Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
File:                     Ad0iu63J75fJwaOGG21rTE3dhoc.mft (raw, json)
Hash identifier:          69LglYgysbbxs2R049sn/0Gg/BCoscHBuBhVu20YgGU=
Subject key identifier:   8C:99:F4:8A:AC:2F:26:C4:EB:C4:BC:18:91:11:05:21:7B:2C:54:2F
Authority key identifier: 01:DD:22:BB:AD:C9:EF:97:C9:C1:A3:86:1B:6D:6B:4C:4D:DD:86:87
Certificate issuer:       /CN=01dd22bbadc9ef97c9c1a3861b6d6b4c4ddd8687
Certificate serial:       019A71B8DAB9EEAF90C5625D62463878C392
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
Manifest number:          1110
Signing time:             Tue 11 Nov 2025 07:02:11 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:11 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:11 +0000
Files and hashes:         1: Ad0iu63J75fJwaOGG21rTE3dhoc.crl (hash: QvuyL30gPJK1wdQbSMwNAsPwUNNTNsASwAYb0hpO0A0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:da:b9:ee:af:90:c5:62:5d:62:46:38:78:c3:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01dd22bbadc9ef97c9c1a3861b6d6b4c4ddd8687
        Validity
            Not Before: Nov 11 07:02:11 2025 GMT
            Not After : Nov 12 07:02:11 2025 GMT
        Subject: CN=8c99f48aac2f26c4ebc4bc18911105217b2c542f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:49:aa:6a:f8:a1:41:35:63:d0:59:07:04:b3:
                    82:3b:3c:fd:61:59:d3:96:8b:f8:21:2d:24:dd:7f:
                    dc:cd:f2:fe:74:49:79:1f:da:c7:04:38:9d:f6:17:
                    6d:b7:d5:0a:ba:c8:8d:93:10:4b:49:ce:fd:85:13:
                    7b:b7:66:ea:8c:ef:34:bd:26:ae:1c:42:97:27:ec:
                    12:72:13:fa:ac:05:a9:4b:f4:fd:5b:e6:13:86:67:
                    dc:d7:8b:1b:8e:81:bc:59:72:a0:13:04:41:35:0a:
                    97:73:d6:08:16:97:7f:42:90:1d:58:4a:7f:2d:5f:
                    4f:18:e4:cf:21:e7:5c:6a:d4:67:a6:f7:29:d8:b5:
                    77:59:46:b7:94:40:50:35:f7:c1:61:46:c1:1f:d5:
                    70:8f:89:f3:28:5c:72:5c:8a:80:7a:ec:1a:d0:c4:
                    b5:ca:c3:7f:21:ed:8f:fd:0a:79:ba:7b:ea:e8:ac:
                    16:01:66:68:c1:b5:fd:19:be:ec:3d:b2:44:3e:52:
                    3c:3c:8e:97:71:aa:ce:97:39:fe:0e:4e:13:1c:80:
                    4f:d3:89:7c:72:fe:43:99:e4:2d:f8:5f:30:1b:db:
                    d7:25:86:d2:c1:16:f4:4e:b9:13:9d:e7:bf:3d:df:
                    b0:38:5e:b6:69:61:eb:27:15:39:63:f3:1d:7c:18:
                    a4:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:99:F4:8A:AC:2F:26:C4:EB:C4:BC:18:91:11:05:21:7B:2C:54:2F
