Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
File:                     pKgNKvhhtwo37AUOAT5t-6lMiz0.mft (raw, json)
Hash identifier:          U5UAx7B+gvvXcoQ4Ig/vcHbkPqS+V+dxzBd9pZbWvEc=
Subject key identifier:   69:37:92:B1:07:7A:69:41:A6:9B:6C:A8:FA:2E:E0:AB:60:FA:9B:7D
Authority key identifier: A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D
Certificate issuer:       /CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
Certificate serial:       019A71B8303055A3BB093F836B1ACB020284
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
Manifest number:          0FC3
Signing time:             Tue 11 Nov 2025 07:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:27 +0000
Files and hashes:         1: pKgNKvhhtwo37AUOAT5t-6lMiz0.crl (hash: igdLy2Wi985SFJ01PZpjKvxwg0vnh9hZ3PwmC59Z9x4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:30:30:55:a3:bb:09:3f:83:6b:1a:cb:02:02:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
        Validity
            Not Before: Nov 11 07:01:27 2025 GMT
            Not After : Nov 12 07:01:27 2025 GMT
        Subject: CN=693792b1077a6941a69b6ca8fa2ee0ab60fa9b7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:51:47:89:75:1b:59:17:25:d2:01:80:8e:38:
                    cd:d4:de:74:cf:b1:3a:51:eb:40:e0:af:e2:20:fa:
                    be:8d:d0:d4:df:52:97:27:08:2c:ab:41:45:3a:d7:
                    eb:f9:1b:ab:59:3f:9f:d2:62:c4:73:7c:fb:c5:64:
                    90:51:7d:04:1f:bc:ab:8b:0f:cc:6e:72:2c:05:96:
                    5d:5b:0a:31:7b:b1:e5:0e:fb:78:6b:7b:3c:cb:74:
                    95:f9:0c:55:e7:19:25:e3:39:a0:1b:cd:3c:42:75:
                    7f:85:ff:4f:24:e2:3d:2c:29:d3:d3:e1:81:07:37:
                    23:d5:ba:43:ba:7d:d3:66:33:69:d7:85:47:ac:6c:
                    c4:e5:58:92:a8:d8:b6:99:f1:ea:aa:e3:6c:ef:0d:
                    9d:11:8d:36:58:54:ef:d0:dd:03:34:82:d8:5e:c5:
                    e7:b8:a2:f8:4c:4b:d8:76:7e:7d:e0:3f:0f:6c:86:
                    ed:e4:2f:e6:6d:69:a4:88:ab:43:c1:21:c1:bb:56:
                    7b:77:b0:32:ff:44:81:96:60:1e:92:c2:d0:9a:b7:
                    6b:56:50:bd:ac:ad:0f:44:eb:52:d8:11:25:fc:80:
                    e7:97:f7:07:3f:24:66:8f:0f:f1:da:39:d6:91:02:
                    2d:54:94:86:12:de:c8:35:99:1b:96:d6:6c:27:ec:
                    1a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:37:92:B1:07:7A:69:41:A6:9B:6C:A8:FA:2E:E0:AB:60:FA:9B:7D
            X509v3 Authority Key Identifier:
                keyid:A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:65:d5:42:d4:1f:07:37:18:4e:d1:8c:1a:f3:eb:6d:35:52:
         d6:96:b2:a9:c6:a8:9f:23:99:ed:0d:6f:d4:9c:e4:8d:ff:d7:
         fe:8a:cc:a9:63:66:4c:47:13:b5:a1:1f:a1:a5:12:44:29:19:
         3c:82:e5:15:01:ac:49:98:bf:fb:17:a3:bd:a4:0e:00:76:2c:
         0a:1c:f2:12:e3:74:59:3e:b5:55:21:8d:a4:74:e3:58:6f:41:
         0e:a4:70:53:aa:1e:f9:b3:f0:c9:46:fe:0f:67:a7:eb:2f:c4:
         4b:eb:75:d8:cc:a8:09:32:3a:a3:b5:89:f0:64:55:8b:ea:fe:
         5d:81:67:f8:a9:a3:8f:27:f3:5b:59:56:29:17:1e:19:d9:f0:
         31:89:66:13:05:88:28:2e:9f:da:bc:dc:ab:c2:4b:04:27:f2:
         c0:27:f6:fc:cd:71:f8:87:a4:4b:2e:58:c8:d3:d7:ba:91:57:
         2c:9d:1b:9e:4c:2c:8a:15:99:b0:6b:a3:d6:42:33:fa:13:c0:
         5b:4a:58:22:e6:03:28:0b:4f:6e:69:97:db:44:2e:da:78:c5:
         d7:96:8e:e8:11:dc:c4:ee:c2:f8:a6:79:38:1a:ae:45:16:73:
         1b:1e:54:5a:22:69:79:3e:84:c9:94:7b:30:ab:05:ad:df:f7:
         56:bf:75:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDAwVaO7CT+DaxrLAgKEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTgwZDJhZjg2MWI3MGEzN2VjMDUwZTAxM2U2ZGZiYTk0
YzhiM2QwHhcNMjUxMTExMDcwMTI3WhcNMjUxMTEyMDcwMTI3WjAzMTEwLwYDVQQD
Eyg2OTM3OTJiMTA3N2E2OTQxYTY5YjZjYThmYTJlZTBhYjYwZmE5YjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVFHiXUbWRcl0gGAjjjN1N50z7E6
UetA4K/iIPq+jdDU31KXJwgsq0FFOtfr+RurWT+f0mLEc3z7xWSQUX0EH7yriw/M
bnIsBZZdWwoxe7HlDvt4a3s8y3SV+QxV5xkl4zmgG808QnV/hf9PJOI9LCnT0+GB
Bzcj1bpDun3TZjNp14VHrGzE5ViSqNi2mfHqquNs7w2dEY02WFTv0N0DNILYXsXn
uKL4TEvYdn594D8PbIbt5C/mbWmkiKtDwSHBu1Z7d7Ay/0SBlmAeksLQmrdrVlC9
rK0PROtS2BEl/IDnl/cHPyRmjw/x2jnWkQItVJSGEt7INZkbltZsJ+waHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGk3krEHemlBpptsqPou4Ktg+pt9MB8GA1UdIwQY
MBaAFKSoDSr4YbcKN+wFDgE+bfupTIs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYt
NjIzNGVhMDllMTg2LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYtNjIzNGVhMDllMTg2
LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWXVQtQf
BzcYTtGMGvPrbTVS1payqcaonyOZ7Q1v1Jzkjf/X/orMqWNmTEcTtaEfoaUSRCkZ
PILlFQGsSZi/+xejvaQOAHYsChzyEuN0WT61VSGNpHTjWG9BDqRwU6oe+bPwyUb+
D2en6y/ES+t12MyoCTI6o7WJ8GRVi+r+XYFn+KmjjyfzW1lWKRceGdnwMYlmEwWI
KC6f2rzcq8JLBCfywCf2/M1x+IekSy5YyNPXupFXLJ0bnkwsihWZsGuj1kIz+hPA
W0pYIuYDKAtPbmmX20Qu2njF15aO6BHcxO7C+KZ5OBquRRZzGx5UWiJpeT6EyZR7
MKsFrd/3Vr91tw==
-----END CERTIFICATE-----