Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          N47RmyBwRmHYnS9keB95VlTsonnbxdoi32tHtuakNYg=
Subject key identifier:   E3:7B:04:2D:03:30:23:84:54:04:43:72:F8:4F:FD:62:3A:5C:DB:5D
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019A711324C89D05F44D96E487E20F892185
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          1050
Signing time:             Tue 11 Nov 2025 04:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:11 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: W9NL4espGqQoUX7JKGUmmEH+x5S+MUzFRU2jtSX4r6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:24:c8:9d:05:f4:4d:96:e4:87:e2:0f:89:21:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Nov 11 04:01:11 2025 GMT
            Not After : Nov 12 04:01:11 2025 GMT
        Subject: CN=e37b042d0330238454044372f84ffd623a5cdb5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d4:7f:0f:ab:e9:6e:03:63:11:39:5d:3a:4e:
                    75:d3:5c:07:d1:d7:ef:0f:4d:9e:d3:f3:39:6e:2a:
                    90:d2:4d:77:5b:51:ad:26:9c:07:93:6f:65:de:2f:
                    3a:76:7f:05:15:8a:cd:53:7a:8a:00:26:65:62:69:
                    16:53:dd:23:d9:7e:5a:11:29:03:8a:fc:62:dc:fc:
                    6a:e9:82:74:1d:35:69:72:3c:9e:a8:3e:82:3b:ac:
                    b0:57:bd:a0:51:b8:5b:b5:50:4f:aa:d0:cf:84:53:
                    e1:0b:97:16:0f:e8:49:bd:18:b5:6a:d2:bf:22:f6:
                    b3:e6:01:2e:46:8d:50:61:f6:8d:eb:6f:be:14:b2:
                    bb:dd:85:41:cf:85:4f:f0:5e:95:70:30:70:d2:aa:
                    5a:c8:93:31:35:68:fd:f9:88:24:58:87:31:1f:53:
                    9d:01:06:de:38:19:d6:9d:87:bb:af:fa:73:70:bf:
                    3b:be:ac:03:55:61:6a:26:0e:45:b2:18:74:63:41:
                    db:66:d7:de:17:f3:11:1b:49:f0:42:7d:7b:d8:d1:
                    b5:e7:c5:1e:03:8c:a1:5d:ef:29:93:01:40:7e:a0:
                    3b:fc:80:ae:58:18:73:51:4c:3a:b2:c4:2e:29:24:
                    c8:0d:54:30:89:5d:fe:83:ff:a9:5c:5c:a4:e3:83:
                    66:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:7B:04:2D:03:30:23:84:54:04:43:72:F8:4F:FD:62:3A:5C:DB:5D
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:16:94:cc:e9:82:07:38:f9:e5:e5:19:55:38:e9:6a:05:5d:
         b3:4d:c0:d2:cd:dd:8e:0d:3d:4a:43:93:b0:72:fe:55:2f:6e:
         6d:e3:c5:9e:a4:7c:7e:e8:4d:aa:cb:ca:0e:9a:5f:f0:8e:73:
         79:02:a6:94:95:fd:8b:41:83:88:50:67:36:d3:b9:64:29:ce:
         b7:43:ba:37:a6:9b:b5:34:60:a3:99:13:5c:26:d6:23:cb:55:
         03:05:e0:db:c2:79:f5:67:9b:97:1f:de:40:8c:99:a2:7d:f7:
         b1:09:1f:9a:81:38:5f:ef:2d:7c:0a:ea:d2:c8:a1:45:78:36:
         ae:3f:e7:86:ad:89:b5:e9:25:6e:db:50:34:e6:2a:b0:a8:74:
         57:51:da:2c:a5:e5:f7:34:6e:70:0d:a2:2c:97:e4:36:c3:59:
         02:17:a0:de:82:78:d1:13:c7:ea:17:ac:69:52:53:22:c1:70:
         55:32:80:f8:45:e0:6e:e5:db:ef:f7:ab:e0:0f:be:a0:c2:1a:
         67:d6:a7:4c:e7:93:b0:52:f7:83:30:ad:e8:1d:87:46:44:9a:
         2f:34:2c:1c:d8:b2:5a:a1:49:5c:e8:26:4b:2c:b4:1a:cf:6d:
         f0:83:18:4d:2f:cf:c4:bd:2a:66:64:d9:30:03:75:10:b0:41:
         3d:bf:92:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEyTInQX0TZbkh+IPiSGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjUxMTExMDQwMTExWhcNMjUxMTEyMDQwMTExWjAzMTEwLwYDVQQD
EyhlMzdiMDQyZDAzMzAyMzg0NTQwNDQzNzJmODRmZmQ2MjNhNWNkYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9R/D6vpbgNjETldOk5101wH0dfv
D02e0/M5biqQ0k13W1GtJpwHk29l3i86dn8FFYrNU3qKACZlYmkWU90j2X5aESkD
ivxi3Pxq6YJ0HTVpcjyeqD6CO6ywV72gUbhbtVBPqtDPhFPhC5cWD+hJvRi1atK/
Ivaz5gEuRo1QYfaN62++FLK73YVBz4VP8F6VcDBw0qpayJMxNWj9+YgkWIcxH1Od
AQbeOBnWnYe7r/pzcL87vqwDVWFqJg5Fshh0Y0HbZtfeF/MRG0nwQn172NG158Ue
A4yhXe8pkwFAfqA7/ICuWBhzUUw6ssQuKSTIDVQwiV3+g/+pXFyk44NmbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFON7BC0DMCOEVARDcvhP/WI6XNtdMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqxaUzOmC
Bzj55eUZVTjpagVds03A0s3djg09SkOTsHL+VS9ubePFnqR8fuhNqsvKDppf8I5z
eQKmlJX9i0GDiFBnNtO5ZCnOt0O6N6abtTRgo5kTXCbWI8tVAwXg28J59Weblx/e
QIyZon33sQkfmoE4X+8tfArq0sihRXg2rj/nhq2JteklbttQNOYqsKh0V1HaLKXl
9zRucA2iLJfkNsNZAheg3oJ40RPH6hesaVJTIsFwVTKA+EXgbuXb7/er4A++oMIa
Z9anTOeTsFL3gzCt6B2HRkSaLzQsHNiyWqFJXOgmSyy0Gs9t8IMYTS/PxL0qZmTZ
MAN1ELBBPb+Sxw==
-----END CERTIFICATE-----