Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/c96090-91d4-4403-bbfd-47ba33ba3c05/1/jkFZeSO5geHA1Pyi_9CozcNme30.mft
File:                     jkFZeSO5geHA1Pyi_9CozcNme30.mft (raw, json)
Hash identifier:          bx5t/9HZkaYILXw5JBkQ8UD3yv5/BoKBmoDWVJdnxNs=
Subject key identifier:   9E:C6:BF:23:CA:BA:57:67:BD:CD:BC:B4:6A:86:F6:16:6D:31:59:91
Authority key identifier: 8E:41:59:79:23:B9:81:E1:C0:D4:FC:A2:FF:D0:A8:CD:C3:66:7B:7D
Certificate issuer:       /CN=8e41597923b981e1c0d4fca2ffd0a8cdc3667b7d
Certificate serial:       019A725CBD87604D0F21FD075AD94DB903F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jkFZeSO5geHA1Pyi_9CozcNme30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/c96090-91d4-4403-bbfd-47ba33ba3c05/1/jkFZeSO5geHA1Pyi_9CozcNme30.mft
Manifest number:          B4
Signing time:             Tue 11 Nov 2025 10:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:11 +0000
Files and hashes:         1: jkFZeSO5geHA1Pyi_9CozcNme30.crl (hash: MZ+M1TsaqB/qJlvX+xDb1mq/B4YxG3e7jNdFS2xC+rQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/c96090-91d4-4403-bbfd-47ba33ba3c05/1/jkFZeSO5geHA1Pyi_9CozcNme30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/c96090-91d4-4403-bbfd-47ba33ba3c05/1/jkFZeSO5geHA1Pyi_9CozcNme30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jkFZeSO5geHA1Pyi_9CozcNme30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:bd:87:60:4d:0f:21:fd:07:5a:d9:4d:b9:03:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e41597923b981e1c0d4fca2ffd0a8cdc3667b7d
        Validity
            Not Before: Nov 11 10:01:11 2025 GMT
            Not After : Nov 12 10:01:11 2025 GMT
        Subject: CN=9ec6bf23caba5767bdcdbcb46a86f6166d315991
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:5f:8b:30:db:23:a6:8f:f8:82:e1:8d:47:1f:
                    6e:a7:02:0a:46:87:a0:7e:f7:65:f4:e1:d1:8b:cb:
                    ef:f9:d5:5b:f7:5b:81:87:9c:c1:45:56:77:51:1a:
                    05:82:b6:4a:48:3c:53:fe:ec:5e:93:d0:08:4a:a1:
                    6a:e6:07:7e:46:a9:01:a9:ab:1d:f9:de:48:25:68:
                    5a:40:b1:f7:3f:bd:ce:9b:c4:ad:60:2f:32:2b:b3:
                    b3:c7:51:b7:a3:b0:71:c1:8d:07:99:fa:72:bc:ff:
                    81:74:28:b4:c4:85:6c:91:2b:0d:fc:0e:26:6a:ca:
                    f9:62:27:8c:0c:45:b5:0b:69:e8:ab:df:9b:5e:e5:
                    b1:b1:df:49:8a:6f:21:08:3e:c9:4e:72:c9:8d:49:
                    ff:6d:c1:e4:e2:77:14:67:ca:dc:69:48:da:f7:3f:
                    53:d5:d9:ea:0a:a1:ca:68:ae:bc:02:00:dd:26:5c:
                    9e:04:1a:70:52:23:7f:2a:fe:56:4f:87:3d:07:00:
                    f7:0c:0e:23:73:e5:95:2c:a7:79:79:10:40:c3:49:
                    05:36:c6:fb:f9:b3:49:bf:3b:ac:a2:17:25:89:90:
                    d8:ae:e7:13:e2:d6:07:05:ee:6b:95:de:f3:f6:47:
                    2e:95:1e:af:1c:5d:9e:76:84:0e:a8:0e:c2:5c:fd:
                    8f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:C6:BF:23:CA:BA:57:67:BD:CD:BC:B4:6A:86:F6:16:6D:31:59:91
