Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
File:                     tRFbXBJF3DDhIwQHnslKNe1SfGY.mft (raw, json)
Hash identifier:          XnuXvOhENxCg1d9gPRDp2bw4zTEDZG575n6OYg4twq0=
Subject key identifier:   FC:F8:ED:D3:DC:9E:11:16:B9:64:31:79:30:78:D8:B3:10:2C:38:7F
Authority key identifier: B5:11:5B:5C:12:45:DC:30:E1:23:04:07:9E:C9:4A:35:ED:52:7C:66
Certificate issuer:       /CN=b5115b5c1245dc30e12304079ec94a35ed527c66
Certificate serial:       019A7149F8E653AAE740FC1227EA7E0816BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
Manifest number:          E0
Signing time:             Tue 11 Nov 2025 05:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:04 +0000
Files and hashes:         1: tRFbXBJF3DDhIwQHnslKNe1SfGY.crl (hash: 6gB8aTR0+Ety6gLSvNJavjtuRAF8zc4NopPJJMcnvYw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:f8:e6:53:aa:e7:40:fc:12:27:ea:7e:08:16:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5115b5c1245dc30e12304079ec94a35ed527c66
        Validity
            Not Before: Nov 11 05:01:04 2025 GMT
            Not After : Nov 12 05:01:04 2025 GMT
        Subject: CN=fcf8edd3dc9e1116b96431793078d8b3102c387f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:4c:82:ca:98:03:26:84:06:30:f4:4c:c9:ce:
                    bd:47:98:85:03:46:2f:c4:60:42:3e:82:b4:2a:6e:
                    ed:e4:ca:a0:f2:fe:a6:59:b3:19:fb:71:2b:dc:02:
                    f9:ee:09:d3:7b:29:87:2a:5c:2c:d0:98:21:7d:d0:
                    51:98:66:55:34:1a:1d:26:3f:36:e7:f0:c6:0a:9c:
                    51:ad:e7:d1:53:66:de:71:4c:9e:95:eb:9d:b2:17:
                    e7:af:fa:9a:7b:74:c7:96:47:ae:2e:1d:4b:56:87:
                    4b:1c:84:c2:b0:cc:a5:91:be:bd:84:49:1a:cd:a4:
                    6c:e3:13:8c:ce:99:74:07:33:36:38:61:d5:78:d2:
                    ec:c1:ae:4e:dc:ac:6a:f1:26:64:4d:fd:18:5c:cc:
                    2c:48:0e:91:9f:71:f9:a9:c3:5d:ef:b5:8a:1e:87:
                    41:23:19:7e:67:c9:95:a2:a7:aa:72:62:a1:eb:b1:
                    cc:51:6c:ac:78:b0:a8:61:a4:db:e4:24:40:16:e9:
                    85:42:bb:6b:ed:5a:7b:ca:f3:96:01:08:01:7a:0c:
                    42:86:ae:9c:ee:06:a7:66:5e:8e:45:14:d5:17:78:
                    fe:c3:3e:6f:f6:5f:89:57:be:4d:ed:0c:ad:0d:b8:
                    f6:73:8e:78:46:72:f3:26:21:7c:b6:ab:3d:71:52:
                    97:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:F8:ED:D3:DC:9E:11:16:B9:64:31:79:30:78:D8:B3:10:2C:38:7F
            X509v3 Authority Key Identifier:
