Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
File:                     1MiI65YKABkAwnleiq-iaPYC2EI.mft (raw, json)
Hash identifier:          ZF+f0iu4kzR1cmyWGG0NzZQKj0CBqkS3C9PAVDlTb0s=
Subject key identifier:   A4:F2:B5:FD:A9:5F:5B:EE:DE:59:CB:66:7A:CC:BF:63:FB:8D:4B:CB
Authority key identifier: D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42
Certificate issuer:       /CN=d4c888eb960a001900c2795e8aafa268f602d842
Certificate serial:       019A71B8AD071FE5B762EF62FEB615457E36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
Manifest number:          0C2B
Signing time:             Tue 11 Nov 2025 07:01:59 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:59 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:59 +0000
Files and hashes:         1: 1MiI65YKABkAwnleiq-iaPYC2EI.crl (hash: tr7559EYP/GIUIHmPRILS4lkVdePhFCzIpNNJ3bjsAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:ad:07:1f:e5:b7:62:ef:62:fe:b6:15:45:7e:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4c888eb960a001900c2795e8aafa268f602d842
        Validity
            Not Before: Nov 11 07:01:59 2025 GMT
            Not After : Nov 12 07:01:59 2025 GMT
        Subject: CN=a4f2b5fda95f5beede59cb667accbf63fb8d4bcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:d4:c6:d9:4c:6f:df:1b:58:55:ab:f6:19:8a:
                    2f:9a:97:f9:da:ca:67:ac:8f:f3:a0:58:ac:ab:de:
                    47:d0:44:2b:c2:96:76:1e:ae:2a:56:16:18:2c:b1:
                    e4:1c:73:01:81:29:6e:0b:86:1b:0e:27:81:2a:fb:
                    fb:74:99:dd:d3:c1:25:b4:f2:40:a1:38:c5:9d:92:
                    61:d9:b6:c0:2d:6d:a6:a9:77:fa:90:53:e0:3b:de:
                    22:ce:f7:8b:f6:df:82:3c:7c:cc:ac:ca:39:c8:72:
                    d7:54:e9:c1:fb:11:d9:2f:6f:61:83:38:11:40:98:
                    f0:d9:25:ed:58:64:a9:a0:13:fd:bc:f0:c7:72:d6:
                    d3:9e:ed:3f:78:50:d1:d5:f4:6e:99:fc:b1:5e:95:
                    d0:54:70:5a:9d:e7:18:f6:3b:79:f4:a4:89:45:14:
                    a1:28:04:9e:4a:f3:b6:0a:88:9a:0c:9f:b3:69:90:
                    70:66:cb:b8:9f:eb:68:85:89:74:53:2a:64:0a:58:
                    28:a7:dd:7e:73:ee:e7:43:63:46:68:9e:69:73:83:
                    98:d0:71:15:f9:df:d2:56:a5:73:bf:64:af:b8:a5:
                    4e:65:2b:af:2c:fe:dd:22:7e:0c:d6:d6:d1:2d:c1:
                    28:cf:80:fb:a3:5c:48:a9:53:7a:03:69:ef:8a:46:
                    99:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:F2:B5:FD:A9:5F:5B:EE:DE:59:CB:66:7A:CC:BF:63:FB:8D:4B:CB
            X509v3 Authority Key Identifier:
                keyid:D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:c1:00:e6:25:84:98:fe:a1:f1:ca:4d:8c:dd:ff:c4:e5:a0:
         fa:5b:7f:fe:f2:1c:00:cb:24:9d:b1:03:92:6b:90:1f:16:8c:
         6c:d8:d0:70:f8:69:e2:1c:3d:a1:75:ff:a2:69:0a:b5:32:1a:
         18:7a:eb:b4:02:a3:04:cf:03:28:54:bc:10:39:43:c6:4e:0e:
         5b:32:cb:fa:e1:fc:04:42:25:7a:dc:ae:c6:27:55:bc:a6:60:
         fe:85:1a:c6:2e:83:8b:81:95:b5:40:ea:65:bd:e7:b7:3c:ef:
         27:71:ed:83:45:e8:55:4c:ee:88:87:8d:e6:a2:6f:23:1c:95:
         0e:1c:fc:43:e6:76:e7:df:b4:cf:01:08:21:61:49:8d:e3:19:
         ef:cf:9b:bb:0d:2f:03:a1:e3:34:7d:44:2b:d8:9e:b6:0a:aa:
         86:5a:9a:77:04:9a:84:bd:fa:4b:04:bd:52:22:a2:97:c5:d0:
         22:5c:33:20:89:ce:90:75:a0:47:b0:3f:77:45:62:fb:0e:64:
         e9:f0:c6:f2:89:f0:c5:da:e5:90:51:93:3a:ba:8d:74:bb:c3:
         d5:3c:d7:70:bb:5a:93:2a:92:c1:ed:7c:78:6c:2d:af:9e:8c:
         0f:59:97:97:07:55:3c:5d:11:e6:a5:14:c4:d6:06:b8:ba:ec:
         48:a9:5e:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuK0HH+W3Yu9i/rYVRX42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yzg4OGViOTYwYTAwMTkwMGMyNzk1ZThhYWZhMjY4ZjYw
MmQ4NDIwHhcNMjUxMTExMDcwMTU5WhcNMjUxMTEyMDcwMTU5WjAzMTEwLwYDVQQD
EyhhNGYyYjVmZGE5NWY1YmVlZGU1OWNiNjY3YWNjYmY2M2ZiOGQ0YmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dTG2Uxv3xtYVav2GYovmpf52spn
rI/zoFisq95H0EQrwpZ2Hq4qVhYYLLHkHHMBgSluC4YbDieBKvv7dJnd08EltPJA
oTjFnZJh2bbALW2mqXf6kFPgO94izveL9t+CPHzMrMo5yHLXVOnB+xHZL29hgzgR
QJjw2SXtWGSpoBP9vPDHctbTnu0/eFDR1fRumfyxXpXQVHBanecY9jt59KSJRRSh
KASeSvO2CoiaDJ+zaZBwZsu4n+tohYl0UypkClgop91+c+7nQ2NGaJ5pc4OY0HEV
+d/SVqVzv2SvuKVOZSuvLP7dIn4M1tbRLcEoz4D7o1xIqVN6A2nvikaZ5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTytf2pX1vu3lnLZnrMv2P7jUvLMB8GA1UdIwQY
MBaAFNTIiOuWCgAZAMJ5Xoqvomj2AthCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEt
MTVkNzY5MWY0YTJhLzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEtMTVkNzY5MWY0YTJh
LzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApsEA5iWE
mP6h8cpNjN3/xOWg+lt//vIcAMsknbEDkmuQHxaMbNjQcPhp4hw9oXX/omkKtTIa
GHrrtAKjBM8DKFS8EDlDxk4OWzLL+uH8BEIletyuxidVvKZg/oUaxi6Di4GVtUDq
Zb3ntzzvJ3Htg0XoVUzuiIeN5qJvIxyVDhz8Q+Z259+0zwEIIWFJjeMZ78+buw0v
A6HjNH1EK9ietgqqhlqadwSahL36SwS9UiKil8XQIlwzIInOkHWgR7A/d0Vi+w5k
6fDG8onwxdrlkFGTOrqNdLvD1TzXcLtakyqSwe18eGwtr56MD1mXlwdVPF0R5qUU
xNYGuLrsSKleJg==
-----END CERTIFICATE-----