Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
File:                     q7lESdTSRidxdzvAimJFB9pRKw0.mft (raw, json)
Hash identifier:          WbfAs1HYkiAfpVhBrVlyEPW4mw/TlTa/z1WypJ+a+m4=
Subject key identifier:   95:79:70:02:0D:C8:94:75:0F:C2:2D:32:5A:80:74:EF:0F:52:04:6E
Authority key identifier: AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D
Certificate issuer:       /CN=abb94449d4d2462771773bc08a624507da512b0d
Certificate serial:       019A7293B49497B904D6C0F070AADFD16769
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
Manifest number:          0804
Signing time:             Tue 11 Nov 2025 11:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:13 +0000
Files and hashes:         1: q7lESdTSRidxdzvAimJFB9pRKw0.crl (hash: 0eQyYaQk8JhV4d/u+gjazqrTuWyuyLlUxz4gE8q2Mo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:b4:94:97:b9:04:d6:c0:f0:70:aa:df:d1:67:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abb94449d4d2462771773bc08a624507da512b0d
        Validity
            Not Before: Nov 11 11:01:13 2025 GMT
            Not After : Nov 12 11:01:13 2025 GMT
        Subject: CN=957970020dc894750fc22d325a8074ef0f52046e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:65:8f:a3:20:6c:b6:df:be:0c:15:2b:f2:e8:
                    df:0a:c7:66:ad:18:cb:c1:b8:94:a2:e1:7f:2b:85:
                    0e:47:65:34:c8:a6:31:99:d8:83:66:22:18:c0:b4:
                    3b:8e:0e:a3:23:a8:24:3d:55:82:27:b2:e1:1f:aa:
                    be:99:7d:8b:94:ed:66:02:6b:28:9c:cf:d2:02:6d:
                    b8:51:ed:f1:62:cc:6e:c8:82:1c:d8:14:d8:9c:f1:
                    c5:e3:f3:b2:1e:df:bd:1a:df:f8:44:bf:8a:86:63:
                    b0:e4:84:70:35:d8:77:2e:fa:be:b3:c7:68:96:7f:
                    29:be:24:c1:ba:3a:31:24:98:ea:44:d2:2c:6a:a8:
                    6f:d2:3f:b3:b0:fe:bb:e6:24:74:bc:e4:7b:b1:5e:
                    da:1a:a3:9e:f1:bc:43:7e:6b:c3:d0:dd:31:18:a2:
                    a4:b1:40:1e:03:e0:30:94:31:b0:12:7d:f1:51:28:
                    7b:3b:fc:5b:b9:0d:84:27:97:77:0b:f3:90:d6:b5:
                    85:ae:7c:a8:8c:be:85:60:2a:50:9a:98:57:9a:d3:
                    6d:2b:67:5c:4b:33:72:27:ec:43:2b:61:68:e5:cf:
                    e5:7e:e0:ac:f1:24:77:ff:bb:2e:ff:71:30:ad:87:
                    46:e9:6e:b1:3b:a8:b0:bb:20:c1:8a:a7:0b:b2:6c:
                    9b:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:79:70:02:0D:C8:94:75:0F:C2:2D:32:5A:80:74:EF:0F:52:04:6E
            X509v3 Authority Key Identifier:
                keyid:AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:dc:ce:4f:9d:ed:77:fb:cf:dc:8c:fb:e1:51:b9:70:59:88:
         b3:e6:12:52:10:29:cf:10:6b:b1:23:90:c5:53:78:eb:d3:de:
         2a:17:30:e6:a5:61:f4:59:99:af:f1:88:ec:50:e7:93:b2:26:
         77:e3:b4:4e:b7:2d:a2:58:cc:64:e6:47:33:92:9a:21:43:d5:
         3b:50:c3:b6:78:6a:10:c6:42:32:ca:9b:92:bd:32:c6:ca:07:
         08:07:f6:a2:08:84:e1:ad:fc:ee:ae:d1:76:08:08:f6:d1:4d:
         8e:ea:38:e3:ba:2d:da:aa:b6:af:cb:8b:3f:ed:55:30:e5:34:
         1b:e9:aa:36:11:e4:76:63:39:42:51:ec:a5:e0:c7:2c:15:8c:
         6e:27:d2:48:22:0d:8e:d2:ee:86:d6:0d:5c:0f:b4:18:eb:62:
         73:d3:e5:ba:75:04:f3:b3:f7:d1:c0:d7:65:bc:eb:ac:16:54:
         85:c4:c0:7f:ef:3e:64:90:96:d5:06:c4:b6:81:a7:f7:1e:76:
         fa:59:81:ba:9f:eb:b1:91:df:78:50:73:df:55:b3:5f:44:05:
         08:2e:87:bc:d6:3a:d0:10:92:3b:32:8a:18:66:63:3d:9a:39:
         56:0b:32:93:64:ff:9c:a9:34:e1:ce:5b:72:7c:d3:cc:f0:8a:
         6e:43:58:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk7SUl7kE1sDwcKrf0WdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYjk0NDQ5ZDRkMjQ2Mjc3MTc3M2JjMDhhNjI0NTA3ZGE1
MTJiMGQwHhcNMjUxMTExMTEwMTEzWhcNMjUxMTEyMTEwMTEzWjAzMTEwLwYDVQQD
Eyg5NTc5NzAwMjBkYzg5NDc1MGZjMjJkMzI1YTgwNzRlZjBmNTIwNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2WPoyBstt++DBUr8ujfCsdmrRjL
wbiUouF/K4UOR2U0yKYxmdiDZiIYwLQ7jg6jI6gkPVWCJ7LhH6q+mX2LlO1mAmso
nM/SAm24Ue3xYsxuyIIc2BTYnPHF4/OyHt+9Gt/4RL+KhmOw5IRwNdh3Lvq+s8do
ln8pviTBujoxJJjqRNIsaqhv0j+zsP675iR0vOR7sV7aGqOe8bxDfmvD0N0xGKKk
sUAeA+AwlDGwEn3xUSh7O/xbuQ2EJ5d3C/OQ1rWFrnyojL6FYCpQmphXmtNtK2dc
SzNyJ+xDK2Fo5c/lfuCs8SR3/7su/3EwrYdG6W6xO6iwuyDBiqcLsmybBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJV5cAINyJR1D8ItMlqAdO8PUgRuMB8GA1UdIwQY
MBaAFKu5REnU0kYncXc7wIpiRQfaUSsNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgt
NzBjMGMxNWJjODBhLzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgtNzBjMGMxNWJjODBh
LzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbNzOT53t
d/vP3Iz74VG5cFmIs+YSUhApzxBrsSOQxVN469PeKhcw5qVh9FmZr/GI7FDnk7Im
d+O0TrctoljMZOZHM5KaIUPVO1DDtnhqEMZCMsqbkr0yxsoHCAf2ogiE4a387q7R
dggI9tFNjuo447ot2qq2r8uLP+1VMOU0G+mqNhHkdmM5QlHspeDHLBWMbifSSCIN
jtLuhtYNXA+0GOtic9PlunUE87P30cDXZbzrrBZUhcTAf+8+ZJCW1QbEtoGn9x52
+lmBup/rsZHfeFBz31WzX0QFCC6HvNY60BCSOzKKGGZjPZo5Vgsyk2T/nKk04c5b
cnzTzPCKbkNYbQ==
-----END CERTIFICATE-----