Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft
File:                     p_555OY70WvEI3WStoTQBDPL0PY.mft (raw, json)
Hash identifier:          CA0eGgdJx/UQZ57SLXKWO1jKXR0B+FUnl2myVf+bXeU=
Subject key identifier:   53:F5:FC:1E:53:D2:78:93:BE:CD:31:5E:D9:9F:93:35:7E:3D:E1:F9
Authority key identifier: A7:FE:79:E4:E6:3B:D1:6B:C4:23:75:92:B6:84:D0:04:33:CB:D0:F6
Certificate issuer:       /CN=a7fe79e4e63bd16bc4237592b684d00433cbd0f6
Certificate serial:       019A71B88BA633E3203E9C0AF7F2A45161C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft
Manifest number:          0861
Signing time:             Tue 11 Nov 2025 07:01:50 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:50 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:50 +0000
Files and hashes:         1: p_555OY70WvEI3WStoTQBDPL0PY.crl (hash: VPSKDFPJZiLDaRVLaDhFvQiWRH/uULZGFzVgiYBR3ZU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:8b:a6:33:e3:20:3e:9c:0a:f7:f2:a4:51:61:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7fe79e4e63bd16bc4237592b684d00433cbd0f6
        Validity
            Not Before: Nov 11 07:01:50 2025 GMT
            Not After : Nov 12 07:01:50 2025 GMT
        Subject: CN=53f5fc1e53d27893becd315ed99f93357e3de1f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9e:ca:aa:ea:31:8a:5b:fc:72:ea:3a:46:80:
                    58:dd:9f:8c:15:b5:a1:7f:7d:cf:d7:ff:a0:90:34:
                    5e:e2:3f:53:35:9f:f3:cb:8d:f5:5e:9d:6d:ba:51:
                    ee:3c:1b:80:ea:a1:fe:32:2b:90:82:71:68:5d:58:
                    a6:58:bb:4e:4d:4f:33:67:88:09:2b:e2:c1:e1:d0:
                    ec:61:76:57:37:fd:80:99:b5:4b:1d:a1:79:e9:7d:
                    da:7c:89:90:14:f2:85:05:f3:b2:2d:a6:77:0f:e7:
                    bf:eb:aa:de:c8:3e:e1:fa:24:33:cd:d5:db:59:06:
                    f0:1c:34:e1:5c:5c:e8:34:c1:24:46:22:f0:b9:3e:
                    2d:8d:3d:7e:e1:9c:ba:e4:48:e4:93:13:b5:dc:5b:
                    94:28:8b:8c:d3:81:82:18:de:64:21:ad:9e:e2:de:
                    21:33:67:27:e2:89:e4:c0:a8:b3:a8:c0:ab:19:49:
                    07:ea:dd:d9:a8:05:de:33:33:25:24:52:8a:15:a1:
                    bc:a4:cd:c6:5b:60:75:86:c1:30:b8:77:07:7b:b3:
                    20:a4:46:17:10:04:6a:a4:1c:3b:07:4c:d1:49:bd:
                    0e:1b:ce:20:08:45:be:8a:03:24:3e:b1:d1:ba:19:
                    a1:60:89:18:a0:95:0a:2e:2f:d7:29:d6:51:b5:be:
                    fa:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:F5:FC:1E:53:D2:78:93:BE:CD:31:5E:D9:9F:93:35:7E:3D:E1:F9
