Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          0Gef3srjyBusYt3xUWlRwZ0sPjz4+UOnXVGCm0Zjva4=
Subject key identifier:   7B:0B:B5:B8:6F:70:1F:1B:86:59:36:1E:DE:51:3A:C5:46:1A:B9:04
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       019A71B9052AB71530A6420A9560819EADAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          0E7F
Signing time:             Tue 11 Nov 2025 07:02:21 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:21 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:21 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: DddezPJV6JjdU/qtjAboiUqmwiqBzams3ViOX1JBqUU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:05:2a:b7:15:30:a6:42:0a:95:60:81:9e:ad:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Nov 11 07:02:21 2025 GMT
            Not After : Nov 12 07:02:21 2025 GMT
        Subject: CN=7b0bb5b86f701f1b8659361ede513ac5461ab904
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b4:4a:78:f6:c5:79:18:df:07:41:a7:d8:3c:
                    46:68:e2:9a:81:a4:c2:01:e4:59:c5:ec:16:07:b0:
                    b0:6a:e8:6e:40:e5:09:48:b9:07:cd:9d:05:71:7c:
                    73:58:c8:4f:2e:e8:6f:62:c4:73:39:be:a9:7b:01:
                    1f:a8:be:1a:2f:ac:b7:8d:fd:73:2d:c8:b5:e6:b9:
                    85:5f:0f:03:9a:af:c1:9f:a9:84:88:b3:c5:ed:93:
                    f9:11:a5:3b:47:fd:c6:27:20:7b:a4:7d:f2:66:06:
                    69:93:c5:76:85:f9:7f:2d:8a:f4:ff:41:4b:83:2d:
                    ce:89:e7:94:28:5e:c5:e3:e9:6d:a9:bc:13:79:24:
                    6c:d4:46:c6:80:80:0a:d1:81:c1:cf:7a:0c:fa:34:
                    b3:61:8d:31:24:56:76:3a:8b:35:cd:ee:86:4d:d9:
                    39:04:ff:4d:4d:bf:33:3a:84:8a:a5:df:c3:d0:41:
                    b4:2a:59:ec:0b:1e:ec:cc:da:20:71:92:6d:60:3a:
                    0f:2f:e2:a1:99:af:dc:bb:a6:7e:10:31:7c:e9:07:
                    6e:a6:85:b5:54:3e:9e:83:02:f0:ae:f8:98:40:3b:
                    1c:c9:c2:ce:4e:7a:0b:8f:cf:03:52:99:0a:d9:00:
                    fa:15:34:3f:d3:77:a8:6d:05:5f:c6:23:1f:4f:d5:
                    be:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:0B:B5:B8:6F:70:1F:1B:86:59:36:1E:DE:51:3A:C5:46:1A:B9:04
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:ed:97:99:7d:f4:fc:7e:3f:ba:a2:0d:5d:59:f6:b5:11:b7:
         67:8f:82:91:47:21:1a:45:89:60:ff:23:09:e7:14:ce:4f:5f:
         96:03:fe:be:c7:c7:cc:d1:c6:78:36:46:77:24:16:fa:84:32:
         ec:33:cb:ae:a7:a7:6d:d7:7c:71:c4:5a:ad:8e:60:35:cd:45:
         f1:bd:61:19:a9:4b:9f:8b:90:4b:2f:cd:c0:2e:28:ce:9d:c9:
         9c:dd:4a:20:01:95:69:74:b9:24:dc:0a:1c:43:21:0d:d2:f7:
         f8:9c:d8:66:60:f1:37:d3:74:07:34:6e:78:74:ee:cd:1c:40:
         0d:b5:23:ae:e9:d8:f0:b4:48:2c:81:9b:72:dd:17:4c:31:05:
         4b:5d:4a:24:42:2f:53:94:26:ba:f7:a2:e1:93:87:1e:a8:aa:
         55:c3:10:a1:28:b8:d1:b3:8d:b4:cb:b4:b2:46:aa:f4:76:02:
         45:da:30:28:c7:6c:b7:28:74:3c:9e:39:64:75:1e:22:9e:a7:
         17:07:42:b9:0c:93:58:98:87:7f:73:55:d0:03:12:4f:33:fe:
         50:e6:a7:29:a2:ac:b4:c9:17:79:ee:ef:90:17:91:d3:b3:af:
         54:75:8f:a0:08:c8:4f:36:1b:bf:52:0f:91:ed:c9:64:92:2f:
         c7:15:74:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuQUqtxUwpkIKlWCBnq2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjUxMTExMDcwMjIxWhcNMjUxMTEyMDcwMjIxWjAzMTEwLwYDVQQD
Eyg3YjBiYjViODZmNzAxZjFiODY1OTM2MWVkZTUxM2FjNTQ2MWFiOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLRKePbFeRjfB0Gn2DxGaOKagaTC
AeRZxewWB7CwauhuQOUJSLkHzZ0FcXxzWMhPLuhvYsRzOb6pewEfqL4aL6y3jf1z
Lci15rmFXw8Dmq/Bn6mEiLPF7ZP5EaU7R/3GJyB7pH3yZgZpk8V2hfl/LYr0/0FL
gy3OieeUKF7F4+ltqbwTeSRs1EbGgIAK0YHBz3oM+jSzYY0xJFZ2Oos1ze6GTdk5
BP9NTb8zOoSKpd/D0EG0KlnsCx7szNogcZJtYDoPL+Khma/cu6Z+EDF86QdupoW1
VD6egwLwrviYQDscycLOTnoLj88DUpkK2QD6FTQ/03eobQVfxiMfT9W+vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHsLtbhvcB8bhlk2Ht5ROsVGGrkEMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgO2XmX30
/H4/uqINXVn2tRG3Z4+CkUchGkWJYP8jCecUzk9flgP+vsfHzNHGeDZGdyQW+oQy
7DPLrqenbdd8ccRarY5gNc1F8b1hGalLn4uQSy/NwC4ozp3JnN1KIAGVaXS5JNwK
HEMhDdL3+JzYZmDxN9N0BzRueHTuzRxADbUjrunY8LRILIGbct0XTDEFS11KJEIv
U5Qmuvei4ZOHHqiqVcMQoSi40bONtMu0skaq9HYCRdowKMdstyh0PJ45ZHUeIp6n
FwdCuQyTWJiHf3NV0AMSTzP+UOanKaKstMkXee7vkBeR07OvVHWPoAjITzYbv1IP
ke3JZJIvxxV0NQ==
-----END CERTIFICATE-----