Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          1Hj8hRiPdfAXCb6BV/YjtmArhT94wyH+U1WhDCHSIDc=
Subject key identifier:   0C:E5:2C:16:25:88:F1:02:C8:34:B3:7C:75:A4:86:69:40:54:6C:FC
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       019A72262A8BB4A28DECFAABC814A47C9202
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          0649
Signing time:             Tue 11 Nov 2025 09:01:35 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:35 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:35 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: +Vj8kBAlgP8c6Aa8nfFJ4bTX2OggiYBrEdDOEAoODak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:2a:8b:b4:a2:8d:ec:fa:ab:c8:14:a4:7c:92:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Nov 11 09:01:35 2025 GMT
            Not After : Nov 12 09:01:35 2025 GMT
        Subject: CN=0ce52c162588f102c834b37c75a4866940546cfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:31:76:3d:f0:ec:d3:09:e7:ca:0d:27:50:ab:
                    96:e3:57:a4:91:09:6f:b3:49:15:15:03:6f:56:7c:
                    08:8e:1e:76:85:c3:98:11:48:c6:3c:b1:ac:dd:b2:
                    e3:4f:a5:de:a8:f1:8f:c8:f2:0d:76:df:0d:02:42:
                    cf:19:46:78:09:74:af:02:b4:2d:4c:44:98:1e:b7:
                    c1:24:1e:10:55:c3:62:04:6a:b7:70:39:02:0a:f6:
                    8e:d3:05:ee:ca:6b:84:bc:bf:c5:64:2b:ac:35:90:
                    c3:40:75:e9:f0:c1:72:23:95:67:dc:ba:d6:ee:0d:
                    98:03:68:eb:37:73:94:d9:f1:e4:a9:f6:1e:60:bc:
                    5c:5e:9f:17:85:39:3f:6b:95:0b:9c:ec:b7:2d:d7:
                    fc:64:60:38:bf:aa:95:cc:22:5b:10:48:59:31:e7:
                    38:e2:7e:db:aa:72:ac:40:3a:52:99:58:97:e5:69:
                    ad:7a:06:64:63:be:a5:f2:64:08:ea:ee:13:46:a9:
                    1f:5c:bc:5b:f6:19:59:0c:37:49:84:84:fc:6c:9f:
                    d3:6d:a3:53:e7:d4:18:79:fc:d1:53:12:99:45:9b:
                    ec:b4:14:3b:d8:aa:9a:fd:79:73:46:4a:8a:a4:8a:
                    4a:29:f1:92:fc:e8:06:7c:64:8f:a8:a8:75:61:cd:
                    8a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:E5:2C:16:25:88:F1:02:C8:34:B3:7C:75:A4:86:69:40:54:6C:FC
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:94:39:36:fd:36:2b:ea:2d:b9:f6:e4:be:4c:d3:5c:23:51:
         30:65:08:98:f4:ff:4f:57:11:47:bf:29:20:b1:fe:33:10:6d:
         3c:cb:98:54:62:ef:3c:32:5e:7f:46:16:36:a1:05:ef:e6:a1:
         74:fe:4c:73:da:8e:aa:c8:f3:31:40:31:af:e0:e1:b0:39:e3:
         5c:8d:7c:b4:75:d5:13:96:5f:33:e5:45:14:c5:8e:11:4f:e6:
         98:37:b5:42:e0:ae:95:bc:e1:bb:fc:7e:95:64:10:74:97:55:
         79:6f:06:cd:dc:bf:7d:15:2a:5a:67:ac:61:3e:50:cf:3d:36:
         09:8d:ed:a9:8b:58:1b:bc:f3:9c:74:46:04:3a:6c:d3:a0:ae:
         ee:92:32:7f:50:d3:da:a7:0d:dd:f9:c6:4f:3b:4d:8d:5f:50:
         c6:19:c4:eb:84:ab:1d:1d:96:59:36:c8:0f:96:ed:70:28:bb:
         98:ad:ad:7c:65:5f:f6:d2:a7:0a:e6:4b:9e:77:1b:0d:70:16:
         03:9b:72:49:19:3f:96:43:92:f3:02:74:8b:01:e4:78:b8:a1:
         74:24:29:45:98:e4:e4:95:da:2a:7b:6f:fc:ac:46:b9:e9:1d:
         dd:b9:51:b8:84:c2:f6:ed:f2:82:c8:9e:ad:dc:e4:89:12:cf:
         83:59:27:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJiqLtKKN7PqryBSkfJICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjUxMTExMDkwMTM1WhcNMjUxMTEyMDkwMTM1WjAzMTEwLwYDVQQD
EygwY2U1MmMxNjI1ODhmMTAyYzgzNGIzN2M3NWE0ODY2OTQwNTQ2Y2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjF2PfDs0wnnyg0nUKuW41ekkQlv
s0kVFQNvVnwIjh52hcOYEUjGPLGs3bLjT6XeqPGPyPINdt8NAkLPGUZ4CXSvArQt
TESYHrfBJB4QVcNiBGq3cDkCCvaO0wXuymuEvL/FZCusNZDDQHXp8MFyI5Vn3LrW
7g2YA2jrN3OU2fHkqfYeYLxcXp8XhTk/a5ULnOy3Ldf8ZGA4v6qVzCJbEEhZMec4
4n7bqnKsQDpSmViX5WmtegZkY76l8mQI6u4TRqkfXLxb9hlZDDdJhIT8bJ/TbaNT
59QYefzRUxKZRZvstBQ72Kqa/XlzRkqKpIpKKfGS/OgGfGSPqKh1Yc2KSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzlLBYliPECyDSzfHWkhmlAVGz8MB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYZQ5Nv02
K+otufbkvkzTXCNRMGUImPT/T1cRR78pILH+MxBtPMuYVGLvPDJef0YWNqEF7+ah
dP5Mc9qOqsjzMUAxr+DhsDnjXI18tHXVE5ZfM+VFFMWOEU/mmDe1QuCulbzhu/x+
lWQQdJdVeW8Gzdy/fRUqWmesYT5Qzz02CY3tqYtYG7zznHRGBDps06Cu7pIyf1DT
2qcN3fnGTztNjV9QxhnE64SrHR2WWTbID5btcCi7mK2tfGVf9tKnCuZLnncbDXAW
A5tySRk/lkOS8wJ0iwHkeLihdCQpRZjk5JXaKntv/KxGuekd3blRuITC9u3ygsie
rdzkiRLPg1knkQ==
-----END CERTIFICATE-----