Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft
File:                     4WU0PZW9Tbww89ciSVQanUfnbZE.mft (raw, json)
Hash identifier:          HEyB+IuPeFi+jsNCZ9NgVlYRZKlwIfeCaruVgwtW4vs=
Subject key identifier:   40:57:C9:6B:18:CA:EC:F9:C5:C2:FA:B4:2E:BA:AF:FF:76:6D:D5:C8
Authority key identifier: E1:65:34:3D:95:BD:4D:BC:30:F3:D7:22:49:54:1A:9D:47:E7:6D:91
Certificate issuer:       /CN=e165343d95bd4dbc30f3d72249541a9d47e76d91
Certificate serial:       019A112844C730621A67AFAD688EC84517BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4WU0PZW9Tbww89ciSVQanUfnbZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft
Manifest number:          0FF0
Signing time:             Thu 23 Oct 2025 13:00:42 +0000
Manifest this update:     Thu 23 Oct 2025 13:00:42 +0000
Manifest next update:     Fri 24 Oct 2025 13:00:42 +0000
Files and hashes:         1: 4WU0PZW9Tbww89ciSVQanUfnbZE.crl (hash: gF33t7LQQiK8A7+1LDKFkb/GbsM23PiCFXiW+go9OCU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4WU0PZW9Tbww89ciSVQanUfnbZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:11:28:44:c7:30:62:1a:67:af:ad:68:8e:c8:45:17:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e165343d95bd4dbc30f3d72249541a9d47e76d91
        Validity
            Not Before: Oct 23 13:00:42 2025 GMT
            Not After : Oct 24 13:00:42 2025 GMT
        Subject: CN=4057c96b18caecf9c5c2fab42ebaafff766dd5c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:28:66:a0:74:09:db:95:17:77:7a:0f:bb:25:
                    a7:3b:01:d5:74:9f:32:84:a1:b2:d0:b4:f8:a2:cc:
                    87:36:8b:c5:35:3d:5f:ba:16:e9:72:b8:3f:a8:e8:
                    07:96:4a:36:73:71:26:73:0a:96:3c:60:12:1d:44:
                    bd:be:c9:61:90:45:e5:b5:05:62:98:99:44:6d:b8:
                    d7:02:5f:21:17:3b:75:c3:1e:f0:8f:28:8d:3f:f6:
                    02:2c:b4:ad:01:d7:62:49:3b:8f:bc:a2:5d:ed:8c:
                    8c:22:75:e1:a4:fd:ed:5f:57:af:86:aa:b5:b1:c1:
                    2e:84:2a:46:2f:29:b4:b4:82:3d:40:59:2b:07:9c:
                    79:b4:ed:80:81:6e:17:c1:67:b8:ff:7d:e6:3f:9d:
                    d8:1a:99:d7:51:09:2f:5a:a4:93:28:a6:35:e4:03:
                    d5:c3:38:4a:a3:3a:75:a4:bf:b8:24:26:0e:6a:1d:
                    d8:99:c7:fc:e9:38:c1:aa:0a:3b:c6:b9:e0:e1:a3:
                    9c:d7:f5:9d:9d:7d:b9:5b:59:8c:5b:d7:c4:54:0f:
                    5b:a0:4e:ba:ea:e4:6d:09:98:9a:10:5d:b9:c8:26:
                    c4:c2:5a:48:7c:a9:85:2b:ea:81:9a:d2:b3:22:6f:
                    d2:d3:a6:d3:16:2c:36:69:cb:2e:f9:ee:61:82:48:
                    2e:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:57:C9:6B:18:CA:EC:F9:C5:C2:FA:B4:2E:BA:AF:FF:76:6D:D5:C8
            X509v3 Authority Key Identifier:
                keyid:E1:65:34:3D:95:BD:4D:BC:30:F3:D7:22:49:54:1A:9D:47:E7:6D:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4WU0PZW9Tbww89ciSVQanUfnbZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:5c:ce:e4:b2:a3:81:6e:f2:ee:9c:12:ef:98:e9:c3:4a:7c:
         d5:de:ab:af:f9:df:77:09:ec:ef:70:95:fd:54:32:27:76:bf:
         dc:68:96:d4:d8:83:bb:7d:5c:9d:af:f5:3c:1a:26:9e:73:af:
         3b:24:fb:83:f2:c5:f0:56:7d:67:a1:0f:9d:61:1e:9f:84:96:
         dd:15:44:c3:d6:30:35:fb:0e:8e:15:35:49:11:5a:80:f5:55:
         4a:3e:b8:2c:cb:68:b7:90:d3:32:7c:77:2c:cf:15:2f:46:9f:
         73:b0:3d:16:72:db:de:17:1d:1c:47:7f:45:dc:fd:7d:bf:64:
         2e:db:d8:b6:29:2a:6b:29:d9:2c:be:8d:8c:cf:31:5f:4b:e5:
         89:7d:30:12:7d:e4:09:3d:37:83:b2:a6:fd:90:52:94:7c:2e:
         81:c0:b7:35:c0:cf:42:a0:60:71:ff:bf:85:5d:1d:4b:23:60:
         33:62:0d:08:44:bd:e1:6c:1f:78:7a:54:13:74:3b:c3:b8:87:
         46:10:2f:23:d7:7d:da:8a:df:6c:c0:b2:b2:7c:37:d8:73:5a:
         a5:9d:2f:dd:37:c6:9c:83:1f:84:ee:ad:31:bd:48:69:a3:24:
         52:95:9f:7e:d5:bf:73:87:cf:e0:f2:1d:a2:78:6d:f7:a2:70:
         8c:b5:10:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoRKETHMGIaZ6+taI7IRRe9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNjUzNDNkOTViZDRkYmMzMGYzZDcyMjQ5NTQxYTlkNDdl
NzZkOTEwHhcNMjUxMDIzMTMwMDQyWhcNMjUxMDI0MTMwMDQyWjAzMTEwLwYDVQQD
Eyg0MDU3Yzk2YjE4Y2FlY2Y5YzVjMmZhYjQyZWJhYWZmZjc2NmRkNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqShmoHQJ25UXd3oPuyWnOwHVdJ8y
hKGy0LT4osyHNovFNT1fuhbpcrg/qOgHlko2c3EmcwqWPGASHUS9vslhkEXltQVi
mJlEbbjXAl8hFzt1wx7wjyiNP/YCLLStAddiSTuPvKJd7YyMInXhpP3tX1evhqq1
scEuhCpGLym0tII9QFkrB5x5tO2AgW4XwWe4/33mP53YGpnXUQkvWqSTKKY15APV
wzhKozp1pL+4JCYOah3Ymcf86TjBqgo7xrng4aOc1/WdnX25W1mMW9fEVA9boE66
6uRtCZiaEF25yCbEwlpIfKmFK+qBmtKzIm/S06bTFiw2acsu+e5hgkgurwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBXyWsYyuz5xcL6tC66r/92bdXIMB8GA1UdIwQY
MBaAFOFlND2VvU28MPPXIklUGp1H522RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFdVMFBaVzlUYnd3ODljaVNWUWFuVWZuYlpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC83ZDI2YjgtZjc0Ny00ZDlhLTlhYTIt
NmUyYzA1M2Q5OTkzLzEvNFdVMFBaVzlUYnd3ODljaVNWUWFuVWZuYlpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC83ZDI2YjgtZjc0Ny00ZDlhLTlhYTItNmUyYzA1M2Q5OTkz
LzEvNFdVMFBaVzlUYnd3ODljaVNWUWFuVWZuYlpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp1zO5LKj
gW7y7pwS75jpw0p81d6rr/nfdwns73CV/VQyJ3a/3GiW1NiDu31cna/1PBomnnOv
OyT7g/LF8FZ9Z6EPnWEen4SW3RVEw9YwNfsOjhU1SRFagPVVSj64LMtot5DTMnx3
LM8VL0afc7A9FnLb3hcdHEd/Rdz9fb9kLtvYtikqaynZLL6NjM8xX0vliX0wEn3k
CT03g7Km/ZBSlHwugcC3NcDPQqBgcf+/hV0dSyNgM2INCES94WwfeHpUE3Q7w7iH
RhAvI9d92orfbMCysnw32HNapZ0v3TfGnIMfhO6tMb1IaaMkUpWfftW/c4fP4PId
onht96JwjLUQ2Q==
-----END CERTIFICATE-----