                keyid:B5:11:5B:5C:12:45:DC:30:E1:23:04:07:9E:C9:4A:35:ED:52:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:7f:fc:08:20:1e:81:e0:f1:e5:0d:c5:f0:73:8a:0e:84:f3:
         09:10:ac:5a:5e:d7:59:e0:49:54:82:b1:7a:7d:37:13:cf:b8:
         33:cd:5c:6e:02:86:e6:1a:7b:50:36:63:1e:1e:b4:9c:7c:aa:
         34:2d:a0:4e:95:ed:30:c8:b1:d7:4a:ca:86:a5:84:a4:11:b6:
         89:dd:79:af:f8:f2:ba:ab:84:06:9b:8b:f5:fd:ef:70:d0:58:
         01:01:ec:8c:ed:ba:7f:a7:f7:62:aa:79:34:04:f6:76:39:39:
         16:e0:4b:c1:fe:7e:e5:ce:90:44:82:52:72:8e:25:7e:22:7b:
         9e:34:97:c8:d2:28:5f:dc:67:a6:87:4e:fe:50:d0:21:e7:2e:
         d7:85:72:cf:0e:d5:2d:64:be:67:bf:f7:3e:e2:8c:94:27:e9:
         5e:79:5b:85:ce:d5:d2:85:88:1e:e6:51:41:30:e5:aa:bc:9a:
         3d:38:98:43:95:4b:23:d0:3e:4d:04:00:34:c0:f1:bb:de:1f:
         9c:90:3e:c3:5a:1c:e0:ee:56:7c:00:80:c0:2d:c5:fb:60:42:
         23:2c:60:62:6c:82:e9:53:88:7e:dc:58:54:06:3e:23:64:db:
         ec:a8:89:5b:5b:ed:10:a9:5a:53:57:49:bf:94:42:56:77:9a:
         06:b0:26:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSfjmU6rnQPwSJ+p+CBa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTE1YjVjMTI0NWRjMzBlMTIzMDQwNzllYzk0YTM1ZWQ1
MjdjNjYwHhcNMjUxMTExMDUwMTA0WhcNMjUxMTEyMDUwMTA0WjAzMTEwLwYDVQQD
EyhmY2Y4ZWRkM2RjOWUxMTE2Yjk2NDMxNzkzMDc4ZDhiMzEwMmMzODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUyCypgDJoQGMPRMyc69R5iFA0Yv
xGBCPoK0Km7t5Mqg8v6mWbMZ+3Er3AL57gnTeymHKlws0JghfdBRmGZVNBodJj82
5/DGCpxRrefRU2becUyeleudshfnr/qae3THlkeuLh1LVodLHITCsMylkb69hEka
zaRs4xOMzpl0BzM2OGHVeNLswa5O3Kxq8SZkTf0YXMwsSA6Rn3H5qcNd77WKHodB
Ixl+Z8mVoqeqcmKh67HMUWyseLCoYaTb5CRAFumFQrtr7Vp7yvOWAQgBegxChq6c
7ganZl6ORRTVF3j+wz5v9l+JV75N7QytDbj2c454RnLzJiF8tqs9cVKXpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPz47dPcnhEWuWQxeTB42LMQLDh/MB8GA1UdIwQY
MBaAFLURW1wSRdww4SMEB57JSjXtUnxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hMzZhNjctNTQyYi00ZjhlLTgxZjAt
NmUyZGE2MGUyODM0LzEvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hMzZhNjctNTQyYi00ZjhlLTgxZjAtNmUyZGE2MGUyODM0
LzEvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApn/8CCAe
geDx5Q3F8HOKDoTzCRCsWl7XWeBJVIKxen03E8+4M81cbgKG5hp7UDZjHh60nHyq
NC2gTpXtMMix10rKhqWEpBG2id15r/jyuquEBpuL9f3vcNBYAQHsjO26f6f3Yqp5
NAT2djk5FuBLwf5+5c6QRIJSco4lfiJ7njSXyNIoX9xnpodO/lDQIecu14Vyzw7V
LWS+Z7/3PuKMlCfpXnlbhc7V0oWIHuZRQTDlqryaPTiYQ5VLI9A+TQQANMDxu94f
nJA+w1oc4O5WfACAwC3F+2BCIyxgYmyC6VOIftxYVAY+I2Tb7KiJW1vtEKlaU1dJ
v5RCVneaBrAmIg==
-----END CERTIFICATE-----