Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.mft
File:                     b27JJY79ACkhePqBwjzXfAKhoRA.mft (raw, json)
Hash identifier:          GokMcldkIFookXPW9O2sxOzu6a7UvbN/wLPKrBZEbH4=
Subject key identifier:   6F:3A:C3:05:2D:F3:A0:D0:B3:F3:AE:FE:CF:A1:69:8D:8C:88:20:6C
Authority key identifier: 6F:6E:C9:25:8E:FD:00:29:21:78:FA:81:C2:3C:D7:7C:02:A1:A1:10
Certificate issuer:       /CN=6f6ec9258efd00292178fa81c23cd77c02a1a110
Certificate serial:       019A7226244B5A70EACBAC10633AAA815B73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b27JJY79ACkhePqBwjzXfAKhoRA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.mft
Manifest number:          0D9E
Signing time:             Tue 11 Nov 2025 09:01:33 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:33 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:33 +0000
Files and hashes:         1: b27JJY79ACkhePqBwjzXfAKhoRA.crl (hash: nWOapnh8fQ5a+zSYUwTvct2GUmMLJgc5dOP4loJsG4g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b27JJY79ACkhePqBwjzXfAKhoRA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:24:4b:5a:70:ea:cb:ac:10:63:3a:aa:81:5b:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6ec9258efd00292178fa81c23cd77c02a1a110
        Validity
            Not Before: Nov 11 09:01:33 2025 GMT
            Not After : Nov 12 09:01:33 2025 GMT
        Subject: CN=6f3ac3052df3a0d0b3f3aefecfa1698d8c88206c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:52:5a:74:8d:13:83:14:62:8a:b0:75:12:8a:
                    2a:31:a8:d0:72:6b:c7:b9:86:9a:e7:46:78:8f:8f:
                    f5:17:6b:04:47:d0:3f:e0:9c:f1:b1:49:63:4e:42:
                    ed:0d:34:23:10:98:ce:02:b4:14:ca:4c:29:1c:59:
                    77:74:cf:bd:df:7e:01:c4:7c:a9:45:a7:09:74:ad:
                    82:74:79:45:5c:17:a0:01:95:ba:4f:ed:c7:24:1e:
                    89:40:2a:e1:ca:74:a5:88:77:8d:f0:43:58:28:4d:
                    b5:40:d5:9f:3c:3c:66:40:97:a9:44:78:d3:a5:12:
                    97:03:1d:84:7a:a0:b0:af:a1:c8:5b:d5:ae:7e:ea:
                    32:d5:61:4b:2a:ed:fc:05:1f:ab:e1:c5:4b:1c:25:
                    c6:e4:1c:25:11:31:38:ea:90:57:92:37:51:d1:75:
                    ab:3c:73:87:6f:cc:b7:d5:b9:f6:84:c5:a6:67:2b:
                    4d:fc:8a:77:2f:6e:2c:86:ff:ba:d7:15:45:92:25:
                    6e:54:26:1b:9a:28:f5:3b:43:6a:44:5b:08:88:a7:
                    27:a7:f6:90:dc:36:3f:3f:db:20:ab:a2:6a:2b:e6:
                    4f:0c:aa:00:de:75:c1:72:1a:26:60:61:d4:65:00:
                    91:49:3a:3f:93:47:9f:27:7f:a4:16:a8:cb:1c:9c:
                    2a:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:3A:C3:05:2D:F3:A0:D0:B3:F3:AE:FE:CF:A1:69:8D:8C:88:20:6C
            X509v3 Authority Key Identifier:
