Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft
File:                     _VnTVh_4rdtfGww2o90laLdMpRU.mft (raw, json)
Hash identifier:          bl+zAGrpXZAv6CGx/e8NtZqTeOc7LixiYQNTSeqoz5s=
Subject key identifier:   92:27:83:35:48:A1:58:15:2C:62:6B:6E:64:06:CD:FC:24:28:05:61
Authority key identifier: FD:59:D3:56:1F:F8:AD:DB:5F:1B:0C:36:A3:DD:25:68:B7:4C:A5:15
Certificate issuer:       /CN=fd59d3561ff8addb5f1b0c36a3dd2568b74ca515
Certificate serial:       019A725CDED31377212FCD9644DF59FCC910
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_VnTVh_4rdtfGww2o90laLdMpRU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft
Manifest number:          0C02
Signing time:             Tue 11 Nov 2025 10:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:20 +0000
Files and hashes:         1: _VnTVh_4rdtfGww2o90laLdMpRU.crl (hash: QWnNzOmmsFpfc0J0q6tW1xoopYUSmIYiAwSTXiRJwqI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_VnTVh_4rdtfGww2o90laLdMpRU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:de:d3:13:77:21:2f:cd:96:44:df:59:fc:c9:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd59d3561ff8addb5f1b0c36a3dd2568b74ca515
        Validity
            Not Before: Nov 11 10:01:20 2025 GMT
            Not After : Nov 12 10:01:20 2025 GMT
        Subject: CN=9227833548a158152c626b6e6406cdfc24280561
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:48:89:30:ad:0a:27:2e:8c:3c:c6:4a:a3:60:
                    82:02:6a:db:00:e2:db:72:a0:6c:c2:9f:01:5c:b4:
                    87:7d:5c:2f:e2:5d:f0:c8:c7:9e:37:b7:4f:df:83:
                    c8:ce:3d:01:ea:0f:49:47:a0:2f:3d:27:4a:de:ed:
                    70:f1:e9:2a:fd:1a:d3:21:6d:fa:9e:8d:aa:7a:ad:
                    7c:ff:20:04:a2:4b:8c:30:df:cf:54:27:d8:61:ea:
                    de:6c:ca:bf:93:26:6f:d9:ad:d9:d6:b7:57:46:11:
                    c7:4a:8c:9d:6e:dd:d5:87:36:42:5e:d9:8f:bb:66:
                    37:62:01:43:d5:30:99:cc:a5:2e:6c:56:5f:5d:38:
                    4b:3d:e6:14:97:b6:cb:e1:5d:21:b3:2f:a8:0e:a4:
                    f8:fb:4a:bd:af:aa:90:3b:55:bf:e0:59:3b:94:cc:
                    51:19:9a:b6:11:ae:78:fa:fa:9e:51:db:ae:40:8f:
                    5c:22:12:3b:9a:e6:2a:5d:6b:e0:93:f5:09:78:19:
                    a4:cf:4f:44:8f:e5:fd:3e:82:84:a5:e8:22:cc:d5:
                    20:f8:68:f1:79:81:e5:21:6f:bc:51:db:18:48:d4:
                    c9:1a:cb:7f:75:f1:80:bb:f3:bc:da:e1:e2:04:64:
                    6c:cd:8f:89:12:24:ec:98:48:4d:cd:09:92:ce:d5:
                    af:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:27:83:35:48:A1:58:15:2C:62:6B:6E:64:06:CD:FC:24:28:05:61
            X509v3 Authority Key Identifier:
                keyid:FD:59:D3:56:1F:F8:AD:DB:5F:1B:0C:36:A3:DD:25:68:B7:4C:A5:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_VnTVh_4rdtfGww2o90laLdMpRU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:5d:b2:9a:eb:9d:63:29:39:0f:5d:c2:4d:35:cc:a6:c7:11:
         02:6e:18:a9:d2:1b:81:0a:39:81:dc:a7:d8:4e:56:76:31:7f:
         6f:35:31:74:cf:c4:25:f1:f1:b9:55:7f:5a:60:3d:b7:cf:ee:
         b6:53:0b:1e:d5:04:a0:92:19:ec:e5:58:92:c5:43:20:c8:de:
         aa:4a:4e:70:1d:7a:51:f4:5b:8a:82:3f:ce:8b:74:cf:15:55:
         05:3d:ad:f3:87:e7:32:79:29:03:2f:23:31:88:88:e3:4d:55:
         53:2e:a0:3d:20:df:ac:f2:35:b6:49:fb:f3:1e:3b:cd:6b:23:
         ab:2b:79:b0:58:83:a1:e5:b5:92:8d:3e:bf:1d:11:33:3a:36:
         3f:aa:6f:a2:ce:50:29:07:e3:22:88:d0:4f:f8:8a:d1:90:f1:
         03:72:e0:9b:d8:eb:93:a2:48:d7:9b:48:a9:28:70:fd:83:2d:
         8a:f1:22:50:e0:02:01:96:f7:55:ee:73:7a:aa:1f:6c:ba:6d:
         2a:11:91:20:1e:37:86:e6:34:74:3c:20:53:3c:d1:ff:4b:f7:
         e5:6c:5f:3b:84:e6:69:fb:b3:79:3f:26:95:3f:66:13:4e:46:
         88:cc:2a:3b:7d:dc:0e:56:f6:3f:a2:73:fb:b9:1b:23:01:f4:
         7b:31:dc:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXN7TE3chL82WRN9Z/MkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNTlkMzU2MWZmOGFkZGI1ZjFiMGMzNmEzZGQyNTY4Yjc0
Y2E1MTUwHhcNMjUxMTExMTAwMTIwWhcNMjUxMTEyMTAwMTIwWjAzMTEwLwYDVQQD
Eyg5MjI3ODMzNTQ4YTE1ODE1MmM2MjZiNmU2NDA2Y2RmYzI0MjgwNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEiJMK0KJy6MPMZKo2CCAmrbAOLb
cqBswp8BXLSHfVwv4l3wyMeeN7dP34PIzj0B6g9JR6AvPSdK3u1w8ekq/RrTIW36
no2qeq18/yAEokuMMN/PVCfYYerebMq/kyZv2a3Z1rdXRhHHSoydbt3VhzZCXtmP
u2Y3YgFD1TCZzKUubFZfXThLPeYUl7bL4V0hsy+oDqT4+0q9r6qQO1W/4Fk7lMxR
GZq2Ea54+vqeUduuQI9cIhI7muYqXWvgk/UJeBmkz09Ej+X9PoKEpegizNUg+Gjx
eYHlIW+8UdsYSNTJGst/dfGAu/O82uHiBGRszY+JEiTsmEhNzQmSztWv1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIngzVIoVgVLGJrbmQGzfwkKAVhMB8GA1UdIwQY
MBaAFP1Z01Yf+K3bXxsMNqPdJWi3TKUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1ZuVFZoXzRyZHRmR3d3Mm85MGxhTGRNcFJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hZjJiMzYtNmU4Yi00NjAxLWIwNzQt
ZDYxMmEyMWViZWFlLzEvX1ZuVFZoXzRyZHRmR3d3Mm85MGxhTGRNcFJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hZjJiMzYtNmU4Yi00NjAxLWIwNzQtZDYxMmEyMWViZWFl
LzEvX1ZuVFZoXzRyZHRmR3d3Mm85MGxhTGRNcFJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGl2ymuud
Yyk5D13CTTXMpscRAm4YqdIbgQo5gdyn2E5WdjF/bzUxdM/EJfHxuVV/WmA9t8/u
tlMLHtUEoJIZ7OVYksVDIMjeqkpOcB16UfRbioI/zot0zxVVBT2t84fnMnkpAy8j
MYiI401VUy6gPSDfrPI1tkn78x47zWsjqyt5sFiDoeW1ko0+vx0RMzo2P6pvos5Q
KQfjIojQT/iK0ZDxA3Lgm9jrk6JI15tIqShw/YMtivEiUOACAZb3Ve5zeqofbLpt
KhGRIB43huY0dDwgUzzR/0v35WxfO4TmafuzeT8mlT9mE05GiMwqO33cDlb2P6Jz
+7kbIwH0ezHcVg==
-----END CERTIFICATE-----