            X509v3 Authority Key Identifier:
                keyid:01:DD:22:BB:AD:C9:EF:97:C9:C1:A3:86:1B:6D:6B:4C:4D:DD:86:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:6e:90:21:9a:86:57:17:98:00:a8:57:5c:b3:f9:5b:c6:36:
         8e:6e:83:01:e0:dc:f4:94:08:d0:fa:ba:33:53:aa:28:8a:b3:
         e3:23:66:86:32:ff:5a:cd:64:7f:35:bf:d0:66:97:7f:c4:64:
         6c:3d:92:e7:90:01:2c:d7:0c:5d:70:8c:76:61:55:e7:d9:bb:
         80:7d:26:11:4b:d7:6f:57:a8:56:87:a6:3b:b4:12:cb:14:7a:
         0c:46:ce:6f:8b:9e:88:dc:3f:55:7e:b9:29:6b:6f:a7:cb:9f:
         e9:af:1f:af:a0:6c:a3:6b:db:bc:9b:1a:2a:38:f8:d7:6d:6c:
         09:d6:35:b5:2b:cb:03:3a:26:7e:4a:3a:89:68:1b:81:b4:5a:
         b9:6c:19:16:46:3b:dd:b7:6a:97:80:63:cd:39:f4:42:66:34:
         45:51:06:07:4e:b7:ce:25:e5:b0:4d:a8:ff:b3:19:6f:de:16:
         5c:63:2e:5c:a7:a4:3d:b9:de:de:66:e1:a4:ae:14:b1:b3:35:
         7e:47:02:f7:ac:b4:f8:c3:6d:c5:c8:ae:4c:82:fe:07:9f:5a:
         bc:b8:b1:ea:93:ad:87:9a:47:14:17:b7:d5:a6:d1:ae:54:bc:
         eb:02:a9:c5:c7:2e:ab:c8:00:ee:ae:04:9f:76:04:44:3d:b4:
         2d:93:d6:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNq57q+QxWJdYkY4eMOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZGQyMmJiYWRjOWVmOTdjOWMxYTM4NjFiNmQ2YjRjNGRk
ZDg2ODcwHhcNMjUxMTExMDcwMjExWhcNMjUxMTEyMDcwMjExWjAzMTEwLwYDVQQD
Eyg4Yzk5ZjQ4YWFjMmYyNmM0ZWJjNGJjMTg5MTExMDUyMTdiMmM1NDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UmqavihQTVj0FkHBLOCOzz9YVnT
lov4IS0k3X/czfL+dEl5H9rHBDid9hdtt9UKusiNkxBLSc79hRN7t2bqjO80vSau
HEKXJ+wSchP6rAWpS/T9W+YThmfc14sbjoG8WXKgEwRBNQqXc9YIFpd/QpAdWEp/
LV9PGOTPIedcatRnpvcp2LV3WUa3lEBQNffBYUbBH9Vwj4nzKFxyXIqAeuwa0MS1
ysN/Ie2P/Qp5unvq6KwWAWZowbX9Gb7sPbJEPlI8PI6XcarOlzn+Dk4THIBP04l8
cv5DmeQt+F8wG9vXJYbSwRb0TrkTnee/Pd+wOF62aWHrJxU5Y/MdfBikuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIyZ9IqsLybE68S8GJERBSF7LFQvMB8GA1UdIwQY
MBaAFAHdIrutye+XycGjhhtta0xN3YaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NTdhODMtNmVkMC00MWM2LWJkZDYt
NzA3ZGIyNTI0ZTZiLzEvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NTdhODMtNmVkMC00MWM2LWJkZDYtNzA3ZGIyNTI0ZTZi
LzEvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANW6QIZqG
VxeYAKhXXLP5W8Y2jm6DAeDc9JQI0Pq6M1OqKIqz4yNmhjL/Ws1kfzW/0GaXf8Rk
bD2S55ABLNcMXXCMdmFV59m7gH0mEUvXb1eoVoemO7QSyxR6DEbOb4ueiNw/VX65
KWtvp8uf6a8fr6Bso2vbvJsaKjj4121sCdY1tSvLAzomfko6iWgbgbRauWwZFkY7
3bdql4BjzTn0QmY0RVEGB063ziXlsE2o/7MZb94WXGMuXKekPbne3mbhpK4UsbM1
fkcC96y0+MNtxciuTIL+B59avLix6pOth5pHFBe31abRrlS86wKpxccuq8gA7q4E
n3YERD20LZPWUg==
-----END CERTIFICATE-----