Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File:                     ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier:          ruSXZoABncEhGlZR6PvNuQ9PsppRLIEglzJkXkOb+Yk=
Subject key identifier:   DF:11:76:CD:2E:A4:15:1A:2E:8D:03:E7:6E:80:9A:39:3C:91:75:F0
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer:       /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial:       019A73A759866AEE05CD00CEEB3B186FD540
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number:          0D09
Signing time:             Tue 11 Nov 2025 16:02:18 +0000
Manifest this update:     Tue 11 Nov 2025 16:02:18 +0000
Manifest next update:     Wed 12 Nov 2025 16:02:18 +0000
Files and hashes:         1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: hMBHwzMQ061cQl4S5tbaOS0gE1isebOPLInPE9lCXco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a7:59:86:6a:ee:05:cd:00:ce:eb:3b:18:6f:d5:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
        Validity
            Not Before: Nov 11 16:02:18 2025 GMT
            Not After : Nov 12 16:02:18 2025 GMT
        Subject: CN=df1176cd2ea4151a2e8d03e76e809a393c9175f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:de:ab:89:9b:93:ef:ef:01:45:8f:e7:5a:91:
                    50:6e:d6:58:49:99:3d:63:9d:ec:52:d3:7c:cb:4a:
                    54:ee:60:b5:f5:8c:5d:a3:e6:f7:39:e3:4a:17:45:
                    79:fb:80:86:d4:fd:89:a7:97:c4:4c:e5:44:91:37:
                    64:83:78:1c:7b:9d:05:66:15:72:eb:12:62:d4:84:
                    bb:22:98:bd:df:0d:83:10:a1:9e:f6:41:3f:ac:5e:
                    46:2b:4e:63:fd:1b:31:e0:19:cb:bd:d6:fb:ac:23:
                    f9:a8:03:cf:61:b8:3d:e9:74:eb:c6:78:e1:93:de:
                    42:4e:fb:21:13:d1:ab:64:01:c9:99:86:3a:57:71:
                    95:4b:cd:93:1d:57:fa:69:ca:b9:2d:12:67:94:36:
                    26:69:07:b5:02:41:65:c8:09:87:45:e5:7a:7d:7d:
                    5f:5d:01:d6:01:57:7d:c2:db:7e:cf:c8:8a:ca:3a:
                    d0:4c:0c:4a:1d:1c:f9:a5:83:29:5c:77:ef:27:40:
                    02:e9:e6:bb:51:c8:5a:cd:74:51:11:e9:96:17:d2:
                    ae:c3:5c:06:b6:95:a9:4e:34:2d:ec:82:b2:f2:f0:
                    c2:41:ef:f8:19:17:2b:29:85:e4:9c:b1:1b:50:6b:
                    49:ab:43:47:8c:37:81:c7:93:78:74:f8:8d:6a:20:
                    ca:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:11:76:CD:2E:A4:15:1A:2E:8D:03:E7:6E:80:9A:39:3C:91:75:F0
            X509v3 Authority Key Identifier:
                keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:16:da:6f:5b:d2:f1:8c:4b:7c:01:22:bb:03:73:d2:c7:dc:
         69:18:be:3a:de:e3:3d:1e:05:4d:36:9e:b3:ce:1c:3a:54:3b:
         75:a7:81:d0:d2:62:f9:82:21:e7:cd:64:c5:8b:04:ff:44:64:
         24:ae:80:bf:c4:07:16:24:94:c7:cb:e4:e8:ba:ae:6c:8d:d7:
         86:70:e8:a7:46:c3:e4:d9:d1:33:4b:4b:1a:6b:28:e2:f0:11:
         4d:c5:3f:0b:d2:38:5b:8a:6f:b2:c8:eb:8b:ea:2f:6c:84:ed:
         2b:17:22:4c:a1:4b:8f:dc:ab:d3:75:1c:45:16:68:62:9d:2d:
         ac:19:0b:4f:bf:b5:ea:49:0e:a5:ca:3c:7e:57:e1:32:a7:40:
         c8:73:23:55:58:61:c1:92:20:6a:0d:e1:78:a6:e1:b3:6f:52:
         a8:a7:a0:6d:11:14:ce:74:ab:a2:44:6b:4b:2a:0d:f1:8f:31:
         0f:c8:30:45:2b:79:5a:01:32:73:fb:8a:be:cc:cb:77:60:85:
         f7:34:96:4f:d2:c9:82:c0:cf:79:b9:fc:01:16:69:12:74:1f:
         07:e7:70:9e:6b:56:46:c0:24:18:26:71:86:de:c0:b6:6e:99:
         06:cf:f3:63:4b:43:30:c4:a2:2b:60:05:04:5c:40:1b:bc:7f:
         bb:7b:f8:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzp1mGau4FzQDO6zsYb9VAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjUxMTExMTYwMjE4WhcNMjUxMTEyMTYwMjE4WjAzMTEwLwYDVQQD
EyhkZjExNzZjZDJlYTQxNTFhMmU4ZDAzZTc2ZTgwOWEzOTNjOTE3NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN6riZuT7+8BRY/nWpFQbtZYSZk9
Y53sUtN8y0pU7mC19Yxdo+b3OeNKF0V5+4CG1P2Jp5fETOVEkTdkg3gce50FZhVy
6xJi1IS7Ipi93w2DEKGe9kE/rF5GK05j/Rsx4BnLvdb7rCP5qAPPYbg96XTrxnjh
k95CTvshE9GrZAHJmYY6V3GVS82THVf6acq5LRJnlDYmaQe1AkFlyAmHReV6fX1f
XQHWAVd9wtt+z8iKyjrQTAxKHRz5pYMpXHfvJ0AC6ea7UchazXRREemWF9Kuw1wG
tpWpTjQt7IKy8vDCQe/4GRcrKYXknLEbUGtJq0NHjDeBx5N4dPiNaiDKDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8Rds0upBUaLo0D526Amjk8kXXwMB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKhbab1vS
8YxLfAEiuwNz0sfcaRi+Ot7jPR4FTTaes84cOlQ7daeB0NJi+YIh581kxYsE/0Rk
JK6Av8QHFiSUx8vk6LqubI3XhnDop0bD5NnRM0tLGmso4vARTcU/C9I4W4pvssjr
i+ovbITtKxciTKFLj9yr03UcRRZoYp0trBkLT7+16kkOpco8flfhMqdAyHMjVVhh
wZIgag3heKbhs29SqKegbREUznSrokRrSyoN8Y8xD8gwRSt5WgEyc/uKvszLd2CF
9zSWT9LJgsDPebn8ARZpEnQfB+dwnmtWRsAkGCZxht7Atm6ZBs/zY0tDMMSiK2AF
BFxAG7x/u3v4Yw==
-----END CERTIFICATE-----