Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
File:                     p2H8O2oE10MHa9KG3oIURfBlTvc.mft (raw, json)
Hash identifier:          mQ+ud9R6Z9CtaXmAxRfw3VuY7Lrh0KQeGsKyxLu/UZQ=
Subject key identifier:   48:C4:67:AF:C1:89:1C:53:E2:40:AC:25:FE:CD:0E:F4:16:7B:2E:24
Authority key identifier: A7:61:FC:3B:6A:04:D7:43:07:6B:D2:86:DE:82:14:45:F0:65:4E:F7
Certificate issuer:       /CN=a761fc3b6a04d743076bd286de821445f0654ef7
Certificate serial:       019A706E3DCBC4B4957664EB945F56C52D03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
Manifest number:          16AD
Signing time:             Tue 11 Nov 2025 01:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 01:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 01:01:04 +0000
Files and hashes:         1: p2H8O2oE10MHa9KG3oIURfBlTvc.crl (hash: qPQcpm55flwP+iylmVVNPt68BZyqRu3/9C0eNx1JW6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:3d:cb:c4:b4:95:76:64:eb:94:5f:56:c5:2d:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a761fc3b6a04d743076bd286de821445f0654ef7
        Validity
            Not Before: Nov 11 01:01:04 2025 GMT
            Not After : Nov 12 01:01:04 2025 GMT
        Subject: CN=48c467afc1891c53e240ac25fecd0ef4167b2e24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:5e:81:ba:73:4a:e2:88:5a:08:4d:0e:2d:7c:
                    58:a4:a6:d6:8d:f2:08:d4:66:47:93:58:81:0d:4b:
                    5c:ed:d9:f9:55:81:3b:1f:53:9f:12:00:1d:7f:05:
                    b9:d8:52:57:75:b7:15:a6:ee:f8:0b:be:ea:ac:ab:
                    cf:a1:22:f4:9a:1a:22:3a:1c:e1:67:b6:84:d6:4f:
                    23:7a:44:63:17:25:78:4f:37:86:8a:de:a0:7b:55:
                    d3:2c:0f:52:79:f5:21:e2:47:c4:b4:93:cc:1a:6b:
                    5a:d9:3c:50:a2:a0:b6:99:5a:37:7d:ec:62:a9:d0:
                    bd:3e:ec:1d:3b:ff:6f:99:1e:8a:03:52:2b:78:bd:
                    64:a1:09:f4:96:31:bf:f2:5a:3f:50:8a:d3:cf:a9:
                    2d:53:e7:dc:d0:53:f9:29:84:9f:aa:0b:3b:94:98:
                    bb:ee:4a:eb:84:21:a7:c8:0c:d5:bd:25:59:11:46:
                    09:d8:08:59:79:70:8e:dd:02:47:41:76:94:65:9e:
                    14:7d:15:01:83:b0:a8:c2:61:f0:37:2c:59:43:2a:
                    4f:d5:ee:d4:82:bd:d9:18:d6:e3:3b:fa:76:8f:eb:
                    21:eb:62:bb:41:c1:ff:89:a4:a0:ce:56:11:cd:67:
                    30:93:66:c7:72:0e:9f:cb:6a:2d:6a:52:d1:b1:ee:
                    bc:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:C4:67:AF:C1:89:1C:53:E2:40:AC:25:FE:CD:0E:F4:16:7B:2E:24
