Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
File:                     IIP4tbYgnefJQAjzM3vjQ2866-Y.mft (raw, json)
Hash identifier:          VjW59lEmdZ7Z2tkG/Ce/Tz/cBOm/G9DvHskya5QaclE=
Subject key identifier:   DF:BA:FE:75:1E:68:AC:FB:51:2C:E0:73:DB:A1:43:02:52:E4:BD:40
Authority key identifier: 20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6
Certificate issuer:       /CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
Certificate serial:       019A70DC782B9488EF5301B2586DECC3AC4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
Manifest number:          0773
Signing time:             Tue 11 Nov 2025 03:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:28 +0000
Files and hashes:         1: IIP4tbYgnefJQAjzM3vjQ2866-Y.crl (hash: I7X0jusWXErsjBU0wlvyRLBmObIDn2vsF48plMuMl8k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:78:2b:94:88:ef:53:01:b2:58:6d:ec:c3:ac:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
        Validity
            Not Before: Nov 11 03:01:28 2025 GMT
            Not After : Nov 12 03:01:28 2025 GMT
        Subject: CN=dfbafe751e68acfb512ce073dba1430252e4bd40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:35:92:60:97:98:41:41:4a:78:af:dd:79:e3:
                    13:72:4f:4c:93:9d:a6:89:58:65:62:7a:98:38:2c:
                    1e:93:25:a9:08:91:70:f1:29:65:3c:91:fe:19:d4:
                    37:dc:33:0a:32:57:6c:39:27:fc:16:e0:24:79:5b:
                    d6:e8:df:e8:94:12:42:ce:10:3e:aa:13:b6:6e:16:
                    bb:a0:74:2b:e5:e1:e9:d9:eb:3a:eb:5f:0e:e9:84:
                    f6:8c:ff:2d:00:1b:5e:4a:1f:eb:ef:89:3e:3d:0e:
                    50:ea:55:4a:6e:a4:6e:8c:d4:03:c1:33:f3:67:60:
                    f0:ed:cb:e4:12:a8:e3:7e:c7:d4:3a:1e:49:a6:39:
                    69:6b:68:c4:a2:3d:9c:63:62:27:71:09:f1:07:10:
                    f9:e2:8f:b0:f4:0f:dc:49:3c:50:37:77:4c:7b:ed:
                    2e:0c:64:be:86:d2:63:1f:33:03:c3:35:c4:4d:2e:
                    70:db:33:b7:75:de:32:eb:c1:ba:b4:6b:52:7e:90:
                    ee:92:76:cd:3e:a6:b2:f9:be:84:44:6b:c6:35:cd:
                    83:be:42:f4:1b:3f:0b:35:b8:09:f9:78:c6:1d:c4:
                    a6:1c:33:32:7f:16:ea:5e:b0:21:f3:77:2a:c5:19:
                    ad:cb:d4:80:fd:36:8b:dd:34:13:53:c9:17:3e:db:
                    1e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:BA:FE:75:1E:68:AC:FB:51:2C:E0:73:DB:A1:43:02:52:E4:BD:40
            X509v3 Authority Key Identifier:
                keyid:20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:c9:62:e5:17:b7:df:7f:f2:52:28:f3:21:1a:b1:e5:b2:f6:
         26:26:47:1f:06:9d:e6:97:7d:ad:b9:89:04:0c:9f:da:82:08:
         00:91:0f:a9:0d:07:02:c2:36:86:a9:a2:a9:18:13:25:9a:7c:
         40:34:84:2b:64:bc:5b:f3:d9:54:1e:1d:82:6b:a8:01:21:5b:
         48:a8:1c:79:28:09:1b:4a:9a:7d:3c:32:b9:02:6d:02:01:76:
         a3:86:68:21:23:56:e5:cb:fa:cd:46:01:a3:17:93:bf:ed:ab:
         c1:cd:34:af:2b:11:b2:62:8c:1d:86:78:6d:11:76:a9:44:68:
         78:de:7c:72:d0:fe:03:0d:e3:68:64:82:f8:74:1c:41:07:20:
         59:c2:a2:23:90:50:89:9b:71:1a:e9:d7:41:a1:d1:ae:b8:f5:
         ce:3f:0a:b8:90:d3:d7:0e:b5:40:2e:33:1d:e1:66:23:31:60:
         b2:f7:19:4c:bd:da:68:2a:be:a4:8d:3f:f0:46:d6:49:f0:02:
         83:0c:8a:49:59:a3:73:b0:c7:fb:ca:66:fe:b3:70:e6:36:ee:
         d3:a6:98:cd:61:8b:9a:7e:95:2e:be:76:fc:b0:6a:ca:a8:c6:
         4f:d5:35:49:ad:4d:af:d6:b9:b4:e5:79:d3:81:0e:f1:d1:36:
         b0:0b:93:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3HgrlIjvUwGyWG3sw6xPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwODNmOGI1YjYyMDlkZTdjOTQwMDhmMzMzN2JlMzQzNmYz
YWViZTYwHhcNMjUxMTExMDMwMTI4WhcNMjUxMTEyMDMwMTI4WjAzMTEwLwYDVQQD
EyhkZmJhZmU3NTFlNjhhY2ZiNTEyY2UwNzNkYmExNDMwMjUyZTRiZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzWSYJeYQUFKeK/deeMTck9Mk52m
iVhlYnqYOCwekyWpCJFw8SllPJH+GdQ33DMKMldsOSf8FuAkeVvW6N/olBJCzhA+
qhO2bha7oHQr5eHp2es6618O6YT2jP8tABteSh/r74k+PQ5Q6lVKbqRujNQDwTPz
Z2Dw7cvkEqjjfsfUOh5Jpjlpa2jEoj2cY2IncQnxBxD54o+w9A/cSTxQN3dMe+0u
DGS+htJjHzMDwzXETS5w2zO3dd4y68G6tGtSfpDuknbNPqay+b6ERGvGNc2DvkL0
Gz8LNbgJ+XjGHcSmHDMyfxbqXrAh83cqxRmty9SA/TaL3TQTU8kXPtseRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+6/nUeaKz7USzgc9uhQwJS5L1AMB8GA1UdIwQY
MBaAFCCD+LW2IJ3nyUAI8zN740NvOuvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAt
YWNiZWYwMThkMDNhLzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAtYWNiZWYwMThkMDNh
LzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATsli5Re3
33/yUijzIRqx5bL2JiZHHwad5pd9rbmJBAyf2oIIAJEPqQ0HAsI2hqmiqRgTJZp8
QDSEK2S8W/PZVB4dgmuoASFbSKgceSgJG0qafTwyuQJtAgF2o4ZoISNW5cv6zUYB
oxeTv+2rwc00rysRsmKMHYZ4bRF2qURoeN58ctD+Aw3jaGSC+HQcQQcgWcKiI5BQ
iZtxGunXQaHRrrj1zj8KuJDT1w61QC4zHeFmIzFgsvcZTL3aaCq+pI0/8EbWSfAC
gwyKSVmjc7DH+8pm/rNw5jbu06aYzWGLmn6VLr52/LBqyqjGT9U1Sa1Nr9a5tOV5
04EO8dE2sAuTxg==
-----END CERTIFICATE-----