Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft
File:                     uIazyxP9IWfYnRIYXpNQbdRcmvk.mft (raw, json)
Hash identifier:          cgZnyVMNwhb2dQV6eeTyOJGxjFdmq3DpcKfT1ApSqew=
Subject key identifier:   68:D0:4A:BB:2A:97:78:1F:56:B7:6C:BA:CB:EE:B8:41:22:37:93:BD
Authority key identifier: B8:86:B3:CB:13:FD:21:67:D8:9D:12:18:5E:93:50:6D:D4:5C:9A:F9
Certificate issuer:       /CN=b886b3cb13fd2167d89d12185e93506dd45c9af9
Certificate serial:       019A730142A13452648923D79038AC23D695
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uIazyxP9IWfYnRIYXpNQbdRcmvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft
Manifest number:          0C40
Signing time:             Tue 11 Nov 2025 13:00:53 +0000
Manifest this update:     Tue 11 Nov 2025 13:00:53 +0000
Manifest next update:     Wed 12 Nov 2025 13:00:53 +0000
Files and hashes:         1: uIazyxP9IWfYnRIYXpNQbdRcmvk.crl (hash: AKWcEAR8paYT3T/whtc9kg9VhG/SRzZxMbCZTQFZOAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uIazyxP9IWfYnRIYXpNQbdRcmvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:42:a1:34:52:64:89:23:d7:90:38:ac:23:d6:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b886b3cb13fd2167d89d12185e93506dd45c9af9
        Validity
            Not Before: Nov 11 13:00:53 2025 GMT
            Not After : Nov 12 13:00:53 2025 GMT
        Subject: CN=68d04abb2a97781f56b76cbacbeeb841223793bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:b7:b4:ef:e2:1c:16:2c:0e:cd:80:98:64:da:
                    2a:c3:0e:20:0e:46:f9:ab:a8:af:b9:5d:7b:24:6a:
                    9c:c9:00:2f:22:0a:db:23:a4:6d:36:cd:f7:38:d5:
                    b7:ba:6e:e2:88:91:58:d9:aa:25:09:a4:de:17:6a:
                    d6:50:b4:b4:d7:97:7f:79:ff:c0:6d:46:2d:42:88:
                    cd:58:a3:76:67:a3:5e:ec:bf:bc:5f:63:5e:83:ae:
                    d9:6d:9b:02:36:cf:bb:59:b8:91:ae:65:c5:44:a3:
                    09:ea:da:31:4b:2a:3d:06:2a:03:b1:8b:bd:7b:7f:
                    23:98:e7:91:1f:7b:b5:28:ea:0d:7b:88:7f:5f:1d:
                    48:6d:14:e0:77:63:5f:7e:d8:65:aa:4c:2c:33:a3:
                    c0:e4:89:fe:ae:a1:ee:12:07:31:7f:75:25:18:e4:
                    24:98:48:69:a0:4c:14:e7:72:17:d3:44:9e:26:5f:
                    42:89:58:1e:cb:91:0c:a8:c4:26:a7:e4:38:5a:7b:
                    16:b6:07:76:15:16:7f:c0:99:ba:43:8d:8f:20:3c:
                    22:1b:48:c9:ba:5e:b9:cd:53:1f:e1:a9:09:81:a0:
                    7e:4e:99:dd:4d:d2:40:89:e0:78:99:c4:a6:f3:92:
                    37:8b:95:54:0c:0d:8f:fa:13:27:aa:cc:c3:f0:fc:
                    45:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:D0:4A:BB:2A:97:78:1F:56:B7:6C:BA:CB:EE:B8:41:22:37:93:BD
            X509v3 Authority Key Identifier:
