Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
File:                     i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft (raw, json)
Hash identifier:          8iJWCN3jHGSob3zQ08IIL0gNtxv3hS5s9PCm18A3U3Q=
Subject key identifier:   A5:53:29:5F:F0:7E:7C:1F:37:2D:8C:68:31:5B:99:28:00:26:1A:BD
Authority key identifier: 8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24
Certificate issuer:       /CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
Certificate serial:       019A7112B02785B14FA04DFECD19E83FB61D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
Manifest number:          0BF6
Signing time:             Tue 11 Nov 2025 04:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:41 +0000
Files and hashes:         1: i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl (hash: 99MX7as/ByZnCo0OvkWo4qwHm3QCJbUER8270b3rQx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:b0:27:85:b1:4f:a0:4d:fe:cd:19:e8:3f:b6:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
        Validity
            Not Before: Nov 11 04:00:41 2025 GMT
            Not After : Nov 12 04:00:41 2025 GMT
        Subject: CN=a553295ff07e7c1f372d8c68315b992800261abd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:32:d7:42:22:75:fa:ec:bd:45:51:ee:0b:f1:
                    64:27:0e:39:6a:47:c9:8d:84:f6:f5:3c:69:b8:3a:
                    aa:f5:51:82:b0:4f:3d:de:23:6f:f4:a5:9a:03:80:
                    86:7d:e1:f4:4c:1c:46:54:bd:cd:a8:48:1d:9a:fd:
                    7a:a8:a5:aa:9e:b6:e7:54:a1:77:9b:9d:cd:48:31:
                    1d:93:b3:b6:48:b9:f4:be:09:08:49:58:94:e5:55:
                    48:d9:c2:d7:47:16:a4:0a:7c:6a:8f:3e:bc:9f:4a:
                    2b:42:14:54:f5:34:bf:d8:2c:78:b7:b1:15:56:3b:
                    d6:3d:49:52:6f:25:42:e3:32:5f:40:de:71:42:dc:
                    82:60:6f:75:3c:72:84:d5:57:f1:9a:82:55:64:8e:
                    a8:79:2a:b2:fa:42:05:09:ec:28:ee:f4:88:c4:61:
                    f5:f1:b4:84:1a:38:21:7c:94:85:c0:6c:e0:14:06:
                    80:a6:f3:9d:77:dd:c4:51:a1:b9:8f:7b:9d:e8:0c:
                    8f:8d:b3:d0:f1:76:03:12:80:5f:91:a3:ca:58:e2:
                    93:1d:55:15:77:2a:c4:d6:59:a4:23:da:e5:d6:3f:
                    62:62:91:6b:ec:ea:8f:45:a4:f7:f5:44:98:a1:f4:
                    7d:71:c7:f8:79:12:3a:55:d5:34:11:c1:26:72:b2:
                    59:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:53:29:5F:F0:7E:7C:1F:37:2D:8C:68:31:5B:99:28:00:26:1A:BD
            X509v3 Authority Key Identifier:
                keyid:8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:ae:af:0a:49:d2:99:4c:33:82:ab:b6:a7:6c:f2:41:0f:aa:
         17:43:d7:c7:1b:e2:1c:c5:71:1c:b9:a7:4b:50:a2:a6:39:8b:
         8b:d3:01:c2:af:2a:0a:be:01:2c:f5:7d:62:ec:18:d2:42:37:
         06:14:a3:19:a4:f9:d7:19:38:fa:56:d8:86:b9:90:a2:78:08:
         79:87:83:48:50:00:ca:a4:7a:b9:64:66:c8:f4:9e:ad:12:29:
         62:98:70:17:3b:65:9a:be:b0:01:9d:24:dd:2a:0d:08:3a:9d:
         26:7e:f8:87:f8:4d:21:44:d2:1e:55:15:67:27:36:29:2d:72:
         c6:75:93:d1:c5:ca:a5:97:12:11:30:b3:3c:42:58:d5:b3:3a:
         0b:fa:d9:15:b1:68:c0:7a:ee:ce:6c:cf:47:46:1f:f0:d4:66:
         e2:74:39:8e:28:4c:f4:8d:71:df:a0:c8:d2:94:ea:87:56:36:
         e4:c4:5c:75:76:bb:36:33:13:6d:27:35:61:1c:5f:a6:dd:7c:
         5f:2b:7d:8a:f2:8a:e3:45:a1:13:1e:cb:6b:fd:53:32:a6:c0:
         f5:78:f4:88:a6:fb:be:5b:79:41:2e:ac:5b:55:a6:38:83:26:
         34:e8:15:3c:54:ba:2b:a3:5b:2a:4a:fd:b5:32:9b:e4:d3:8d:
         bf:90:f8:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxErAnhbFPoE3+zRnoP7YdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZDg5MzFmNjM1Nzk0MjhiZjA4Y2NiMTk5YTNhOThkY2Jh
NmI4MjQwHhcNMjUxMTExMDQwMDQxWhcNMjUxMTEyMDQwMDQxWjAzMTEwLwYDVQQD
EyhhNTUzMjk1ZmYwN2U3YzFmMzcyZDhjNjgzMTViOTkyODAwMjYxYWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDLXQiJ1+uy9RVHuC/FkJw45akfJ
jYT29TxpuDqq9VGCsE893iNv9KWaA4CGfeH0TBxGVL3NqEgdmv16qKWqnrbnVKF3
m53NSDEdk7O2SLn0vgkISViU5VVI2cLXRxakCnxqjz68n0orQhRU9TS/2Cx4t7EV
VjvWPUlSbyVC4zJfQN5xQtyCYG91PHKE1VfxmoJVZI6oeSqy+kIFCewo7vSIxGH1
8bSEGjghfJSFwGzgFAaApvOdd93EUaG5j3ud6AyPjbPQ8XYDEoBfkaPKWOKTHVUV
dyrE1lmkI9rl1j9iYpFr7OqPRaT39USYofR9ccf4eRI6VdU0EcEmcrJZGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVTKV/wfnwfNy2MaDFbmSgAJhq9MB8GA1UdIwQY
MBaAFIvYkx9jV5QovwjMsZmjqY3LprgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEt
NGVlMTZkNmM4MGE2LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEtNGVlMTZkNmM4MGE2
LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApa6vCknS
mUwzgqu2p2zyQQ+qF0PXxxviHMVxHLmnS1CipjmLi9MBwq8qCr4BLPV9YuwY0kI3
BhSjGaT51xk4+lbYhrmQongIeYeDSFAAyqR6uWRmyPSerRIpYphwFztlmr6wAZ0k
3SoNCDqdJn74h/hNIUTSHlUVZyc2KS1yxnWT0cXKpZcSETCzPEJY1bM6C/rZFbFo
wHruzmzPR0Yf8NRm4nQ5jihM9I1x36DI0pTqh1Y25MRcdXa7NjMTbSc1YRxfpt18
Xyt9ivKK40WhEx7La/1TMqbA9Xj0iKb7vlt5QS6sW1WmOIMmNOgVPFS6K6NbKkr9
tTKb5NONv5D4rw==
-----END CERTIFICATE-----