            X509v3 Authority Key Identifier:
                keyid:A7:FE:79:E4:E6:3B:D1:6B:C4:23:75:92:B6:84:D0:04:33:CB:D0:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:ed:91:5d:85:89:a9:8f:ed:ff:83:29:62:e0:1b:28:08:62:
         66:8d:d7:a1:1a:f3:dc:70:c0:ff:de:9d:ec:ab:fd:4f:29:4f:
         2f:a3:cf:1b:83:f4:d4:86:d4:f6:78:9f:39:cd:0e:1f:b8:b0:
         d6:30:15:d3:f1:be:dd:aa:2e:4e:18:8e:b7:d0:fc:f6:3c:ba:
         c2:33:ab:7b:9a:f0:c5:e7:90:b0:56:a4:3d:fd:10:9a:d8:20:
         1f:2a:93:31:5d:e4:e0:5a:c2:b8:21:b8:20:87:8e:ca:0e:d6:
         1d:6a:1d:e5:38:c0:8a:59:79:97:0e:da:a3:d2:70:2d:47:39:
         a2:ec:aa:e7:5d:3d:8b:27:76:44:83:9f:9b:d7:97:2e:4d:75:
         27:cb:79:1f:77:86:c6:3a:69:30:69:95:f6:40:b1:0c:90:d3:
         c1:ed:1c:91:0e:67:72:06:71:eb:b3:f5:ba:6a:96:42:86:d1:
         8a:44:46:9c:28:73:0d:ac:93:9a:bb:7e:2c:54:90:9e:30:07:
         00:a3:53:32:dd:4b:8e:0d:a3:0b:68:c8:b5:47:51:67:46:c7:
         cb:50:ed:37:89:83:76:bc:24:a8:dd:89:59:ad:e7:11:9e:4a:
         f2:63:8c:1f:b7:3d:c9:1b:09:2e:85:75:b3:b4:39:6b:b7:b4:
         1c:af:ed:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIumM+MgPpwK9/KkUWHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmU3OWU0ZTYzYmQxNmJjNDIzNzU5MmI2ODRkMDA0MzNj
YmQwZjYwHhcNMjUxMTExMDcwMTUwWhcNMjUxMTEyMDcwMTUwWjAzMTEwLwYDVQQD
Eyg1M2Y1ZmMxZTUzZDI3ODkzYmVjZDMxNWVkOTlmOTMzNTdlM2RlMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ7Kquoxilv8cuo6RoBY3Z+MFbWh
f33P1/+gkDRe4j9TNZ/zy431Xp1tulHuPBuA6qH+MiuQgnFoXVimWLtOTU8zZ4gJ
K+LB4dDsYXZXN/2AmbVLHaF56X3afImQFPKFBfOyLaZ3D+e/66reyD7h+iQzzdXb
WQbwHDThXFzoNMEkRiLwuT4tjT1+4Zy65EjkkxO13FuUKIuM04GCGN5kIa2e4t4h
M2cn4onkwKizqMCrGUkH6t3ZqAXeMzMlJFKKFaG8pM3GW2B1hsEwuHcHe7MgpEYX
EARqpBw7B0zRSb0OG84gCEW+igMkPrHRuhmhYIkYoJUKLi/XKdZRtb76qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFP1/B5T0niTvs0xXtmfkzV+PeH5MB8GA1UdIwQY
MBaAFKf+eeTmO9FrxCN1kraE0AQzy9D2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8xNGI1YzEtYTMzMy00NDliLWIyODAt
MjUxYTdiMTNjMTE4LzEvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8xNGI1YzEtYTMzMy00NDliLWIyODAtMjUxYTdiMTNjMTE4
LzEvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbe2RXYWJ
qY/t/4MpYuAbKAhiZo3XoRrz3HDA/96d7Kv9TylPL6PPG4P01IbU9nifOc0OH7iw
1jAV0/G+3aouThiOt9D89jy6wjOre5rwxeeQsFakPf0QmtggHyqTMV3k4FrCuCG4
IIeOyg7WHWod5TjAill5lw7ao9JwLUc5ouyq5109iyd2RIOfm9eXLk11J8t5H3eG
xjppMGmV9kCxDJDTwe0ckQ5ncgZx67P1umqWQobRikRGnChzDayTmrt+LFSQnjAH
AKNTMt1Ljg2jC2jItUdRZ0bHy1DtN4mDdrwkqN2JWa3nEZ5K8mOMH7c9yRsJLoV1
s7Q5a7e0HK/tTQ==
-----END CERTIFICATE-----