Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
File:                     A2x42XMHxhcQhWc4FBzAvTlczJ4.mft (raw, json)
Hash identifier:          yVQDJ2gxqgxRqPXtgsYXQrti43hstOqU9bw5nZy6GWU=
Subject key identifier:   4F:EA:FA:84:04:99:4D:E0:DE:9D:65:F4:A9:83:B9:DC:A0:A3:4C:B8
Authority key identifier: 03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E
Certificate issuer:       /CN=036c78d97307c61710856738141cc0bd395ccc9e
Certificate serial:       019A70DC0F461F13D668EBA2207CD110BAF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
Manifest number:          01AD
Signing time:             Tue 11 Nov 2025 03:01:01 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:01 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:01 +0000
Files and hashes:         1: A2x42XMHxhcQhWc4FBzAvTlczJ4.crl (hash: dMTBPxfrAgYoLzjouL/zmwwyanYZJNyHjlqYFOVJN4Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:0f:46:1f:13:d6:68:eb:a2:20:7c:d1:10:ba:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036c78d97307c61710856738141cc0bd395ccc9e
        Validity
            Not Before: Nov 11 03:01:01 2025 GMT
            Not After : Nov 12 03:01:01 2025 GMT
        Subject: CN=4feafa8404994de0de9d65f4a983b9dca0a34cb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d9:84:5f:a2:99:10:73:db:a5:41:5b:bb:e9:
                    75:54:cd:83:52:c7:f0:e3:a5:6e:9b:a7:f4:b1:24:
                    8b:61:13:ae:56:0e:ae:8d:80:fc:9e:47:cb:72:7b:
                    05:9d:19:57:e4:bc:54:16:6a:3b:32:d1:71:45:2f:
                    27:ff:d5:46:d7:09:0c:a1:ce:55:59:4a:e2:22:7b:
                    d1:d2:5a:7f:b5:8b:fb:cf:c4:c8:8a:0c:ab:ec:5e:
                    a2:52:87:58:a9:36:1f:a5:84:66:c9:24:ec:a7:a4:
                    be:c1:84:3e:a0:e9:98:c0:f5:02:ab:2c:f0:76:38:
                    0e:07:4b:c0:24:c4:86:eb:7b:7d:c3:2f:02:41:7b:
                    09:79:12:08:cb:61:08:ec:95:91:6c:1f:b5:25:fd:
                    8f:ca:1d:5d:1e:41:4f:a5:1d:52:84:0b:d7:5e:cf:
                    6b:24:fa:0c:31:fa:89:ba:da:a0:c1:b3:0f:21:b0:
                    cd:30:d7:ca:b9:e4:d0:f2:43:ae:a9:76:c2:cb:2b:
                    ac:77:88:c2:6d:1a:77:0a:a5:89:3b:9c:e2:f9:63:
                    90:24:37:d6:3c:0d:8d:4d:11:97:df:6f:21:80:db:
                    32:47:5e:53:c1:b5:75:59:c2:e9:42:2b:09:d6:16:
                    6e:65:85:08:38:e5:84:f4:08:37:5c:0c:fe:3d:3c:
                    fc:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:EA:FA:84:04:99:4D:E0:DE:9D:65:F4:A9:83:B9:DC:A0:A3:4C:B8
            X509v3 Authority Key Identifier:
                keyid:03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:0c:ad:78:a6:9f:28:cd:0d:66:c2:c9:ed:71:25:27:2d:f1:
         4b:ec:da:a3:eb:60:49:69:e3:8d:de:c6:ac:7c:b5:42:97:f7:
         72:13:0a:61:83:38:7f:3b:93:9e:aa:17:7d:82:e8:18:68:4e:
         d8:95:b7:ac:58:f8:61:ad:8b:56:2f:3a:d8:ad:f7:9a:e3:18:
         51:55:f5:68:fa:36:47:96:d7:de:cb:75:4a:2c:03:2c:e9:ca:
         88:0c:1c:91:30:d9:4e:d7:33:7b:8a:27:3f:a8:cb:e2:0f:1f:
         ef:22:f9:2a:3c:35:a3:4e:35:52:a5:69:93:95:30:9b:08:3b:
         90:71:e1:57:e2:df:f3:36:e0:28:c5:a2:62:27:41:00:aa:30:
         cb:bb:5f:a3:e4:83:ce:6e:cd:3a:0c:9b:3c:bd:b5:e3:a7:f0:
         3b:c5:cf:42:d6:b4:09:0d:a8:e5:7d:f0:b4:bd:a3:92:2a:c2:
         ba:0e:b4:c3:c1:85:9b:1b:2e:17:fa:81:39:50:db:af:09:df:
         1f:70:4a:65:d4:28:53:e1:37:22:66:fd:55:e0:aa:65:5e:a0:
         d6:c8:fa:c8:ed:86:d3:be:db:84:bd:1d:50:f6:96:7f:6a:19:
         03:cb:4f:ed:b8:24:e7:db:eb:7f:fa:29:7c:c3:25:89:90:d1:
         bf:47:9b:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3A9GHxPWaOuiIHzRELrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNmM3OGQ5NzMwN2M2MTcxMDg1NjczODE0MWNjMGJkMzk1
Y2NjOWUwHhcNMjUxMTExMDMwMTAxWhcNMjUxMTEyMDMwMTAxWjAzMTEwLwYDVQQD
Eyg0ZmVhZmE4NDA0OTk0ZGUwZGU5ZDY1ZjRhOTgzYjlkY2EwYTM0Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdmEX6KZEHPbpUFbu+l1VM2DUsfw
46Vum6f0sSSLYROuVg6ujYD8nkfLcnsFnRlX5LxUFmo7MtFxRS8n/9VG1wkMoc5V
WUriInvR0lp/tYv7z8TIigyr7F6iUodYqTYfpYRmySTsp6S+wYQ+oOmYwPUCqyzw
djgOB0vAJMSG63t9wy8CQXsJeRIIy2EI7JWRbB+1Jf2Pyh1dHkFPpR1ShAvXXs9r
JPoMMfqJutqgwbMPIbDNMNfKueTQ8kOuqXbCyyusd4jCbRp3CqWJO5zi+WOQJDfW
PA2NTRGX328hgNsyR15TwbV1WcLpQisJ1hZuZYUIOOWE9Ag3XAz+PTz8VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/q+oQEmU3g3p1l9KmDudygo0y4MB8GA1UdIwQY
MBaAFANseNlzB8YXEIVnOBQcwL05XMyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzkt
ZTA3NTVmMDg5YzFhLzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzktZTA3NTVmMDg5YzFh
LzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPQyteKaf
KM0NZsLJ7XElJy3xS+zao+tgSWnjjd7GrHy1Qpf3chMKYYM4fzuTnqoXfYLoGGhO
2JW3rFj4Ya2LVi862K33muMYUVX1aPo2R5bX3st1SiwDLOnKiAwckTDZTtcze4on
P6jL4g8f7yL5Kjw1o041UqVpk5Uwmwg7kHHhV+Lf8zbgKMWiYidBAKowy7tfo+SD
zm7NOgybPL2146fwO8XPQta0CQ2o5X3wtL2jkirCug60w8GFmxsuF/qBOVDbrwnf
H3BKZdQoU+E3Imb9VeCqZV6g1sj6yO2G077bhL0dUPaWf2oZA8tP7bgk59vrf/op
fMMliZDRv0eb/Q==
-----END CERTIFICATE-----