Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
File:                     0gXOrys2rZ_lGQaehrlONtLsS94.mft (raw, json)
Hash identifier:          w0iI+Iy/FSB2eA9kEq5aXk3tQQcjLnSGBr/kCRFlNNw=
Subject key identifier:   27:57:29:6E:1A:28:E9:F2:E9:82:0C:1D:5B:BA:D0:EB:E5:61:E6:01
Authority key identifier: D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE
Certificate issuer:       /CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
Certificate serial:       019A7226118AF02123962FD4F0248424791D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
Manifest number:          0A4F
Signing time:             Tue 11 Nov 2025 09:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:28 +0000
Files and hashes:         1: 0gXOrys2rZ_lGQaehrlONtLsS94.crl (hash: eyEq3Q4f5bnrEm1EwmCE+r0z5jpilZ7PIhjGb7/eTHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:11:8a:f0:21:23:96:2f:d4:f0:24:84:24:79:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
        Validity
            Not Before: Nov 11 09:01:28 2025 GMT
            Not After : Nov 12 09:01:28 2025 GMT
        Subject: CN=2757296e1a28e9f2e9820c1d5bbad0ebe561e601
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:59:cc:67:1c:46:78:60:51:7a:82:84:80:87:
                    b4:3c:29:9d:37:64:31:e5:8c:78:56:f2:a5:81:57:
                    98:c5:9d:38:a5:07:b3:68:59:a3:fe:15:5b:92:00:
                    4d:29:d0:8d:fc:26:be:d9:a6:f5:84:19:f5:be:31:
                    c4:67:88:f0:a5:10:87:a1:d1:b9:57:e2:31:d3:7d:
                    81:80:f1:e5:2d:07:e6:1c:24:f1:fd:ec:c4:ae:34:
                    91:fe:65:54:df:ed:18:a7:09:fb:dc:d6:75:26:31:
                    ff:ea:95:5d:51:d1:cb:94:a2:14:6b:ec:49:df:f4:
                    da:5b:c2:f8:7c:c7:c0:e1:5f:76:e5:f1:a4:59:7e:
                    86:f5:27:4a:15:58:b3:41:58:ba:65:f2:9a:16:b6:
                    e5:12:e0:bd:03:e8:b5:9d:18:2e:1f:65:8e:fa:2f:
                    b9:46:f1:a9:cc:ba:0d:f7:de:dc:ac:43:7d:67:15:
                    53:6c:bf:87:40:50:49:42:13:39:77:6c:d6:f6:57:
                    13:02:af:5e:2c:14:c0:c8:f2:88:26:55:78:43:ef:
                    3c:5c:3c:fe:c7:9d:11:90:2b:9c:19:60:47:4e:5e:
                    69:39:0c:d3:bb:65:6c:fa:50:d8:f6:5b:dc:d4:e8:
                    2d:c1:29:32:0f:12:65:ed:f0:e9:0c:46:47:c2:c5:
                    18:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:57:29:6E:1A:28:E9:F2:E9:82:0C:1D:5B:BA:D0:EB:E5:61:E6:01
            X509v3 Authority Key Identifier:
                keyid:D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:85:4a:df:48:45:19:69:61:1d:16:9e:3a:f1:c2:bc:4b:02:
         a8:90:46:e6:f9:5d:77:65:75:8a:43:02:22:3f:0b:55:87:1e:
         b8:ea:9b:c0:c8:4d:fc:97:47:b6:d5:2c:ad:e1:23:db:66:c0:
         26:3f:7c:ec:18:8c:5c:5e:39:5c:0e:f9:a0:b7:33:6f:72:98:
         a5:52:04:39:68:71:68:fc:f4:52:01:17:07:07:46:02:02:8a:
         5f:d9:72:a5:08:b3:c8:d8:9f:45:88:a0:c2:9d:17:e7:42:9b:
         b1:1f:c6:d7:c5:61:05:bc:d2:de:4b:97:c5:2a:0c:9b:11:b6:
         fc:99:73:5b:71:ee:7e:66:ce:2e:dd:6a:04:e4:f9:3b:68:3d:
         0c:5d:bf:55:ed:07:07:1b:48:3b:ed:5b:10:b9:95:d3:c7:92:
         81:81:a2:8a:43:17:f5:27:42:59:7f:4d:4f:24:a9:93:d6:07:
         9c:6e:5c:24:c8:57:8f:d4:1a:64:ce:9c:4b:81:1c:a1:10:f7:
         c7:3f:f9:f4:58:41:79:2d:b8:85:07:86:0f:e1:be:9f:ae:ef:
         3e:23:ca:2a:0a:a2:5d:7f:cd:b2:7d:8d:ae:a3:45:96:fc:d6:
         1c:15:10:8e:ab:31:a1:56:d2:9c:e8:a5:25:75:dd:d7:c5:8f:
         77:19:81:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhGK8CEjli/U8CSEJHkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDVjZWFmMmIzNmFkOWZlNTE5MDY5ZTg2Yjk0ZTM2ZDJl
YzRiZGUwHhcNMjUxMTExMDkwMTI4WhcNMjUxMTEyMDkwMTI4WjAzMTEwLwYDVQQD
EygyNzU3Mjk2ZTFhMjhlOWYyZTk4MjBjMWQ1YmJhZDBlYmU1NjFlNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFnMZxxGeGBReoKEgIe0PCmdN2Qx
5Yx4VvKlgVeYxZ04pQezaFmj/hVbkgBNKdCN/Ca+2ab1hBn1vjHEZ4jwpRCHodG5
V+Ix032BgPHlLQfmHCTx/ezErjSR/mVU3+0Ypwn73NZ1JjH/6pVdUdHLlKIUa+xJ
3/TaW8L4fMfA4V925fGkWX6G9SdKFVizQVi6ZfKaFrblEuC9A+i1nRguH2WO+i+5
RvGpzLoN997crEN9ZxVTbL+HQFBJQhM5d2zW9lcTAq9eLBTAyPKIJlV4Q+88XDz+
x50RkCucGWBHTl5pOQzTu2Vs+lDY9lvc1OgtwSkyDxJl7fDpDEZHwsUYFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdXKW4aKOny6YIMHVu60OvlYeYBMB8GA1UdIwQY
MBaAFNIFzq8rNq2f5RkGnoa5TjbS7EveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUt
MThmODkyNWM2NjY1LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUtMThmODkyNWM2NjY1
LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr4VK30hF
GWlhHRaeOvHCvEsCqJBG5vldd2V1ikMCIj8LVYceuOqbwMhN/JdHttUsreEj22bA
Jj987BiMXF45XA75oLczb3KYpVIEOWhxaPz0UgEXBwdGAgKKX9lypQizyNifRYig
wp0X50KbsR/G18VhBbzS3kuXxSoMmxG2/JlzW3HufmbOLt1qBOT5O2g9DF2/Ve0H
BxtIO+1bELmV08eSgYGiikMX9SdCWX9NTySpk9YHnG5cJMhXj9QaZM6cS4EcoRD3
xz/59FhBeS24hQeGD+G+n67vPiPKKgqiXX/Nsn2NrqNFlvzWHBUQjqsxoVbSnOil
JXXd18WPdxmBMQ==
-----END CERTIFICATE-----