Nov 12 07:02:37 2025 GMT
        Subject: CN=ac79ddd3572f82cc8b3adb651691b83aa2a394bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:1e:7b:a5:83:d9:06:ca:1d:3b:0b:62:a3:f1:
                    d2:c2:a3:e2:4f:6b:cd:e3:31:8f:c4:aa:95:a1:1f:
                    9b:f1:46:44:3d:24:51:e3:73:c6:eb:3c:31:3e:6b:
                    0b:fa:d1:6e:c0:77:0f:3d:6c:90:ec:93:58:c5:1c:
                    4a:09:5c:a9:64:44:27:2b:fa:39:97:a6:17:be:08:
                    68:f1:39:90:e4:03:69:67:93:42:96:f4:d1:30:c0:
                    09:76:13:2e:39:b0:a7:73:dc:f7:5b:64:c1:15:39:
                    f7:67:80:7a:51:41:46:7d:07:a6:98:a2:31:96:f8:
                    18:16:84:66:f2:f2:63:a7:5d:9d:a1:5d:02:1e:c6:
                    7c:85:5c:b7:23:c5:a9:08:7b:50:e1:d3:f7:0d:48:
                    3d:0d:0f:e1:38:7d:e6:c0:a8:22:25:14:86:af:75:
                    c3:c8:2b:51:cd:cd:ca:d7:1d:08:26:78:91:c7:2d:
                    d2:e5:76:b6:c1:a3:df:b1:b0:cc:7c:66:d9:9a:5f:
                    0f:88:10:3f:74:7b:08:97:f3:8c:75:85:c9:00:0b:
                    a0:28:f5:9a:88:d2:0f:5b:70:24:51:af:11:a0:5f:
                    18:af:22:9a:80:97:50:87:28:12:a6:7a:05:95:42:
                    36:d0:a4:99:c1:0c:55:3f:b6:29:c0:fa:00:79:de:
                    42:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:79:DD:D3:57:2F:82:CC:8B:3A:DB:65:16:91:B8:3A:A2:A3:94:BB
            X509v3 Authority Key Identifier:
                keyid:25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:96:8d:1e:fa:be:8f:88:45:75:c8:bd:45:6c:d0:d3:3e:ad:
         bb:aa:33:b3:13:d0:71:7a:65:97:97:21:1a:04:36:19:3f:98:
         91:fe:39:05:6a:02:d8:df:20:5a:20:41:fe:18:fc:00:0d:fc:
         71:63:e1:3b:eb:1f:9b:d4:a4:8f:98:27:c8:a6:6d:9d:33:7d:
         f6:34:bc:c2:6c:c5:8b:19:7c:66:83:ea:7f:aa:88:c3:5f:6b:
         da:21:38:54:f1:2d:c7:0e:78:27:69:a6:fa:24:c9:83:b8:fb:
         ba:38:84:70:75:1d:bd:64:78:49:52:98:22:ff:e1:c1:4b:ba:
         ca:16:9b:1e:6a:ad:3f:a8:e3:79:48:8d:20:5a:6b:4e:79:b2:
         74:df:e0:07:d1:e0:f1:a4:13:5f:cf:47:00:e9:c2:77:1d:08:
         42:9c:a0:6b:3f:5f:4b:04:ae:bb:9e:ca:6e:70:88:36:2a:30:
         be:ad:f4:4b:91:69:85:6d:b9:1c:2c:44:82:2b:74:b3:ea:a8:
         91:ab:5e:f5:39:ac:aa:0d:1f:09:55:8f:4f:c3:ff:66:a6:91:
         c3:cc:76:61:50:a2:1c:ab:50:8e:5d:aa:d3:b3:19:f0:1f:47:
         08:fc:e8:a0:1f:0b:d9:d7:4f:5d:4a:e9:66:de:a0:8e:3a:de:
         20:7d:fe:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuUCAmu1kbm5dMHkzo/pKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTI5MDU1OWY3MmE3MDEyMzFjMDI4ZTcwYTI1MDY5MDM1
NWE2MzkwHhcNMjUxMTExMDcwMjM3WhcNMjUxMTEyMDcwMjM3WjAzMTEwLwYDVQQD
EyhhYzc5ZGRkMzU3MmY4MmNjOGIzYWRiNjUxNjkxYjgzYWEyYTM5NGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB57pYPZBsodOwtio/HSwqPiT2vN
4zGPxKqVoR+b8UZEPSRR43PG6zwxPmsL+tFuwHcPPWyQ7JNYxRxKCVypZEQnK/o5
l6YXvgho8TmQ5ANpZ5NClvTRMMAJdhMuObCnc9z3W2TBFTn3Z4B6UUFGfQemmKIx
lvgYFoRm8vJjp12doV0CHsZ8hVy3I8WpCHtQ4dP3DUg9DQ/hOH3mwKgiJRSGr3XD
yCtRzc3K1x0IJniRxy3S5Xa2waPfsbDMfGbZml8PiBA/dHsIl/OMdYXJAAugKPWa
iNIPW3AkUa8RoF8YryKagJdQhygSpnoFlUI20KSZwQxVP7YpwPoAed5CtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKx53dNXL4LMizrbZRaRuDqio5S7MB8GA1UdIwQY
MBaAFCWikFWfcqcBIxwCjnCiUGkDVaY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2It
Mjk1ZmNmODdlYTI3LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2ItMjk1ZmNmODdlYTI3
LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZZaNHvq+
j4hFdci9RWzQ0z6tu6ozsxPQcXpll5chGgQ2GT+Ykf45BWoC2N8gWiBB/hj8AA38
cWPhO+sfm9Skj5gnyKZtnTN99jS8wmzFixl8ZoPqf6qIw19r2iE4VPEtxw54J2mm
+iTJg7j7ujiEcHUdvWR4SVKYIv/hwUu6yhabHmqtP6jjeUiNIFprTnmydN/gB9Hg
8aQTX89HAOnCdx0IQpygaz9fSwSuu57KbnCINiowvq30S5FphW25HCxEgit0s+qo
kate9Tmsqg0fCVWPT8P/ZqaRw8x2YVCiHKtQjl2q07MZ8B9HCPzooB8L2ddPXUrp
Zt6gjjreIH3+9Q==
-----END CERTIFICATE-----