            X509v3 Authority Key Identifier:
                keyid:A7:61:FC:3B:6A:04:D7:43:07:6B:D2:86:DE:82:14:45:F0:65:4E:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:51:2c:43:fd:6d:8c:82:bf:2f:e6:27:2c:7b:f8:9c:1e:16:
         17:32:56:ba:b3:5a:b9:80:f3:f0:10:9f:b8:9e:ac:ab:ce:30:
         56:96:3a:e3:5b:0d:55:b6:37:e6:94:93:9f:0a:3d:48:3c:44:
         7e:94:6d:54:21:04:b0:d7:6b:a8:0c:38:60:c9:8b:27:15:59:
         e0:14:b2:71:55:cb:47:63:e7:6a:f4:8a:09:a4:22:12:62:b7:
         1f:22:f5:54:1a:70:23:48:bc:77:62:f4:0a:41:1c:a7:3d:0d:
         48:8f:4d:2b:93:3a:36:fb:6f:c9:f2:96:99:39:88:9c:89:6b:
         88:c7:9c:e7:dc:d8:3d:7f:78:82:90:6a:48:83:b1:be:c5:74:
         0a:fb:93:eb:c5:56:18:a2:81:b4:4b:08:5a:af:56:40:ab:97:
         05:f9:68:f8:16:66:48:ab:28:40:12:5c:c8:95:ce:fb:ee:04:
         16:70:c2:64:c7:fb:0e:03:cd:df:e1:bb:5c:c2:ed:4f:b0:f9:
         32:4d:60:79:c5:90:54:86:8d:c6:b8:82:dc:5a:be:42:9d:79:
         a9:6c:86:b1:0f:16:59:5a:68:f5:c3:29:10:fc:af:c0:61:63:
         21:2d:45:dc:3a:ad:a4:be:a3:94:85:c8:2f:44:6c:93:48:9e:
         62:20:1f:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbj3LxLSVdmTrlF9WxS0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjFmYzNiNmEwNGQ3NDMwNzZiZDI4NmRlODIxNDQ1ZjA2
NTRlZjcwHhcNMjUxMTExMDEwMTA0WhcNMjUxMTEyMDEwMTA0WjAzMTEwLwYDVQQD
Eyg0OGM0NjdhZmMxODkxYzUzZTI0MGFjMjVmZWNkMGVmNDE2N2IyZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V6BunNK4ohaCE0OLXxYpKbWjfII
1GZHk1iBDUtc7dn5VYE7H1OfEgAdfwW52FJXdbcVpu74C77qrKvPoSL0mhoiOhzh
Z7aE1k8jekRjFyV4TzeGit6ge1XTLA9SefUh4kfEtJPMGmta2TxQoqC2mVo3fexi
qdC9PuwdO/9vmR6KA1IreL1koQn0ljG/8lo/UIrTz6ktU+fc0FP5KYSfqgs7lJi7
7krrhCGnyAzVvSVZEUYJ2AhZeXCO3QJHQXaUZZ4UfRUBg7CowmHwNyxZQypP1e7U
gr3ZGNbjO/p2j+sh62K7QcH/iaSgzlYRzWcwk2bHcg6fy2otalLRse688QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjEZ6/BiRxT4kCsJf7NDvQWey4kMB8GA1UdIwQY
MBaAFKdh/DtqBNdDB2vSht6CFEXwZU73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83MjkzNGUtZmU3My00YTk5LTgxMWYt
YTBjZGU3YmE4YmJlLzEvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83MjkzNGUtZmU3My00YTk5LTgxMWYtYTBjZGU3YmE4YmJl
LzEvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV1EsQ/1t
jIK/L+YnLHv4nB4WFzJWurNauYDz8BCfuJ6sq84wVpY641sNVbY35pSTnwo9SDxE
fpRtVCEEsNdrqAw4YMmLJxVZ4BSycVXLR2PnavSKCaQiEmK3HyL1VBpwI0i8d2L0
CkEcpz0NSI9NK5M6NvtvyfKWmTmInIlriMec59zYPX94gpBqSIOxvsV0CvuT68VW
GKKBtEsIWq9WQKuXBflo+BZmSKsoQBJcyJXO++4EFnDCZMf7DgPN3+G7XMLtT7D5
Mk1gecWQVIaNxriC3Fq+Qp15qWyGsQ8WWVpo9cMpEPyvwGFjIS1F3DqtpL6jlIXI
L0Rsk0ieYiAf0w==
-----END CERTIFICATE-----