Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
File:                     a-BR-5PgFam3YbtFr-EJ2740fGY.mft (raw, json)
Hash identifier:          J0mIru9cH6sOvspsSmdzVCzjoCgfiIx625qtrcKGsZc=
Subject key identifier:   75:53:F0:AC:96:B3:41:F9:30:D5:6D:CC:88:D2:C3:04:7E:BE:72:92
Authority key identifier: 6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66
Certificate issuer:       /CN=6be051fb93e015a9b761bb45afe109dbbe347c66
Certificate serial:       019A70A4FE8C449029734B6FA5572038D9D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
Manifest number:          06CF
Signing time:             Tue 11 Nov 2025 02:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 02:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 02:00:52 +0000
Files and hashes:         1: a-BR-5PgFam3YbtFr-EJ2740fGY.crl (hash: Lu5Awo5RE2jBNrsp4knPAkDRmMaGxPyJKzbYTklGfF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a4:fe:8c:44:90:29:73:4b:6f:a5:57:20:38:d9:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6be051fb93e015a9b761bb45afe109dbbe347c66
        Validity
            Not Before: Nov 11 02:00:52 2025 GMT
            Not After : Nov 12 02:00:52 2025 GMT
        Subject: CN=7553f0ac96b341f930d56dcc88d2c3047ebe7292
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:32:a0:a9:4e:29:08:cc:bd:0c:58:ae:1b:02:
                    60:c2:75:dd:f3:05:ab:e2:c1:c9:f3:95:61:0a:93:
                    ca:73:ce:36:7c:d1:3b:bc:e7:27:7a:8c:eb:46:4f:
                    55:e7:6c:54:4e:d3:08:42:2b:9e:f6:f4:81:f4:b9:
                    61:2f:9a:4e:e4:df:ba:30:7a:24:6c:08:1a:b1:b9:
                    19:fd:2c:4b:e9:13:c0:86:77:a2:85:4c:df:49:ef:
                    d2:0f:73:c5:fc:52:51:47:89:ca:3b:7d:73:b5:23:
                    98:c9:46:b7:19:05:4f:1b:31:3a:9c:68:4e:33:56:
                    6a:5b:a7:a0:2d:ed:27:97:b4:00:81:79:60:dd:7e:
                    11:fc:5a:d4:29:66:6a:2b:cc:25:a5:74:5b:e1:1a:
                    28:35:85:31:33:cc:03:e8:82:c1:e1:eb:67:0d:81:
                    1c:21:7f:f9:d6:64:fe:7c:59:39:20:90:87:b1:8f:
                    69:dd:3d:50:91:ff:a2:21:1d:8b:09:80:7f:e5:60:
                    0c:c3:04:bc:2f:ee:41:1e:2a:ba:da:7f:c6:05:d3:
                    98:f8:92:26:c3:15:79:0b:d6:8b:55:51:b0:28:9a:
                    1d:4e:f2:b1:6c:4a:58:a3:1c:f1:53:d3:79:c5:63:
                    a0:27:54:72:5b:98:c2:f2:b6:3d:47:03:ca:7a:ea:
                    27:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:53:F0:AC:96:B3:41:F9:30:D5:6D:CC:88:D2:C3:04:7E:BE:72:92
            X509v3 Authority Key Identifier:
                keyid:6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:b2:45:18:20:7c:a4:d4:c7:49:27:a4:c8:e8:f4:da:f2:97:
         df:af:68:17:0c:26:a4:22:93:37:50:c1:1b:ed:e7:c0:bc:30:
         40:ef:64:ae:0d:22:40:c6:ce:20:ca:6e:0b:65:87:a2:97:d5:
         1a:b0:83:d3:bc:a8:c2:1b:36:6e:19:30:76:16:ce:6d:bf:fe:
         06:9d:79:80:ea:93:98:b7:cd:18:ac:85:44:b5:2b:6b:ec:9a:
         48:bf:fe:ea:fa:fe:59:e5:7d:5c:93:43:59:52:90:6e:01:13:
         39:a5:ce:80:8f:c6:9c:7d:8a:40:37:c8:4d:18:97:ec:59:a0:
         0d:e8:43:1d:b4:a0:fb:89:87:f3:3b:2f:16:9f:f6:0f:59:20:
         8f:ca:38:c2:c2:f4:e1:d7:73:fd:d4:91:95:b8:63:5a:d8:e2:
         b8:24:5a:da:63:51:64:32:15:b6:db:a9:b4:0c:4d:76:76:4e:
         bc:c9:8c:72:3f:04:69:52:11:14:f0:ea:5d:59:56:b9:5f:18:
         24:66:4f:2d:a2:73:77:64:a9:0d:10:27:86:58:6a:e0:23:54:
         8f:5c:3c:17:85:df:2f:1b:0c:eb:51:53:a1:2f:fc:66:7d:0e:
         54:8d:97:6b:de:87:49:13:73:3c:7d:75:d2:4e:df:04:1e:8b:
         57:8a:02:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpP6MRJApc0tvpVcgONnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTA1MWZiOTNlMDE1YTliNzYxYmI0NWFmZTEwOWRiYmUz
NDdjNjYwHhcNMjUxMTExMDIwMDUyWhcNMjUxMTEyMDIwMDUyWjAzMTEwLwYDVQQD
Eyg3NTUzZjBhYzk2YjM0MWY5MzBkNTZkY2M4OGQyYzMwNDdlYmU3MjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszKgqU4pCMy9DFiuGwJgwnXd8wWr
4sHJ85VhCpPKc842fNE7vOcneozrRk9V52xUTtMIQiue9vSB9LlhL5pO5N+6MHok
bAgasbkZ/SxL6RPAhneihUzfSe/SD3PF/FJRR4nKO31ztSOYyUa3GQVPGzE6nGhO
M1ZqW6egLe0nl7QAgXlg3X4R/FrUKWZqK8wlpXRb4RooNYUxM8wD6ILB4etnDYEc
IX/51mT+fFk5IJCHsY9p3T1Qkf+iIR2LCYB/5WAMwwS8L+5BHiq62n/GBdOY+JIm
wxV5C9aLVVGwKJodTvKxbEpYoxzxU9N5xWOgJ1RyW5jC8rY9RwPKeuoneQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVT8KyWs0H5MNVtzIjSwwR+vnKSMB8GA1UdIwQY
MBaAFGvgUfuT4BWpt2G7Ra/hCdu+NHxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYt
ZjRlNTlmMzlhNzRhLzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYtZjRlNTlmMzlhNzRh
LzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWLJFGCB8
pNTHSSekyOj02vKX369oFwwmpCKTN1DBG+3nwLwwQO9krg0iQMbOIMpuC2WHopfV
GrCD07yowhs2bhkwdhbObb/+Bp15gOqTmLfNGKyFRLUra+yaSL/+6vr+WeV9XJND
WVKQbgETOaXOgI/GnH2KQDfITRiX7FmgDehDHbSg+4mH8zsvFp/2D1kgj8o4wsL0
4ddz/dSRlbhjWtjiuCRa2mNRZDIVttuptAxNdnZOvMmMcj8EaVIRFPDqXVlWuV8Y
JGZPLaJzd2SpDRAnhlhq4CNUj1w8F4XfLxsM61FToS/8Zn0OVI2Xa96HSRNzPH11
0k7fBB6LV4oCWA==
-----END CERTIFICATE-----