Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
File:                     9kixVYLTS9UXCp3RO4EyW6uuXjo.mft (raw, json)
Hash identifier:          U3ESUZowva0o7+6/kqJXFhM6sG5W7T8tnZmjPOunWBA=
Subject key identifier:   0F:A6:BB:CD:FA:80:67:01:FA:F1:6E:FD:EC:AB:A9:27:82:A9:80:E0
Authority key identifier: F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A
Certificate issuer:       /CN=f648b15582d34bd5170a9dd13b81325babae5e3a
Certificate serial:       019A7301B528A83293B91EDC1E24FB416AF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
Manifest number:          1720
Signing time:             Tue 11 Nov 2025 13:01:22 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:22 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:22 +0000
Files and hashes:         1: 9kixVYLTS9UXCp3RO4EyW6uuXjo.crl (hash: 7DCOVWeNaX8EVpcDjUA0I8d0hknHZzBM6e7+X2Trm98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:b5:28:a8:32:93:b9:1e:dc:1e:24:fb:41:6a:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f648b15582d34bd5170a9dd13b81325babae5e3a
        Validity
            Not Before: Nov 11 13:01:22 2025 GMT
            Not After : Nov 12 13:01:22 2025 GMT
        Subject: CN=0fa6bbcdfa806701faf16efdecaba92782a980e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:dc:79:e4:38:f3:86:47:6a:39:5d:d5:51:dc:
                    d2:6d:0f:ea:a6:7e:03:7e:54:22:f0:d6:39:eb:2c:
                    10:ca:fb:34:89:53:3e:70:3a:51:1b:5d:e2:c1:a2:
                    5a:57:1c:fc:08:72:64:62:08:bd:05:3e:1b:33:58:
                    a7:19:0e:8b:96:ac:60:70:83:7f:95:b8:18:f2:0c:
                    68:c2:ff:75:83:25:03:a8:3d:18:5a:0f:85:40:7b:
                    7b:dc:e2:8e:44:b6:15:22:56:85:ee:bd:6f:4f:54:
                    13:1e:1a:90:93:8c:b6:97:63:82:ac:d5:1c:b9:02:
                    30:e1:10:6f:5c:eb:86:91:ca:2f:80:c9:12:c7:9b:
                    b7:67:fa:91:ef:18:c1:40:41:e9:9b:6c:2f:e7:74:
                    6f:f1:c0:56:35:4d:ca:d6:7a:14:f5:84:8e:7f:23:
                    68:01:a5:37:8e:31:f0:b1:7d:71:23:61:72:1d:c2:
                    d7:f7:35:36:60:4c:40:c8:8a:00:4a:f7:e4:62:fe:
                    88:a5:95:73:5f:8f:67:e7:b3:43:f7:90:c6:a8:f3:
                    58:72:62:87:f1:98:e8:7d:80:d6:5e:70:45:96:b3:
                    e3:61:68:b8:53:c7:88:6b:00:38:f8:5a:3f:a9:5a:
                    f2:58:08:31:3f:4b:18:10:d8:c3:97:f8:2f:c3:a3:
                    eb:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:A6:BB:CD:FA:80:67:01:FA:F1:6E:FD:EC:AB:A9:27:82:A9:80:E0
            X509v3 Authority Key Identifier:
                keyid:F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:10:6f:a8:46:7c:a2:71:c8:3f:36:63:23:2f:23:bc:93:6c:
         e8:a8:8d:6b:9b:f7:71:43:74:29:54:82:ab:7e:86:d3:f4:71:
         fe:98:89:d1:9d:0e:11:e1:83:2d:08:9d:6b:ab:33:4e:85:9c:
         f7:06:47:9e:fa:a6:b5:09:a4:0d:c0:08:e2:2d:83:c6:3f:60:
         8e:79:a6:4f:9b:52:65:04:d4:e3:d9:ad:94:d9:5d:61:7e:c6:
         cd:fc:f4:66:76:02:39:5a:90:12:c2:f9:e9:dd:35:c7:43:8e:
         75:53:cd:2f:7d:d0:de:86:70:8c:17:9d:a1:48:95:56:ae:6c:
         67:a9:eb:56:d8:dc:f8:69:1b:89:01:0c:31:13:5a:d5:57:e4:
         59:fc:5e:9e:36:72:20:b4:4a:10:67:95:2e:fd:78:71:0b:bc:
         03:a9:75:03:95:90:04:79:00:b2:2c:5f:dc:5f:b1:aa:4d:1a:
         89:c6:68:7c:8a:47:9a:6b:b7:67:f5:b4:c6:7a:ed:fe:90:e0:
         e9:92:52:36:f3:2f:b4:05:8a:58:22:9d:fb:2d:22:78:db:fe:
         d6:1e:01:08:ac:1e:5f:a5:1f:7a:d6:b1:64:1a:57:34:b5:aa:
         61:00:79:01:5d:20:3a:ad:28:f8:97:d1:04:5c:2e:05:02:13:
         7e:6b:e9:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAbUoqDKTuR7cHiT7QWr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDhiMTU1ODJkMzRiZDUxNzBhOWRkMTNiODEzMjViYWJh
ZTVlM2EwHhcNMjUxMTExMTMwMTIyWhcNMjUxMTEyMTMwMTIyWjAzMTEwLwYDVQQD
EygwZmE2YmJjZGZhODA2NzAxZmFmMTZlZmRlY2FiYTkyNzgyYTk4MGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19x55DjzhkdqOV3VUdzSbQ/qpn4D
flQi8NY56ywQyvs0iVM+cDpRG13iwaJaVxz8CHJkYgi9BT4bM1inGQ6LlqxgcIN/
lbgY8gxowv91gyUDqD0YWg+FQHt73OKORLYVIlaF7r1vT1QTHhqQk4y2l2OCrNUc
uQIw4RBvXOuGkcovgMkSx5u3Z/qR7xjBQEHpm2wv53Rv8cBWNU3K1noU9YSOfyNo
AaU3jjHwsX1xI2FyHcLX9zU2YExAyIoASvfkYv6IpZVzX49n57ND95DGqPNYcmKH
8ZjofYDWXnBFlrPjYWi4U8eIawA4+Fo/qVryWAgxP0sYENjDl/gvw6PrXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+mu836gGcB+vFu/eyrqSeCqYDgMB8GA1UdIwQY
MBaAFPZIsVWC00vVFwqd0TuBMlurrl46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzct
NjI3OTliOTAyMzFiLzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzctNjI3OTliOTAyMzFi
LzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZRBvqEZ8
onHIPzZjIy8jvJNs6KiNa5v3cUN0KVSCq36G0/Rx/piJ0Z0OEeGDLQida6szToWc
9wZHnvqmtQmkDcAI4i2Dxj9gjnmmT5tSZQTU49mtlNldYX7Gzfz0ZnYCOVqQEsL5
6d01x0OOdVPNL33Q3oZwjBedoUiVVq5sZ6nrVtjc+GkbiQEMMRNa1VfkWfxenjZy
ILRKEGeVLv14cQu8A6l1A5WQBHkAsixf3F+xqk0aicZofIpHmmu3Z/W0xnrt/pDg
6ZJSNvMvtAWKWCKd+y0ieNv+1h4BCKweX6UfetaxZBpXNLWqYQB5AV0gOq0o+JfR
BFwuBQITfmvp4w==
-----END CERTIFICATE-----