Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
File:                     dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft (raw, json)
Hash identifier:          xUyjxMhET348EgvwrcryOuYcuJkXkTqCbQJ0N+MCzM0=
Subject key identifier:   F5:1E:88:88:B7:D9:2D:AE:DD:9D:EA:B9:47:79:4D:6D:50:66:1B:A0
Authority key identifier: 74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E
Certificate issuer:       /CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
Certificate serial:       019A71EE761B78777A0F555B52FFE7853210
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
Manifest number:          1013
Signing time:             Tue 11 Nov 2025 08:00:44 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:44 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:44 +0000
Files and hashes:         1: dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl (hash: VGKSpkb+2v83HwidsBh2TnGzD0HkYb+D79Cz34eTc00=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:76:1b:78:77:7a:0f:55:5b:52:ff:e7:85:32:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
        Validity
            Not Before: Nov 11 08:00:44 2025 GMT
            Not After : Nov 12 08:00:44 2025 GMT
        Subject: CN=f51e8888b7d92daedd9deab947794d6d50661ba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:1e:38:25:ef:e1:89:83:52:81:43:55:44:af:
                    9c:04:c5:3c:6f:fd:bf:8f:b0:81:62:de:67:24:7e:
                    dc:a1:f1:79:9e:b6:32:a4:f9:e3:80:ac:31:32:8e:
                    5f:0f:8b:10:87:78:44:ac:f7:c7:58:24:ee:4e:2f:
                    9f:97:05:d9:41:e6:31:40:a9:d7:5a:6d:de:15:55:
                    1a:1c:fe:13:1e:64:b4:2b:37:6f:f8:24:47:23:a9:
                    2d:2f:80:ef:bd:8a:4d:58:96:b2:2a:71:5f:8d:20:
                    8a:20:c1:0e:d5:de:c5:e0:25:22:cd:bf:92:ad:01:
                    6a:b2:fd:a8:1d:31:64:f7:36:bc:31:2a:4a:bb:d5:
                    62:60:7e:7f:bc:5c:75:a8:3c:73:8b:54:13:06:c4:
                    c8:d4:7f:9a:59:2d:50:5e:84:39:4e:b5:f5:47:63:
                    3c:90:fb:50:90:1f:b9:c7:dc:af:6e:68:5f:71:f8:
                    7d:06:eb:68:0c:17:8d:0b:5f:36:a2:0b:70:13:a4:
                    95:0c:18:d8:90:f7:91:a9:b7:2f:94:aa:cc:fb:aa:
                    b0:da:9b:f0:8c:e4:f7:1f:a7:3c:ca:4a:14:70:aa:
                    20:c4:fe:4b:ae:9b:b6:4d:25:2c:ac:29:10:79:4e:
                    19:9c:88:6d:91:a8:a6:4f:c6:b5:b1:e2:27:0e:16:
                    34:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:1E:88:88:B7:D9:2D:AE:DD:9D:EA:B9:47:79:4D:6D:50:66:1B:A0
            X509v3 Authority Key Identifier:
                keyid:74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:47:2c:ff:f4:fb:70:97:2f:43:1a:df:63:9b:8e:d2:e9:6c:
         c0:e0:97:b2:16:d4:a3:d4:51:2f:18:58:3f:89:92:6a:c7:0c:
         56:df:6a:77:6e:1b:10:04:81:16:66:07:57:5d:44:0a:82:4c:
         62:a9:c6:3b:5e:24:fe:01:d7:32:4e:01:a0:4b:58:0c:d8:c0:
         e7:b4:ab:3d:3b:3d:24:27:d9:f5:a6:11:f9:a3:60:22:52:62:
         c3:03:36:82:a6:a7:88:8a:b9:09:84:8a:21:4a:8b:bc:ab:10:
         d2:ea:73:b9:43:c6:63:e6:02:cb:f5:e0:1d:65:0c:57:b2:42:
         ba:15:94:8a:b2:d3:f2:bf:e3:64:34:fd:e2:00:77:bd:fc:b0:
         2d:bb:de:55:fc:f7:5f:3a:a8:09:55:fa:fa:30:22:a8:3e:c6:
         b3:29:8f:10:80:59:0b:d1:8e:c0:38:c6:ca:59:f0:59:91:b0:
         0e:ee:33:4e:77:f1:56:e9:33:ac:c4:83:2c:9f:12:a9:f6:92:
         30:9a:7f:46:98:47:67:ca:a1:70:d1:83:f2:4d:9b:f5:67:c4:
         b1:f6:0f:3f:21:92:9b:ea:02:c0:97:28:b0:f5:85:e8:62:a4:
         44:8c:7a:f0:c3:01:d1:ab:f3:77:bd:6e:82:58:3f:61:c1:60:
         a8:84:f6:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7nYbeHd6D1VbUv/nhTIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzJlYjhmODAxNWViMWJjMjllYTMxNjJmODNlNmFjZWRi
YjQyN2UwHhcNMjUxMTExMDgwMDQ0WhcNMjUxMTEyMDgwMDQ0WjAzMTEwLwYDVQQD
EyhmNTFlODg4OGI3ZDkyZGFlZGQ5ZGVhYjk0Nzc5NGQ2ZDUwNjYxYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+R44Je/hiYNSgUNVRK+cBMU8b/2/
j7CBYt5nJH7cofF5nrYypPnjgKwxMo5fD4sQh3hErPfHWCTuTi+flwXZQeYxQKnX
Wm3eFVUaHP4THmS0Kzdv+CRHI6ktL4DvvYpNWJayKnFfjSCKIMEO1d7F4CUizb+S
rQFqsv2oHTFk9za8MSpKu9ViYH5/vFx1qDxzi1QTBsTI1H+aWS1QXoQ5TrX1R2M8
kPtQkB+5x9yvbmhfcfh9ButoDBeNC182ogtwE6SVDBjYkPeRqbcvlKrM+6qw2pvw
jOT3H6c8ykoUcKogxP5Lrpu2TSUsrCkQeU4ZnIhtkaimT8a1seInDhY0rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUeiIi32S2u3Z3quUd5TW1QZhugMB8GA1UdIwQY
MBaAFHRy64+AFesbwp6jFi+D5qztu0J+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2Et
MWJmZmRhMzgyZWJlLzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2EtMWJmZmRhMzgyZWJl
LzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzUcs//T7
cJcvQxrfY5uO0ulswOCXshbUo9RRLxhYP4mSascMVt9qd24bEASBFmYHV11ECoJM
YqnGO14k/gHXMk4BoEtYDNjA57SrPTs9JCfZ9aYR+aNgIlJiwwM2gqaniIq5CYSK
IUqLvKsQ0upzuUPGY+YCy/XgHWUMV7JCuhWUirLT8r/jZDT94gB3vfywLbveVfz3
XzqoCVX6+jAiqD7GsymPEIBZC9GOwDjGylnwWZGwDu4zTnfxVukzrMSDLJ8SqfaS
MJp/RphHZ8qhcNGD8k2b9WfEsfYPPyGSm+oCwJcosPWF6GKkRIx68MMB0avzd71u
glg/YcFgqIT2dw==
-----END CERTIFICATE-----