                keyid:6F:6E:C9:25:8E:FD:00:29:21:78:FA:81:C2:3C:D7:7C:02:A1:A1:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b27JJY79ACkhePqBwjzXfAKhoRA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:6e:ab:8d:f6:f3:9f:94:2c:94:41:01:ca:fd:dd:4a:e5:01:
         d9:fa:a2:69:92:ad:4e:a5:0c:d5:71:36:a7:9c:d6:ac:db:d2:
         00:a4:f6:93:99:42:43:29:02:bd:6b:ab:13:c2:7a:a6:e9:7d:
         46:8f:f9:f8:0b:c5:5c:27:88:22:9d:12:e3:17:b7:e7:58:3b:
         eb:07:c4:56:62:15:f1:65:24:36:63:92:8a:89:eb:4b:f1:46:
         4b:dd:b9:7d:af:4a:bb:d9:cf:be:d6:f1:37:ec:f5:91:27:2a:
         34:6a:90:0b:71:e2:13:02:0c:66:03:ca:28:93:6b:0e:80:aa:
         fb:c3:28:fb:f7:3e:97:46:3d:6a:04:33:2d:ad:fa:13:55:c9:
         ee:fa:0b:b8:b9:df:ee:03:fe:73:4d:dc:c1:db:3a:b4:81:99:
         d9:22:f6:e7:10:4d:f1:52:c4:bd:32:27:b3:0a:bf:a0:79:39:
         53:54:e2:24:d3:33:50:49:b1:19:86:cd:8a:94:08:7f:07:28:
         13:05:16:86:ad:5f:9b:c9:f4:77:4e:0f:34:60:57:9b:5d:4c:
         87:26:06:ac:18:fd:3c:b8:cf:d0:e7:5f:4e:f1:61:43:db:bf:
         0f:fc:8f:5f:ce:cc:ce:11:c1:0f:d9:c5:02:6b:9b:8e:fd:87:
         d5:a5:23:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJiRLWnDqy6wQYzqqgVtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmVjOTI1OGVmZDAwMjkyMTc4ZmE4MWMyM2NkNzdjMDJh
MWExMTAwHhcNMjUxMTExMDkwMTMzWhcNMjUxMTEyMDkwMTMzWjAzMTEwLwYDVQQD
Eyg2ZjNhYzMwNTJkZjNhMGQwYjNmM2FlZmVjZmExNjk4ZDhjODgyMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1JadI0TgxRiirB1EooqMajQcmvH
uYaa50Z4j4/1F2sER9A/4JzxsUljTkLtDTQjEJjOArQUykwpHFl3dM+9334BxHyp
RacJdK2CdHlFXBegAZW6T+3HJB6JQCrhynSliHeN8ENYKE21QNWfPDxmQJepRHjT
pRKXAx2EeqCwr6HIW9Wufuoy1WFLKu38BR+r4cVLHCXG5BwlETE46pBXkjdR0XWr
PHOHb8y31bn2hMWmZytN/Ip3L24shv+61xVFkiVuVCYbmij1O0NqRFsIiKcnp/aQ
3DY/P9sgq6JqK+ZPDKoA3nXBchomYGHUZQCRSTo/k0efJ3+kFqjLHJwqIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG86wwUt86DQs/Ou/s+haY2MiCBsMB8GA1UdIwQY
MBaAFG9uySWO/QApIXj6gcI813wCoaEQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjI3SkpZNzlBQ2toZVBxQndqelhmQUtob1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8xNjBkODEtYzcyOC00NjJmLWFhMjYt
YTE1OTM1MDY0YWRkLzEvYjI3SkpZNzlBQ2toZVBxQndqelhmQUtob1JBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8xNjBkODEtYzcyOC00NjJmLWFhMjYtYTE1OTM1MDY0YWRk
LzEvYjI3SkpZNzlBQ2toZVBxQndqelhmQUtob1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIW6rjfbz
n5QslEEByv3dSuUB2fqiaZKtTqUM1XE2p5zWrNvSAKT2k5lCQykCvWurE8J6pul9
Ro/5+AvFXCeIIp0S4xe351g76wfEVmIV8WUkNmOSionrS/FGS925fa9Ku9nPvtbx
N+z1kScqNGqQC3HiEwIMZgPKKJNrDoCq+8Mo+/c+l0Y9agQzLa36E1XJ7voLuLnf
7gP+c03cwds6tIGZ2SL25xBN8VLEvTInswq/oHk5U1TiJNMzUEmxGYbNipQIfwco
EwUWhq1fm8n0d04PNGBXm11MhyYGrBj9PLjP0OdfTvFhQ9u/D/yPX87MzhHBD9nF
Amubjv2H1aUjRA==
-----END CERTIFICATE-----