Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
File:                     dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json)
Hash identifier:          oAKTLyPOiSxqmz7eZEtCKmMaT72esSUjvtRD3KVqNME=
Subject key identifier:   F7:87:0E:A2:37:53:B3:92:EB:48:D7:08:54:40:6E:E0:DB:9E:C9:D8
Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84
Certificate issuer:       /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
Certificate serial:       019A71B7E44F656401780B162CF4FDC34D59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
Manifest number:          11D4
Signing time:             Tue 11 Nov 2025 07:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:08 +0000
Files and hashes:         1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: 0a9DIMZP8XPVI16W5IlTmFjiO01/C3riGj3fK+ETt1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:e4:4f:65:64:01:78:0b:16:2c:f4:fd:c3:4d:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
        Validity
            Not Before: Nov 11 07:01:08 2025 GMT
            Not After : Nov 12 07:01:08 2025 GMT
        Subject: CN=f7870ea23753b392eb48d70854406ee0db9ec9d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:e3:a3:8d:11:12:3e:ba:9d:19:ad:23:ef:c1:
                    1e:65:5c:06:df:4f:98:bc:65:e9:6c:19:0e:3e:b1:
                    09:44:4d:07:90:6d:14:5f:19:4d:a7:18:13:82:f0:
                    86:06:60:5d:d8:00:b6:51:0d:d0:75:53:02:77:6d:
                    a0:cd:63:af:d3:da:c9:b0:97:4a:a9:b8:7d:3e:b7:
                    f1:a8:af:e9:41:08:d2:82:bb:99:82:c7:4f:c2:f1:
                    71:98:07:b2:9a:10:9c:f9:b5:66:e5:d1:24:6b:dd:
                    86:90:95:1a:1f:ad:34:7a:bd:85:75:06:42:c5:b1:
                    b5:42:50:7e:8d:0b:89:c7:a3:94:1f:00:d9:37:27:
                    f3:8b:62:7b:32:5e:ca:a8:c6:22:b3:21:c4:88:d9:
                    0e:0b:94:57:7c:e2:3c:d2:a2:23:44:cf:e6:0e:19:
                    ad:1f:bf:ca:c6:dc:ce:24:ab:6e:ea:8a:cb:73:0a:
                    41:0c:18:28:67:6e:4c:c9:a8:22:23:99:21:de:0f:
                    c9:00:fc:ce:d0:15:b0:03:42:f5:97:87:aa:10:a0:
                    6f:3c:47:ae:af:d8:19:c2:bf:63:ea:1e:be:ae:df:
                    e7:d5:7f:59:89:f5:fd:02:d5:74:88:15:71:03:44:
                    f9:ba:6d:07:ef:89:e4:34:ac:3a:94:eb:1f:db:81:
                    33:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:87:0E:A2:37:53:B3:92:EB:48:D7:08:54:40:6E:E0:DB:9E:C9:D8
            X509v3 Authority Key Identifier:
                keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:5b:0a:4d:b0:1c:ba:db:b1:0f:7d:66:fb:c4:93:e1:6f:2f:
         06:a0:eb:8e:2a:a6:83:08:e9:f3:9b:14:9c:b0:02:b5:12:0d:
         70:d9:58:ef:33:2e:39:08:ca:cb:66:9e:e0:a2:19:e9:e1:cc:
         dd:14:a3:a8:21:bf:b3:2b:af:b6:47:29:7d:50:23:c1:c1:69:
         a4:94:62:4e:8b:41:19:22:79:47:d7:9b:4c:7b:d5:20:e7:8b:
         02:47:e2:61:d3:6b:bc:00:41:5c:01:e0:b0:af:63:77:b2:4a:
         47:7d:67:cf:f9:2f:17:da:f9:db:1d:c5:ab:df:9f:66:d2:12:
         15:e4:9f:21:87:4d:9b:df:69:43:40:c8:68:f9:4a:e1:2e:13:
         93:c3:a5:27:ef:a3:17:f0:00:0c:56:2f:b4:f0:73:6e:b7:16:
         4b:e3:5d:d4:6c:ef:29:88:8f:1d:45:d3:e8:ba:24:9b:06:0c:
         d5:09:39:88:79:4d:27:07:ce:f3:68:da:55:4a:a0:15:55:63:
         68:11:75:d9:64:b5:df:d3:24:b9:e0:09:fb:f6:5b:aa:f5:3b:
         8e:7d:ac:1a:c1:cd:17:70:61:00:a5:eb:c6:e4:b5:65:e8:1b:
         f5:d3:75:59:7a:d9:9b:72:c1:95:70:2f:6d:79:98:c0:50:70:
         30:da:88:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+RPZWQBeAsWLPT9w01ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi
NTRjODQwHhcNMjUxMTExMDcwMTA4WhcNMjUxMTEyMDcwMTA4WjAzMTEwLwYDVQQD
EyhmNzg3MGVhMjM3NTNiMzkyZWI0OGQ3MDg1NDQwNmVlMGRiOWVjOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8OOjjRESPrqdGa0j78EeZVwG30+Y
vGXpbBkOPrEJRE0HkG0UXxlNpxgTgvCGBmBd2AC2UQ3QdVMCd22gzWOv09rJsJdK
qbh9PrfxqK/pQQjSgruZgsdPwvFxmAeymhCc+bVm5dEka92GkJUaH600er2FdQZC
xbG1QlB+jQuJx6OUHwDZNyfzi2J7Ml7KqMYisyHEiNkOC5RXfOI80qIjRM/mDhmt
H7/KxtzOJKtu6orLcwpBDBgoZ25MyagiI5kh3g/JAPzO0BWwA0L1l4eqEKBvPEeu
r9gZwr9j6h6+rt/n1X9ZifX9AtV0iBVxA0T5um0H74nkNKw6lOsf24EzVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPeHDqI3U7OS60jXCFRAbuDbnsnYMB8GA1UdIwQY
MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt
NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi
LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX1sKTbAc
utuxD31m+8ST4W8vBqDrjiqmgwjp85sUnLACtRINcNlY7zMuOQjKy2ae4KIZ6eHM
3RSjqCG/syuvtkcpfVAjwcFppJRiTotBGSJ5R9ebTHvVIOeLAkfiYdNrvABBXAHg
sK9jd7JKR31nz/kvF9r52x3Fq9+fZtISFeSfIYdNm99pQ0DIaPlK4S4Tk8OlJ++j
F/AADFYvtPBzbrcWS+Nd1GzvKYiPHUXT6LokmwYM1Qk5iHlNJwfO82jaVUqgFVVj
aBF12WS139MkueAJ+/ZbqvU7jn2sGsHNF3BhAKXrxuS1Zegb9dN1WXrZm3LBlXAv
bXmYwFBwMNqI9g==
-----END CERTIFICATE-----