Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          ZTrioZdmKRC94e8rh+0oeyLoxT1MiI0IpNCZvoEQjhU=
Subject key identifier:   7A:78:3A:E5:26:C2:F5:8E:86:C9:CA:BC:D1:13:E9:5A:17:54:46:4C
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       019A71B8121EE6436F45F647A6052DE13AD9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          08D6
Signing time:             Tue 11 Nov 2025 07:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:19 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: yqEsjuk6VrU88faHtTRu4UbSAG0zSVxiN+wpBuEs/Jo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:12:1e:e6:43:6f:45:f6:47:a6:05:2d:e1:3a:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Nov 11 07:01:19 2025 GMT
            Not After : Nov 12 07:01:19 2025 GMT
        Subject: CN=7a783ae526c2f58e86c9cabcd113e95a1754464c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:a4:b5:c0:48:bb:7e:8b:42:23:11:43:95:1d:
                    a4:48:50:2c:75:1c:94:66:26:e6:07:1a:61:75:6a:
                    c9:09:a1:df:0b:1b:99:18:01:90:47:76:0d:49:d2:
                    28:cb:25:fe:f2:6e:30:29:7f:e9:94:a7:35:39:36:
                    0c:9d:ef:59:d6:24:6f:de:47:15:91:9d:30:b1:99:
                    b3:c0:6a:30:3e:77:1b:80:b5:69:f8:10:4d:43:3f:
                    9c:ba:0b:5c:ba:7c:e3:da:b4:2e:dd:f1:0b:bf:b6:
                    7a:b4:46:d1:bb:e1:a4:2f:b5:04:8e:ac:d9:e9:b4:
                    97:c9:c1:86:d0:1e:ef:82:98:fe:9c:e2:87:c1:72:
                    1b:e9:b1:11:31:a7:c2:df:a7:60:f9:48:16:c2:86:
                    ae:66:83:4f:7a:7a:6c:ca:51:93:f5:98:e1:62:2c:
                    09:1d:7e:7d:07:3e:36:57:d8:49:f0:30:9c:be:76:
                    9b:58:6e:8f:d3:67:fd:27:cc:c3:63:f1:fe:85:e1:
                    56:4b:a8:00:c8:70:32:2c:e2:2c:ec:65:80:f4:0f:
                    a6:29:28:e0:64:72:b5:eb:a4:05:0a:6d:18:2c:be:
                    35:58:6d:66:b4:7d:36:39:89:ec:0e:45:30:27:95:
                    26:5c:37:95:41:66:b4:76:5c:2f:6a:01:83:77:cc:
                    26:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:78:3A:E5:26:C2:F5:8E:86:C9:CA:BC:D1:13:E9:5A:17:54:46:4C
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:18:8e:a2:cb:7a:ce:5c:d2:37:2a:8c:17:dc:68:54:86:c6:
         33:f2:6a:80:32:ae:5d:19:00:54:3a:a4:ff:87:08:81:36:b4:
         e8:0a:b6:4f:9e:02:d1:fb:d7:9b:28:cf:1b:7d:fa:8a:67:0e:
         cc:15:b4:de:68:22:e8:96:ad:d9:bd:b6:31:c2:a2:f0:e7:b3:
         67:f3:5c:be:7f:01:74:30:ad:d1:91:a2:31:5e:e2:4c:31:5b:
         b4:5f:3a:c2:77:d1:14:c2:8f:12:24:bc:0d:db:82:8d:56:f9:
         a9:77:2e:3d:8c:08:24:3f:cb:e7:2e:77:d1:55:40:48:33:2d:
         37:0c:44:ec:a6:fd:39:db:6c:89:7e:6c:33:12:de:e2:14:52:
         08:c7:ec:a8:a0:cb:2e:06:21:97:15:5c:2f:1e:ec:b7:64:06:
         cb:91:b0:54:6d:05:5c:59:be:fb:90:5e:7a:a0:a5:71:ab:5c:
         3d:25:67:18:78:d6:4d:e2:05:84:c8:75:be:7f:50:f8:ca:39:
         1b:f1:b2:ac:89:f2:af:fa:e4:66:ec:71:58:bf:a1:79:0a:8a:
         d4:a7:46:3e:8c:2e:a1:6f:e1:4d:b1:42:d8:6a:81:aa:90:96:
         b9:39:4d:c8:be:7c:7a:df:fc:6f:6e:ab:f6:1f:b4:ec:d6:10:
         9d:de:b0:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBIe5kNvRfZHpgUt4TrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjUxMTExMDcwMTE5WhcNMjUxMTEyMDcwMTE5WjAzMTEwLwYDVQQD
Eyg3YTc4M2FlNTI2YzJmNThlODZjOWNhYmNkMTEzZTk1YTE3NTQ0NjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaS1wEi7fotCIxFDlR2kSFAsdRyU
ZibmBxphdWrJCaHfCxuZGAGQR3YNSdIoyyX+8m4wKX/plKc1OTYMne9Z1iRv3kcV
kZ0wsZmzwGowPncbgLVp+BBNQz+cugtcunzj2rQu3fELv7Z6tEbRu+GkL7UEjqzZ
6bSXycGG0B7vgpj+nOKHwXIb6bERMafC36dg+UgWwoauZoNPenpsylGT9ZjhYiwJ
HX59Bz42V9hJ8DCcvnabWG6P02f9J8zDY/H+heFWS6gAyHAyLOIs7GWA9A+mKSjg
ZHK166QFCm0YLL41WG1mtH02OYnsDkUwJ5UmXDeVQWa0dlwvagGDd8wm7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHp4OuUmwvWOhsnKvNET6VoXVEZMMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPRiOost6
zlzSNyqMF9xoVIbGM/JqgDKuXRkAVDqk/4cIgTa06Aq2T54C0fvXmyjPG336imcO
zBW03mgi6Jat2b22McKi8OezZ/Ncvn8BdDCt0ZGiMV7iTDFbtF86wnfRFMKPEiS8
DduCjVb5qXcuPYwIJD/L5y530VVASDMtNwxE7Kb9OdtsiX5sMxLe4hRSCMfsqKDL
LgYhlxVcLx7st2QGy5GwVG0FXFm++5BeeqClcatcPSVnGHjWTeIFhMh1vn9Q+Mo5
G/GyrInyr/rkZuxxWL+heQqK1KdGPowuoW/hTbFC2GqBqpCWuTlNyL58et/8b26r
9h+07NYQnd6w/A==
-----END CERTIFICATE-----