Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft
File:                     s8l-xqz0xTcKU8r4I5YxblbkhsY.mft (raw, json)
Hash identifier:          G5lByN2wldcnICBKOs0kZxMic8ZCcyPanN7DH/lHxww=
Subject key identifier:   DC:C9:8D:56:1D:89:AC:3F:CE:9D:77:CB:70:E7:5D:ED:BD:6A:81:2C
Authority key identifier: B3:C9:7E:C6:AC:F4:C5:37:0A:53:CA:F8:23:96:31:6E:56:E4:86:C6
Certificate issuer:       /CN=b3c97ec6acf4c5370a53caf82396316e56e486c6
Certificate serial:       019A7180941C60380FD6A95216EE6858395A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s8l-xqz0xTcKU8r4I5YxblbkhsY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft
Manifest number:          06E9
Signing time:             Tue 11 Nov 2025 06:00:43 +0000
Manifest this update:     Tue 11 Nov 2025 06:00:43 +0000
Manifest next update:     Wed 12 Nov 2025 06:00:43 +0000
Files and hashes:         1: s8l-xqz0xTcKU8r4I5YxblbkhsY.crl (hash: u9BcJx1yzHSe71DttdVGrGE7lsJOd53DZ17HsPw+GD0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s8l-xqz0xTcKU8r4I5YxblbkhsY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 06:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:80:94:1c:60:38:0f:d6:a9:52:16:ee:68:58:39:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3c97ec6acf4c5370a53caf82396316e56e486c6
        Validity
            Not Before: Nov 11 06:00:43 2025 GMT
            Not After : Nov 12 06:00:43 2025 GMT
        Subject: CN=dcc98d561d89ac3fce9d77cb70e75dedbd6a812c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b5:6e:dd:40:3c:23:11:10:e6:cc:a9:00:01:
                    9b:48:8b:5b:25:6c:2c:cc:6d:d0:5c:5d:bc:42:5a:
                    d4:39:01:b9:fb:d2:c3:8f:d7:f4:ee:66:45:2e:b7:
                    1b:34:9e:9c:1d:c9:3d:af:ca:95:d3:85:9c:2e:b8:
                    7a:da:9a:7c:4f:35:8c:b0:da:b3:9c:4b:1e:23:be:
                    d4:36:be:88:ce:52:d6:50:f5:3a:d9:65:00:5d:2c:
                    1f:24:c3:c7:8f:f8:d9:cc:8e:28:08:3e:8f:01:b9:
                    83:04:0f:8a:86:50:7c:38:36:4b:61:e0:d9:90:27:
                    10:88:50:05:ed:ce:e4:06:33:26:c3:40:e2:7f:2b:
                    17:c6:c8:2a:af:99:d6:1d:d2:74:06:d4:3a:93:1c:
                    31:fb:73:14:82:fb:97:2b:c5:09:57:4f:b9:06:f1:
                    5c:55:f8:8e:51:a5:e1:ed:b2:45:88:0e:a2:4b:69:
                    17:62:c8:ff:07:2c:22:1b:48:d7:e6:65:45:1f:5a:
                    13:8a:b8:c8:b4:a1:35:58:d7:8f:0b:a2:c6:b0:2f:
                    37:30:4a:ab:f8:c2:2c:aa:6a:bb:36:48:ae:9d:a2:
                    ee:69:e5:94:b5:00:e6:a7:b6:77:ed:58:12:81:2b:
                    00:1b:fd:c1:eb:d7:ae:b2:5c:b7:b6:f1:c9:86:6c:
                    eb:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:C9:8D:56:1D:89:AC:3F:CE:9D:77:CB:70:E7:5D:ED:BD:6A:81:2C
