Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
File:                     Vu9y3nfRt-K0RwW2y85jlCHam-8.mft (raw, json)
Hash identifier:          R2sDH5m5+ykXErjeFFy0bFd8AynJo2XgX6FCL6p95W8=
Subject key identifier:   79:26:5F:72:39:73:02:AD:59:A1:E9:69:A2:D3:CA:91:6E:A0:EA:6E
Authority key identifier: 56:EF:72:DE:77:D1:B7:E2:B4:47:05:B6:CB:CE:63:94:21:DA:9B:EF
Certificate issuer:       /CN=56ef72de77d1b7e2b44705b6cbce639421da9bef
Certificate serial:       019A72267419C17A940CB99269AC30F5EC34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
Manifest number:          0561
Signing time:             Tue 11 Nov 2025 09:01:53 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:53 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:53 +0000
Files and hashes:         1: Vu9y3nfRt-K0RwW2y85jlCHam-8.crl (hash: qw4vHtZG83n9uVvVXEmu08MLEVP5EiOH61J6HKZK1D4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:74:19:c1:7a:94:0c:b9:92:69:ac:30:f5:ec:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56ef72de77d1b7e2b44705b6cbce639421da9bef
        Validity
            Not Before: Nov 11 09:01:53 2025 GMT
            Not After : Nov 12 09:01:53 2025 GMT
        Subject: CN=79265f72397302ad59a1e969a2d3ca916ea0ea6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:25:6f:2d:bc:48:5f:f1:56:a2:57:36:09:dd:
                    6a:7d:2b:82:e5:15:84:9f:f5:00:5c:41:de:da:25:
                    9c:b5:f1:76:14:1d:f2:fa:c4:09:a9:e9:bc:c4:8e:
                    12:2a:57:4b:99:92:e9:8f:80:fe:38:6a:01:d2:87:
                    d9:54:66:fa:6a:ee:d4:4a:12:34:7d:57:08:f0:e1:
                    f2:f3:77:97:5a:6d:86:d5:c6:68:58:3c:56:44:94:
                    38:da:20:70:f3:9f:76:88:f0:81:56:35:d1:7e:67:
                    e7:33:c1:5b:f4:2f:c5:84:f7:2a:c9:34:d2:6b:61:
                    57:af:fa:03:27:25:55:41:be:da:9a:d2:2f:93:6f:
                    da:ac:98:51:e4:12:2f:ac:05:59:dc:5d:d5:8a:15:
                    fc:dc:01:a2:69:5a:8a:92:b5:fa:2e:b9:34:b6:e8:
                    f1:3f:b4:e7:ac:19:97:10:ef:eb:28:7e:99:ce:0d:
                    bb:b7:fe:f5:4c:dc:8c:f0:e8:66:9b:53:d9:a3:fb:
                    dc:89:7c:bd:31:b1:84:e2:3a:9b:c9:80:ea:2d:a6:
                    0f:bc:49:a5:53:e6:c7:ce:6c:ea:e0:89:d1:15:77:
                    38:9c:86:af:30:b9:65:99:27:af:47:9b:90:64:c9:
                    a2:7b:5e:34:ca:27:a4:7f:f6:fb:e7:ae:53:51:4d:
                    19:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:26:5F:72:39:73:02:AD:59:A1:E9:69:A2:D3:CA:91:6E:A0:EA:6E
