Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft
File:                     d1xabqkPXz0AfBDkROO5Y7bTDMU.mft (raw, json)
Hash identifier:          ojUqnUZQMulCnEPV+x17awB/WI3pnzFrhR0P7gdoADE=
Subject key identifier:   BF:52:1A:C7:9E:D3:AB:09:56:04:28:47:91:ED:41:8A:0A:9D:B4:DD
Authority key identifier: 77:5C:5A:6E:A9:0F:5F:3D:00:7C:10:E4:44:E3:B9:63:B6:D3:0C:C5
Certificate issuer:       /CN=775c5a6ea90f5f3d007c10e444e3b963b6d30cc5
Certificate serial:       019A72937FF1D69B746E38E1EB65812C2F7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d1xabqkPXz0AfBDkROO5Y7bTDMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft
Manifest number:          04F9
Signing time:             Tue 11 Nov 2025 11:01:00 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:00 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:00 +0000
Files and hashes:         1: d1xabqkPXz0AfBDkROO5Y7bTDMU.crl (hash: B9pliAlYYhFQYj4qOLPrDj4q22r+MrVC3J73756uXtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d1xabqkPXz0AfBDkROO5Y7bTDMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:7f:f1:d6:9b:74:6e:38:e1:eb:65:81:2c:2f:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=775c5a6ea90f5f3d007c10e444e3b963b6d30cc5
        Validity
            Not Before: Nov 11 11:01:00 2025 GMT
            Not After : Nov 12 11:01:00 2025 GMT
        Subject: CN=bf521ac79ed3ab095604284791ed418a0a9db4dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:aa:b7:00:bf:f0:12:5f:4e:0c:74:97:e6:b6:
                    75:35:28:bc:07:89:52:86:8a:11:91:1d:20:62:4b:
                    a3:9c:6e:9f:03:73:6a:c9:ac:3b:ce:43:fd:99:90:
                    a9:56:81:4f:2c:3c:a4:b0:ac:cb:3d:94:3f:e9:4a:
                    c2:e1:00:d5:22:ae:54:b1:e7:69:15:83:03:ce:ae:
                    5a:be:74:ac:2f:8b:26:ce:70:66:d5:f7:12:aa:2e:
                    d9:d7:4b:91:55:0e:97:c4:25:35:80:4e:93:55:48:
                    23:b0:df:8c:00:6b:41:c1:a5:15:e8:4b:51:cb:cd:
                    1a:0a:28:31:f7:46:3c:43:7b:e3:88:de:b3:aa:be:
                    05:5f:4f:52:7c:15:ac:24:29:21:03:09:44:08:63:
                    32:89:8d:bc:5e:9b:72:e1:f5:ba:53:a1:df:e1:39:
                    da:cf:d9:d7:f3:4f:38:24:47:a6:72:97:09:cc:4c:
                    13:4c:69:e5:23:0a:8b:41:8b:dc:b4:ac:8a:e0:e6:
                    47:08:4f:cf:1a:89:7a:f7:ac:d5:f2:58:9d:6c:1b:
                    ed:32:9e:5e:9c:96:48:b7:16:dd:d5:2b:33:d5:24:
                    bd:29:fd:88:12:ef:c5:e1:91:f7:e5:cc:e4:3f:a0:
                    2c:e8:b1:09:9f:1d:f9:60:ad:b2:68:fc:20:fc:76:
                    3c:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:52:1A:C7:9E:D3:AB:09:56:04:28:47:91:ED:41:8A:0A:9D:B4:DD
            X509v3 Authority Key Identifier:
                keyid:77:5C:5A:6E:A9:0F:5F:3D:00:7C:10:E4:44:E3:B9:63:B6:D3:0C:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1xabqkPXz0AfBDkROO5Y7bTDMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:6f:79:b6:e9:3e:05:ba:4f:fd:07:9f:d4:23:51:8a:28:8b:
         ab:1b:08:cf:b5:fc:34:4f:2e:91:82:48:f4:5f:6b:bd:54:e7:
         58:06:2e:e2:d7:d2:05:82:c5:8b:73:01:76:2f:c2:fd:35:9d:
         84:e3:14:b6:5e:a3:86:31:96:e6:47:26:2f:83:51:3a:d9:4d:
         40:bd:f1:94:4a:b5:b9:38:d3:84:dc:53:11:ee:95:31:78:32:
         f4:e0:12:c6:39:35:a1:18:04:ae:87:76:05:c5:dd:c3:50:0e:
         33:dc:79:0d:66:61:c3:93:10:e3:4e:61:55:93:1a:b2:79:83:
         bc:58:a1:0a:e5:55:d6:b9:b1:cc:eb:65:96:49:74:84:06:c3:
         ac:05:b8:74:97:13:62:c2:c5:7b:f1:f9:b7:64:e7:35:a1:0a:
         a7:72:88:c6:94:92:79:db:23:ec:70:43:1f:50:8d:09:1e:29:
         d8:5c:d2:31:f4:9a:d0:04:97:58:00:30:35:22:77:15:fb:c3:
         f3:99:97:5f:1a:31:fa:f5:b8:ab:00:7b:7a:b3:9b:0c:36:a1:
         66:29:13:d6:6e:3a:d3:02:ff:a6:4a:b0:95:0d:ec:85:28:68:
         3e:f9:90:ad:f7:e4:86:13:2d:f2:83:6c:2e:23:3f:76:e7:34:
         3d:ec:b5:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk3/x1pt0bjjh62WBLC96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NWM1YTZlYTkwZjVmM2QwMDdjMTBlNDQ0ZTNiOTYzYjZk
MzBjYzUwHhcNMjUxMTExMTEwMTAwWhcNMjUxMTEyMTEwMTAwWjAzMTEwLwYDVQQD
EyhiZjUyMWFjNzllZDNhYjA5NTYwNDI4NDc5MWVkNDE4YTBhOWRiNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaq3AL/wEl9ODHSX5rZ1NSi8B4lS
hooRkR0gYkujnG6fA3Nqyaw7zkP9mZCpVoFPLDyksKzLPZQ/6UrC4QDVIq5Usedp
FYMDzq5avnSsL4smznBm1fcSqi7Z10uRVQ6XxCU1gE6TVUgjsN+MAGtBwaUV6EtR
y80aCigx90Y8Q3vjiN6zqr4FX09SfBWsJCkhAwlECGMyiY28Xpty4fW6U6Hf4Tna
z9nX8084JEemcpcJzEwTTGnlIwqLQYvctKyK4OZHCE/PGol696zV8lidbBvtMp5e
nJZItxbd1Ssz1SS9Kf2IEu/F4ZH35czkP6As6LEJnx35YK2yaPwg/HY8gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9SGsee06sJVgQoR5HtQYoKnbTdMB8GA1UdIwQY
MBaAFHdcWm6pD189AHwQ5ETjuWO20wzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDF4YWJxa1BYejBBZkJEa1JPTzVZN2JURE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Njg3MzItNmQ3Ni00NjRkLTk3YzQt
ZTQwYTMzNDY5MWM5LzEvZDF4YWJxa1BYejBBZkJEa1JPTzVZN2JURE1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Njg3MzItNmQ3Ni00NjRkLTk3YzQtZTQwYTMzNDY5MWM5
LzEvZDF4YWJxa1BYejBBZkJEa1JPTzVZN2JURE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZG95tuk+
BbpP/Qef1CNRiiiLqxsIz7X8NE8ukYJI9F9rvVTnWAYu4tfSBYLFi3MBdi/C/TWd
hOMUtl6jhjGW5kcmL4NROtlNQL3xlEq1uTjThNxTEe6VMXgy9OASxjk1oRgErod2
BcXdw1AOM9x5DWZhw5MQ405hVZMasnmDvFihCuVV1rmxzOtllkl0hAbDrAW4dJcT
YsLFe/H5t2TnNaEKp3KIxpSSedsj7HBDH1CNCR4p2FzSMfSa0ASXWAAwNSJ3FfvD
85mXXxox+vW4qwB7erObDDahZikT1m460wL/pkqwlQ3shShoPvmQrffkhhMt8oNs
LiM/duc0Pey1JQ==
-----END CERTIFICATE-----