            X509v3 Authority Key Identifier:
                keyid:B3:C9:7E:C6:AC:F4:C5:37:0A:53:CA:F8:23:96:31:6E:56:E4:86:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8l-xqz0xTcKU8r4I5YxblbkhsY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:2d:6c:a4:1e:2c:36:e3:75:80:4d:0c:0f:e3:39:28:37:c2:
         98:0f:24:d2:ca:65:10:2a:d1:c1:1a:b8:e0:82:cb:c9:f6:38:
         e1:01:6f:65:97:47:64:7e:d6:21:75:e4:f5:0e:3b:47:2b:43:
         fd:00:7c:b0:6f:75:92:08:e2:9b:b2:a6:7e:86:3f:d2:17:d8:
         55:32:f3:23:ae:87:8f:06:ae:e0:11:ad:10:ea:f1:81:ec:c0:
         07:88:17:f8:75:ca:13:06:c2:38:97:51:b1:77:72:ca:91:90:
         ee:8d:f7:7d:05:5d:ba:2f:13:99:bd:a8:af:9d:2b:34:0a:4c:
         86:b6:95:ea:32:1f:08:4b:8e:19:37:36:4b:4b:f1:e3:c7:77:
         b7:9a:67:c1:8f:fe:b7:ca:69:b1:10:b1:67:cf:cc:18:a1:8b:
         f6:fa:5c:e3:32:62:3e:bd:d4:a8:11:0c:e7:7f:d5:5e:82:a0:
         ad:0e:80:e2:3f:b7:1c:31:c6:05:92:49:d4:39:eb:6d:f2:75:
         94:42:ac:f2:6c:5a:dc:fc:d0:e6:e5:a0:93:d6:af:8b:42:16:
         c2:0c:22:6c:3c:5e:7c:84:08:e2:44:39:9c:ec:5a:78:ff:ec:
         e4:b9:6e:f3:7f:48:76:13:c1:85:62:ee:8e:3b:cf:0a:29:d9:
         a4:61:89:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgJQcYDgP1qlSFu5oWDlaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzk3ZWM2YWNmNGM1MzcwYTUzY2FmODIzOTYzMTZlNTZl
NDg2YzYwHhcNMjUxMTExMDYwMDQzWhcNMjUxMTEyMDYwMDQzWjAzMTEwLwYDVQQD
EyhkY2M5OGQ1NjFkODlhYzNmY2U5ZDc3Y2I3MGU3NWRlZGJkNmE4MTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbVu3UA8IxEQ5sypAAGbSItbJWws
zG3QXF28QlrUOQG5+9LDj9f07mZFLrcbNJ6cHck9r8qV04WcLrh62pp8TzWMsNqz
nEseI77UNr6IzlLWUPU62WUAXSwfJMPHj/jZzI4oCD6PAbmDBA+KhlB8ODZLYeDZ
kCcQiFAF7c7kBjMmw0DifysXxsgqr5nWHdJ0BtQ6kxwx+3MUgvuXK8UJV0+5BvFc
VfiOUaXh7bJFiA6iS2kXYsj/BywiG0jX5mVFH1oTirjItKE1WNePC6LGsC83MEqr
+MIsqmq7NkiunaLuaeWUtQDmp7Z37VgSgSsAG/3B69eusly3tvHJhmzrOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzJjVYdiaw/zp13y3DnXe29aoEsMB8GA1UdIwQY
MBaAFLPJfsas9MU3ClPK+COWMW5W5IbGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhsLXhxejB4VGNLVThyNEk1WXhibGJraHNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83MmYzMjgtY2U1Zi00MDRhLTlkNGMt
ZDNjMTk1OThhMGU2LzEvczhsLXhxejB4VGNLVThyNEk1WXhibGJraHNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83MmYzMjgtY2U1Zi00MDRhLTlkNGMtZDNjMTk1OThhMGU2
LzEvczhsLXhxejB4VGNLVThyNEk1WXhibGJraHNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxi1spB4s
NuN1gE0MD+M5KDfCmA8k0splECrRwRq44ILLyfY44QFvZZdHZH7WIXXk9Q47RytD
/QB8sG91kgjim7KmfoY/0hfYVTLzI66Hjwau4BGtEOrxgezAB4gX+HXKEwbCOJdR
sXdyypGQ7o33fQVdui8Tmb2or50rNApMhraV6jIfCEuOGTc2S0vx48d3t5pnwY/+
t8ppsRCxZ8/MGKGL9vpc4zJiPr3UqBEM53/VXoKgrQ6A4j+3HDHGBZJJ1DnrbfJ1
lEKs8mxa3PzQ5uWgk9avi0IWwgwibDxefIQI4kQ5nOxaeP/s5Llu839IdhPBhWLu
jjvPCinZpGGJHA==
-----END CERTIFICATE-----