Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
File:                     j3phc572fsR6X9EOVvx6NNy3PHA.mft (raw, json)
Hash identifier:          HogJe5fNFxsqf5h2Wq6Az7zPJQl72UYBXsFyocsSbCw=
Subject key identifier:   2B:F3:3C:A6:19:11:4E:B7:6B:96:CB:25:82:13:1D:12:36:63:B7:73
Authority key identifier: 8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70
Certificate issuer:       /CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70
Certificate serial:       019A706E231679D034B6FBAAF2D7EDFD3DCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
Manifest number:          0F71
Signing time:             Tue 11 Nov 2025 01:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 01:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 01:00:57 +0000
Files and hashes:         1: j3phc572fsR6X9EOVvx6NNy3PHA.crl (hash: lZL3mSFhewTf5S4D+sH+Ss8qyxgNwtiY8OsuMjpvJDQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:23:16:79:d0:34:b6:fb:aa:f2:d7:ed:fd:3d:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70
        Validity
            Not Before: Nov 11 01:00:57 2025 GMT
            Not After : Nov 12 01:00:57 2025 GMT
        Subject: CN=2bf33ca619114eb76b96cb2582131d123663b773
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:11:e5:22:88:ab:37:cd:5a:92:d8:5b:ad:04:
                    08:46:c0:6f:66:a3:1a:79:42:88:c9:a8:5b:fc:b0:
                    9b:f5:5d:16:d4:78:fe:1e:2e:b9:83:30:b4:c7:a6:
                    02:7d:ec:4d:27:dd:f1:09:09:e4:a0:d6:fb:2c:30:
                    76:c3:87:cc:f6:f2:95:7e:29:a9:e1:e5:f3:f2:a7:
                    b1:db:5b:ee:12:2a:24:4b:13:1c:1a:d2:1c:1b:d8:
                    56:7d:74:e0:23:19:7b:86:b8:1a:93:81:e0:9d:3e:
                    b8:3f:e8:38:43:24:a1:bc:fb:f1:7d:51:38:47:4a:
                    0a:8c:bb:c2:2a:54:1f:28:7a:ce:af:00:52:b4:ae:
                    b5:e1:51:55:8b:81:8e:2f:72:e1:b5:96:e9:8f:08:
                    fd:53:8a:09:99:f3:e5:f1:69:46:e6:09:ad:6b:ef:
                    5e:0d:cd:8f:64:db:e5:1c:f3:f3:34:27:eb:33:12:
                    b0:09:ae:8d:01:d4:82:3e:5d:7c:6a:4e:22:d2:54:
                    56:ca:f7:83:7c:df:54:3f:df:f2:ec:c4:7b:90:bc:
                    4a:6c:f1:be:f6:83:d6:74:e1:47:30:93:49:49:b8:
                    a9:1a:f6:e7:da:98:e9:bf:64:2f:46:3f:cb:d5:f0:
                    c4:6b:76:cf:32:07:cd:b4:a8:0f:d9:b7:b4:ed:41:
                    da:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:F3:3C:A6:19:11:4E:B7:6B:96:CB:25:82:13:1D:12:36:63:B7:73
            X509v3 Authority Key Identifier:
                keyid:8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:1b:9b:08:6c:4f:d3:93:88:28:03:82:74:5c:0b:d7:c7:14:
         7f:cc:96:3e:0a:f9:59:60:19:41:10:b1:da:b5:f6:c0:fe:f0:
         03:a1:f4:f9:97:0a:cf:be:68:19:2d:31:ca:90:a7:e3:ff:dc:
         35:f2:23:a7:d5:a5:a2:21:9c:42:d9:dc:52:9f:c4:65:21:4f:
         04:53:aa:0c:5a:e4:1c:28:f1:32:d1:7e:08:26:3d:d2:06:4e:
         a9:9e:75:4d:69:cf:25:f2:65:b7:0c:07:1e:71:99:95:e4:99:
         fc:45:38:9e:a5:27:28:85:5d:98:31:ab:13:21:e0:13:13:d3:
         69:27:f5:84:84:15:e9:78:39:13:f8:a4:b2:ad:5c:6f:cc:b2:
         c9:b4:ac:d0:b6:67:74:7d:45:89:2f:ad:3f:9f:5b:f7:00:cc:
         6a:ed:16:71:14:d6:41:b9:e6:30:d4:c6:5f:52:9e:4b:bb:fd:
         1d:3d:17:eb:c0:b7:69:8c:a9:7c:e7:2f:0f:c0:95:ee:fb:81:
         f7:83:f8:d7:5a:17:24:64:7f:ba:f5:3a:e7:fc:a3:7e:d3:48:
         df:4f:9a:e9:9f:03:66:d2:ca:76:40:39:ef:dc:4c:b1:9a:ea:
         88:da:34:73:15:af:0b:4c:35:90:84:7e:f6:02:b1:4a:8c:00:
         75:33:00:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbiMWedA0tvuq8tft/T3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2E2MTczOWVmNjdlYzQ3YTVmZDEwZTU2ZmM3YTM0ZGNi
NzNjNzAwHhcNMjUxMTExMDEwMDU3WhcNMjUxMTEyMDEwMDU3WjAzMTEwLwYDVQQD
EygyYmYzM2NhNjE5MTE0ZWI3NmI5NmNiMjU4MjEzMWQxMjM2NjNiNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBHlIoirN81akthbrQQIRsBvZqMa
eUKIyahb/LCb9V0W1Hj+Hi65gzC0x6YCfexNJ93xCQnkoNb7LDB2w4fM9vKVfimp
4eXz8qex21vuEiokSxMcGtIcG9hWfXTgIxl7hrgak4HgnT64P+g4QyShvPvxfVE4
R0oKjLvCKlQfKHrOrwBStK614VFVi4GOL3LhtZbpjwj9U4oJmfPl8WlG5gmta+9e
Dc2PZNvlHPPzNCfrMxKwCa6NAdSCPl18ak4i0lRWyveDfN9UP9/y7MR7kLxKbPG+
9oPWdOFHMJNJSbipGvbn2pjpv2QvRj/L1fDEa3bPMgfNtKgP2be07UHa6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvzPKYZEU63a5bLJYITHRI2Y7dzMB8GA1UdIwQY
MBaAFI96YXOe9n7Eel/RDlb8ejTctzxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUt
NzM4OTQwODEwYWRmLzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUtNzM4OTQwODEwYWRm
LzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjhubCGxP
05OIKAOCdFwL18cUf8yWPgr5WWAZQRCx2rX2wP7wA6H0+ZcKz75oGS0xypCn4//c
NfIjp9WloiGcQtncUp/EZSFPBFOqDFrkHCjxMtF+CCY90gZOqZ51TWnPJfJltwwH
HnGZleSZ/EU4nqUnKIVdmDGrEyHgExPTaSf1hIQV6Xg5E/iksq1cb8yyybSs0LZn
dH1FiS+tP59b9wDMau0WcRTWQbnmMNTGX1KeS7v9HT0X68C3aYypfOcvD8CV7vuB
94P411oXJGR/uvU65/yjftNI30+a6Z8DZtLKdkA579xMsZrqiNo0cxWvC0w1kIR+
9gKxSowAdTMA3g==
-----END CERTIFICATE-----