            X509v3 Authority Key Identifier:
                keyid:8E:41:59:79:23:B9:81:E1:C0:D4:FC:A2:FF:D0:A8:CD:C3:66:7B:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jkFZeSO5geHA1Pyi_9CozcNme30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c96090-91d4-4403-bbfd-47ba33ba3c05/1/jkFZeSO5geHA1Pyi_9CozcNme30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c96090-91d4-4403-bbfd-47ba33ba3c05/1/jkFZeSO5geHA1Pyi_9CozcNme30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:c3:41:07:ea:b2:86:db:05:bf:30:3b:ee:5f:30:c2:70:ec:
         2b:91:f8:e5:e9:a1:cb:09:fa:a7:66:a5:e4:08:a4:ee:1b:1a:
         ba:f7:f3:46:79:15:36:e5:e1:ef:1c:b7:d0:80:ad:0b:7b:24:
         64:c1:00:25:90:3a:3a:09:b4:3f:fd:8b:07:aa:aa:f5:d8:7d:
         b3:20:5f:c0:22:94:c1:05:8d:48:5e:27:98:0f:e2:b1:95:22:
         f6:05:34:cc:3e:c2:dc:ff:20:b9:e8:c7:2a:9d:0a:11:05:03:
         6a:c1:d2:ab:26:0b:83:91:e3:c6:11:b2:ee:83:26:49:93:a0:
         de:56:3f:d2:5a:21:79:eb:5a:d9:69:a6:c6:06:8e:a7:cc:c8:
         f9:a1:c3:d6:56:dd:6c:ad:7f:f4:24:d7:53:64:09:24:3f:0e:
         38:36:68:2b:80:c9:b6:5b:fd:3b:80:2a:cd:b7:4a:c8:60:de:
         e6:2f:e6:bd:eb:91:32:13:bd:0f:36:36:5f:a6:bb:26:f8:9b:
         16:9a:f3:60:ad:a8:e7:46:80:8b:89:d8:e6:b7:38:8a:3d:b8:
         80:77:1c:16:b5:0f:86:1a:e3:5a:68:40:94:20:fc:4c:88:95:
         a2:34:65:65:4f:09:3b:ff:0f:48:1a:80:ad:10:20:e0:0f:9a:
         42:0d:22:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXL2HYE0PIf0HWtlNuQPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNDE1OTc5MjNiOTgxZTFjMGQ0ZmNhMmZmZDBhOGNkYzM2
NjdiN2QwHhcNMjUxMTExMTAwMTExWhcNMjUxMTEyMTAwMTExWjAzMTEwLwYDVQQD
Eyg5ZWM2YmYyM2NhYmE1NzY3YmRjZGJjYjQ2YTg2ZjYxNjZkMzE1OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl+LMNsjpo/4guGNRx9upwIKRoeg
fvdl9OHRi8vv+dVb91uBh5zBRVZ3URoFgrZKSDxT/uxek9AISqFq5gd+RqkBqasd
+d5IJWhaQLH3P73Om8StYC8yK7Ozx1G3o7BxwY0HmfpyvP+BdCi0xIVskSsN/A4m
asr5YieMDEW1C2noq9+bXuWxsd9Jim8hCD7JTnLJjUn/bcHk4ncUZ8rcaUja9z9T
1dnqCqHKaK68AgDdJlyeBBpwUiN/Kv5WT4c9BwD3DA4jc+WVLKd5eRBAw0kFNsb7
+bNJvzusohcliZDYrucT4tYHBe5rld7z9kculR6vHF2edoQOqA7CXP2PJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7GvyPKuldnvc28tGqG9hZtMVmRMB8GA1UdIwQY
MBaAFI5BWXkjuYHhwNT8ov/QqM3DZnt9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamtGWmVTTzVnZUhBMVB5aV85Q296Y05tZTMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jOTYwOTAtOTFkNC00NDAzLWJiZmQt
NDdiYTMzYmEzYzA1LzEvamtGWmVTTzVnZUhBMVB5aV85Q296Y05tZTMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jOTYwOTAtOTFkNC00NDAzLWJiZmQtNDdiYTMzYmEzYzA1
LzEvamtGWmVTTzVnZUhBMVB5aV85Q296Y05tZTMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABsNBB+qy
htsFvzA77l8wwnDsK5H45emhywn6p2al5Aik7hsauvfzRnkVNuXh7xy30ICtC3sk
ZMEAJZA6Ogm0P/2LB6qq9dh9syBfwCKUwQWNSF4nmA/isZUi9gU0zD7C3P8guejH
Kp0KEQUDasHSqyYLg5HjxhGy7oMmSZOg3lY/0loheeta2WmmxgaOp8zI+aHD1lbd
bK1/9CTXU2QJJD8OODZoK4DJtlv9O4AqzbdKyGDe5i/mveuRMhO9DzY2X6a7Jvib
FprzYK2o50aAi4nY5rc4ij24gHccFrUPhhrjWmhAlCD8TIiVojRlZU8JO/8PSBqA
rRAg4A+aQg0iAQ==
-----END CERTIFICATE-----