            X509v3 Authority Key Identifier:
                keyid:56:EF:72:DE:77:D1:B7:E2:B4:47:05:B6:CB:CE:63:94:21:DA:9B:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:68:cf:33:51:ef:ab:f5:f2:59:16:5e:35:8f:0a:48:1a:da:
         27:9d:df:3d:25:a2:c2:19:9b:e0:cc:78:21:7d:2c:17:9c:f3:
         9f:ae:a1:19:18:8e:b2:27:d6:a3:f7:a2:ea:7a:93:0a:5d:b8:
         62:71:e4:08:c6:96:21:e0:c0:ae:1c:60:6e:ca:24:30:54:f6:
         ba:a5:02:44:9e:c8:50:b1:2a:1e:9e:91:76:19:03:11:c1:ae:
         6a:d0:48:af:d4:ba:72:2b:f1:e8:ff:28:d0:f7:4c:63:40:06:
         20:c8:58:9e:f4:31:eb:29:5c:5c:94:10:61:7c:d4:24:6f:8f:
         4c:27:a8:54:2c:42:6d:28:b3:c1:3a:ff:e2:f6:ce:2c:3d:20:
         ef:b4:13:87:67:1a:f9:26:bf:aa:44:ac:d8:e8:22:6a:ab:7a:
         3a:5a:a0:12:08:06:b4:4f:a0:72:ba:b8:61:ea:00:8b:25:e4:
         1c:f5:13:81:d6:8d:61:f5:c4:78:5f:1e:59:2e:99:5d:5a:55:
         7f:bc:f0:9d:de:5e:ec:d0:52:c0:be:24:c3:b7:f6:c0:93:4a:
         cc:6e:e1:88:48:37:06:7f:79:b1:99:49:02:eb:16:3e:64:6e:
         72:69:7f:59:a6:5e:c7:56:bd:c4:45:a4:55:84:c5:24:bd:5f:
         30:6f:6d:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJnQZwXqUDLmSaaww9ew0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZWY3MmRlNzdkMWI3ZTJiNDQ3MDViNmNiY2U2Mzk0MjFk
YTliZWYwHhcNMjUxMTExMDkwMTUzWhcNMjUxMTEyMDkwMTUzWjAzMTEwLwYDVQQD
Eyg3OTI2NWY3MjM5NzMwMmFkNTlhMWU5NjlhMmQzY2E5MTZlYTBlYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiVvLbxIX/FWolc2Cd1qfSuC5RWE
n/UAXEHe2iWctfF2FB3y+sQJqem8xI4SKldLmZLpj4D+OGoB0ofZVGb6au7UShI0
fVcI8OHy83eXWm2G1cZoWDxWRJQ42iBw8592iPCBVjXRfmfnM8Fb9C/FhPcqyTTS
a2FXr/oDJyVVQb7amtIvk2/arJhR5BIvrAVZ3F3VihX83AGiaVqKkrX6Lrk0tujx
P7TnrBmXEO/rKH6Zzg27t/71TNyM8Ohmm1PZo/vciXy9MbGE4jqbyYDqLaYPvEml
U+bHzmzq4InRFXc4nIavMLllmSevR5uQZMmie140yiekf/b7565TUU0ZcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkmX3I5cwKtWaHpaaLTypFuoOpuMB8GA1UdIwQY
MBaAFFbvct530bfitEcFtsvOY5Qh2pvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MWZkZDUtYzI5ZC00ZDM4LThlZjkt
NGY2NTZmMjlhNTFiLzEvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MWZkZDUtYzI5ZC00ZDM4LThlZjktNGY2NTZmMjlhNTFi
LzEvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdmjPM1Hv
q/XyWRZeNY8KSBraJ53fPSWiwhmb4Mx4IX0sF5zzn66hGRiOsifWo/ei6nqTCl24
YnHkCMaWIeDArhxgbsokMFT2uqUCRJ7IULEqHp6RdhkDEcGuatBIr9S6civx6P8o
0PdMY0AGIMhYnvQx6ylcXJQQYXzUJG+PTCeoVCxCbSizwTr/4vbOLD0g77QTh2ca
+Sa/qkSs2Ogiaqt6OlqgEggGtE+gcrq4YeoAiyXkHPUTgdaNYfXEeF8eWS6ZXVpV
f7zwnd5e7NBSwL4kw7f2wJNKzG7hiEg3Bn95sZlJAusWPmRucml/WaZex1a9xEWk
VYTFJL1fMG9t3g==
-----END CERTIFICATE-----