Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          8EJXgLVwYbPlUZR38l1BikdFEVmGTjUNbiidspRQxBQ=
Subject key identifier:   7C:BC:63:16:53:7A:BB:58:0E:B5:C5:A7:EB:D9:0C:DF:9C:3A:33:49
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       019A71B87B78DEF4928A4CB6D33C6FAB6FC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0DC1
Signing time:             Tue 11 Nov 2025 07:01:46 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:46 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:46 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: 7PSgIIrdMxQ33Y9j6SUXbTxFYlOr0YKd0Yqr2FR5dd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:7b:78:de:f4:92:8a:4c:b6:d3:3c:6f:ab:6f:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Nov 11 07:01:46 2025 GMT
            Not After : Nov 12 07:01:46 2025 GMT
        Subject: CN=7cbc6316537abb580eb5c5a7ebd90cdf9c3a3349
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:47:23:3d:ae:cf:fb:42:a1:93:c3:4d:1c:d5:
                    ec:82:69:f5:c4:de:a5:cf:a8:ae:3d:56:c5:0c:d1:
                    53:f9:53:ad:56:b6:8d:67:a7:ef:83:eb:dc:f8:49:
                    39:d2:a4:e3:e3:a1:12:b2:ad:a5:89:e0:96:5a:d4:
                    24:a0:4b:77:c2:da:d6:29:f9:be:8c:04:00:af:95:
                    e4:f6:81:12:e7:aa:1f:3d:cd:9e:7e:5f:f0:2d:5c:
                    a4:bf:be:82:e4:13:a0:f9:b0:d1:40:3f:1d:1f:d1:
                    4b:77:a1:32:64:d4:00:2d:d7:5d:a7:86:5b:e7:b3:
                    b9:6d:fa:9d:0c:2c:de:4e:04:5b:8d:56:50:c3:9e:
                    fc:2a:39:a8:42:67:77:35:a1:e0:e1:d3:9d:cc:3d:
                    35:c5:20:bf:ec:df:e2:dd:b1:2b:49:05:38:9f:df:
                    2f:e5:6b:c3:66:d6:f0:be:3b:59:aa:e6:04:e8:38:
                    a1:eb:f6:15:aa:0a:1a:c9:f9:d8:65:5a:b6:30:e8:
                    61:90:6b:eb:9d:ba:ee:f4:f7:75:01:7f:cd:28:1f:
                    46:92:ac:42:a2:be:f2:78:0f:72:3a:b0:60:b3:81:
                    35:91:40:83:73:8a:a4:7f:05:0e:0c:f5:b5:91:59:
                    2f:c8:79:0d:43:56:a7:00:4d:c3:d7:42:8e:e4:b9:
                    21:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:BC:63:16:53:7A:BB:58:0E:B5:C5:A7:EB:D9:0C:DF:9C:3A:33:49
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:60:eb:d3:ce:08:a6:d2:4c:a8:47:be:f8:72:3b:b8:35:16:
         f4:06:6b:ea:55:23:03:7f:d6:80:03:9e:f4:3a:77:2c:03:fe:
         d5:dc:23:66:8a:01:34:4e:1d:57:b4:d6:f0:87:d6:06:80:88:
         fa:08:57:68:d3:8a:4a:09:4c:d2:94:87:33:c9:01:e6:0c:df:
         00:24:04:17:6b:89:5f:e1:c0:8b:51:42:cd:d3:97:d1:d1:93:
         30:2a:0f:23:7e:4e:ff:d8:45:5b:45:f2:23:00:83:6d:6c:04:
         eb:d4:ba:c0:e3:70:39:49:29:b5:8c:9b:45:74:be:03:41:98:
         76:14:b1:c6:81:c9:73:8b:e5:26:f1:4c:a9:f6:b2:95:35:88:
         9f:3b:79:3d:6f:80:32:fe:9c:82:fc:51:8c:4b:b9:f6:7d:2b:
         5f:22:ec:1e:1e:af:1d:da:cf:bb:1f:9c:9b:3f:01:68:10:da:
         24:d6:ed:f1:af:b3:3d:42:2e:c4:46:6a:23:e0:14:3d:da:08:
         cd:44:40:6e:9d:83:23:df:b2:0c:12:58:c4:95:5d:ce:32:17:
         16:10:b3:74:cf:77:c6:05:9a:bb:e6:74:69:8a:98:dc:91:50:
         0b:96:d5:91:7c:e8:3b:5d:85:eb:79:04:fa:ef:f1:a7:a1:26:
         3e:26:fe:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHt43vSSiky20zxvq2/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjUxMTExMDcwMTQ2WhcNMjUxMTEyMDcwMTQ2WjAzMTEwLwYDVQQD
Eyg3Y2JjNjMxNjUzN2FiYjU4MGViNWM1YTdlYmQ5MGNkZjljM2EzMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEcjPa7P+0Khk8NNHNXsgmn1xN6l
z6iuPVbFDNFT+VOtVraNZ6fvg+vc+Ek50qTj46ESsq2lieCWWtQkoEt3wtrWKfm+
jAQAr5Xk9oES56ofPc2efl/wLVykv76C5BOg+bDRQD8dH9FLd6EyZNQALdddp4Zb
57O5bfqdDCzeTgRbjVZQw578KjmoQmd3NaHg4dOdzD01xSC/7N/i3bErSQU4n98v
5WvDZtbwvjtZquYE6Dih6/YVqgoayfnYZVq2MOhhkGvrnbru9Pd1AX/NKB9GkqxC
or7yeA9yOrBgs4E1kUCDc4qkfwUODPW1kVkvyHkNQ1anAE3D10KO5LkhuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHy8YxZTertYDrXFp+vZDN+cOjNJMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIWDr084I
ptJMqEe++HI7uDUW9AZr6lUjA3/WgAOe9Dp3LAP+1dwjZooBNE4dV7TW8IfWBoCI
+ghXaNOKSglM0pSHM8kB5gzfACQEF2uJX+HAi1FCzdOX0dGTMCoPI35O/9hFW0Xy
IwCDbWwE69S6wONwOUkptYybRXS+A0GYdhSxxoHJc4vlJvFMqfaylTWInzt5PW+A
Mv6cgvxRjEu59n0rXyLsHh6vHdrPux+cmz8BaBDaJNbt8a+zPUIuxEZqI+AUPdoI
zURAbp2DI9+yDBJYxJVdzjIXFhCzdM93xgWau+Z0aYqY3JFQC5bVkXzoO12F63kE
+u/xp6EmPib+9A==
-----END CERTIFICATE-----