                keyid:B8:86:B3:CB:13:FD:21:67:D8:9D:12:18:5E:93:50:6D:D4:5C:9A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uIazyxP9IWfYnRIYXpNQbdRcmvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:bb:02:40:73:4b:3e:26:c9:6f:74:22:48:23:b2:6e:53:e5:
         c2:f6:e6:f7:e3:fb:73:ed:41:9a:09:95:95:6b:94:66:92:ef:
         bc:40:3e:9d:13:ee:73:cd:06:b8:fe:2b:4c:ec:0f:83:78:7f:
         44:58:9c:30:56:10:fa:31:55:a7:85:f1:e6:b2:ad:d5:47:06:
         98:1f:3a:cc:06:73:64:f7:e2:77:f7:13:e0:2c:60:45:a0:cb:
         44:64:84:1b:4d:04:0b:e1:e0:35:bb:55:10:a4:14:bf:da:b2:
         73:a0:9a:1c:ac:28:4d:49:6e:80:b8:18:c7:bd:c1:7d:b6:eb:
         9d:6f:a4:3d:3b:30:14:25:67:0f:14:ed:6c:8a:23:46:95:47:
         63:09:4b:7d:fd:d3:8d:95:cd:8b:32:41:74:53:97:a4:f1:e0:
         2b:c8:36:3f:70:69:42:8e:ff:d1:87:af:eb:a1:10:d2:51:a8:
         b4:c0:17:03:4f:1c:93:20:22:22:93:55:d4:db:5c:7b:d4:a3:
         d9:2a:df:d7:cc:72:7c:68:83:84:93:89:8c:2d:b1:ee:39:43:
         4f:38:ba:dc:96:d3:fe:d3:37:e5:a0:45:3f:8e:22:88:c8:d8:
         b5:d3:49:0f:0a:62:4a:ea:60:49:6d:ce:8b:33:84:ad:03:50:
         0e:bc:6d:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAUKhNFJkiSPXkDisI9aVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ODZiM2NiMTNmZDIxNjdkODlkMTIxODVlOTM1MDZkZDQ1
YzlhZjkwHhcNMjUxMTExMTMwMDUzWhcNMjUxMTEyMTMwMDUzWjAzMTEwLwYDVQQD
Eyg2OGQwNGFiYjJhOTc3ODFmNTZiNzZjYmFjYmVlYjg0MTIyMzc5M2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+7e07+IcFiwOzYCYZNoqww4gDkb5
q6ivuV17JGqcyQAvIgrbI6RtNs33ONW3um7iiJFY2aolCaTeF2rWULS015d/ef/A
bUYtQojNWKN2Z6Ne7L+8X2Neg67ZbZsCNs+7WbiRrmXFRKMJ6toxSyo9BioDsYu9
e38jmOeRH3u1KOoNe4h/Xx1IbRTgd2NffthlqkwsM6PA5In+rqHuEgcxf3UlGOQk
mEhpoEwU53IX00SeJl9CiVgey5EMqMQmp+Q4WnsWtgd2FRZ/wJm6Q42PIDwiG0jJ
ul65zVMf4akJgaB+TpndTdJAieB4mcSm85I3i5VUDA2P+hMnqszD8PxFLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjQSrsql3gfVrdsusvuuEEiN5O9MB8GA1UdIwQY
MBaAFLiGs8sT/SFn2J0SGF6TUG3UXJr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlhenl4UDlJV2ZZblJJWVhwTlFiZFJjbXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80MmFjM2MtYzU4My00YjgyLWJjYjct
MDQ3Mzk0MDJlMjdiLzEvdUlhenl4UDlJV2ZZblJJWVhwTlFiZFJjbXZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80MmFjM2MtYzU4My00YjgyLWJjYjctMDQ3Mzk0MDJlMjdi
LzEvdUlhenl4UDlJV2ZZblJJWVhwTlFiZFJjbXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm7sCQHNL
PibJb3QiSCOyblPlwvbm9+P7c+1BmgmVlWuUZpLvvEA+nRPuc80GuP4rTOwPg3h/
RFicMFYQ+jFVp4Xx5rKt1UcGmB86zAZzZPfid/cT4CxgRaDLRGSEG00EC+HgNbtV
EKQUv9qyc6CaHKwoTUlugLgYx73BfbbrnW+kPTswFCVnDxTtbIojRpVHYwlLff3T
jZXNizJBdFOXpPHgK8g2P3BpQo7/0Yev66EQ0lGotMAXA08ckyAiIpNV1Ntce9Sj
2Srf18xyfGiDhJOJjC2x7jlDTzi63JbT/tM35aBFP44iiMjYtdNJDwpiSupgSW3O
izOErQNQDrxtwQ==
-----END CERTIFICATE-----