Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
File:                     IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft (raw, json)
Hash identifier:          OBB8kuGGJdAPil0XfZLEu7jZM/gcZ/INds01k3tA4fg=
Subject key identifier:   64:17:97:F3:51:AF:2F:D8:21:7A:6C:0A:E7:26:98:D0:AD:90:1A:51
Authority key identifier: 22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D
Certificate issuer:       /CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
Certificate serial:       019A72936538EF718661897EDBB353E230E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
Manifest number:          0CF0
Signing time:             Tue 11 Nov 2025 11:00:53 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:53 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:53 +0000
Files and hashes:         1: IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl (hash: 4sh9CLhwLRonV4S+HGO5zJ8+MSaISlsocm+G8KoyUZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:65:38:ef:71:86:61:89:7e:db:b3:53:e2:30:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
        Validity
            Not Before: Nov 11 11:00:53 2025 GMT
            Not After : Nov 12 11:00:53 2025 GMT
        Subject: CN=641797f351af2fd8217a6c0ae72698d0ad901a51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:43:06:80:be:7a:e4:94:56:d8:30:73:47:fa:
                    6c:0f:3a:12:20:8b:15:c9:e2:ba:83:9f:bb:5a:bd:
                    62:b7:d0:5b:4b:71:b2:af:b2:18:22:4d:81:f8:00:
                    c9:08:66:3e:d0:26:27:d7:e0:b6:df:ac:93:95:ec:
                    31:61:92:8a:87:49:f9:af:04:6c:f6:ba:ed:cd:ce:
                    57:f0:d9:ae:9b:7b:2f:52:9d:c4:e6:3b:f6:c0:34:
                    8e:fa:32:5d:a3:7f:1f:f5:1b:12:5d:c6:8c:aa:d9:
                    a6:62:c0:c2:ad:a1:28:ee:cc:d0:e9:b0:70:b4:4a:
                    3e:7f:e8:29:76:c5:6e:e4:75:1b:5a:85:21:15:f6:
                    1a:83:03:9a:b0:08:3b:c7:ad:fb:76:e1:8a:76:0c:
                    4d:b1:48:e9:39:06:88:ca:84:30:75:57:55:88:62:
                    08:e6:ec:75:24:c5:03:c9:59:a4:4a:94:50:04:de:
                    38:34:d3:55:bc:d2:b8:75:86:27:a5:16:7c:02:09:
                    f0:2b:57:e7:f2:23:05:d8:a3:dc:a4:7d:9e:62:11:
                    89:6b:4b:d8:31:12:65:31:cd:75:2c:2f:72:a9:d5:
                    15:7b:22:81:40:61:66:21:2d:d0:7c:4a:c9:03:96:
                    fc:f5:dc:b4:60:e1:32:86:28:16:95:74:0c:a3:cc:
                    60:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:17:97:F3:51:AF:2F:D8:21:7A:6C:0A:E7:26:98:D0:AD:90:1A:51
            X509v3 Authority Key Identifier:
                keyid:22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:d6:11:a0:57:38:ca:dc:1e:db:12:a5:5f:e2:89:ce:65:6a:
         f5:90:c8:78:71:5b:c3:a4:63:4c:c2:ce:1f:01:d6:a8:1e:fd:
         ef:cd:65:ab:41:65:5c:36:70:10:da:d5:3b:21:80:f5:f6:c2:
         ee:c9:6b:f2:15:31:7b:91:fb:ae:16:f6:b2:df:b0:44:a3:4f:
         03:43:7a:6c:27:c5:8a:cb:a0:f9:90:a3:10:b1:d2:55:d8:ee:
         96:85:99:19:73:18:47:09:38:2c:52:f1:0e:df:98:c8:2d:3a:
         ff:c9:9a:4a:46:80:23:82:26:a1:52:ef:b2:8a:96:fe:3b:21:
         98:b4:7c:43:47:a3:d7:74:5d:7c:ce:79:f2:30:7e:d3:b0:7c:
         94:dd:97:9a:75:e7:0a:92:66:97:0e:48:0c:56:90:34:26:35:
         80:0b:ba:48:a6:bf:38:3c:53:33:0f:bd:27:79:08:04:c4:31:
         d2:4e:62:d5:bb:d2:c4:83:d2:d1:42:b8:c5:32:0e:48:e8:51:
         a6:37:44:af:fe:60:83:5c:a3:74:d4:49:f9:0c:c0:31:89:c7:
         bc:a8:95:7a:b6:2c:44:98:86:d8:21:26:87:fa:b6:51:a3:74:
         4d:59:d2:16:05:7c:16:ad:b0:60:7e:58:0c:9f:2d:80:b4:24:
         9b:57:94:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk2U473GGYYl+27NT4jDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmJlZjY5NWZhOTVkMGM5NTkwOWU1MWFhMWZhYjk0ZmM0
MDI2N2QwHhcNMjUxMTExMTEwMDUzWhcNMjUxMTEyMTEwMDUzWjAzMTEwLwYDVQQD
Eyg2NDE3OTdmMzUxYWYyZmQ4MjE3YTZjMGFlNzI2OThkMGFkOTAxYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUMGgL565JRW2DBzR/psDzoSIIsV
yeK6g5+7Wr1it9BbS3Gyr7IYIk2B+ADJCGY+0CYn1+C236yTlewxYZKKh0n5rwRs
9rrtzc5X8Nmum3svUp3E5jv2wDSO+jJdo38f9RsSXcaMqtmmYsDCraEo7szQ6bBw
tEo+f+gpdsVu5HUbWoUhFfYagwOasAg7x637duGKdgxNsUjpOQaIyoQwdVdViGII
5ux1JMUDyVmkSpRQBN44NNNVvNK4dYYnpRZ8AgnwK1fn8iMF2KPcpH2eYhGJa0vY
MRJlMc11LC9yqdUVeyKBQGFmIS3QfErJA5b89dy0YOEyhigWlXQMo8xgawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQXl/NRry/YIXpsCucmmNCtkBpRMB8GA1UdIwQY
MBaAFCL772lfqV0MlZCeUaofq5T8QCZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEt
ZjYyOTUwOGMwNzJkLzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEtZjYyOTUwOGMwNzJk
LzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNYRoFc4
ytwe2xKlX+KJzmVq9ZDIeHFbw6RjTMLOHwHWqB79781lq0FlXDZwENrVOyGA9fbC
7slr8hUxe5H7rhb2st+wRKNPA0N6bCfFisug+ZCjELHSVdjuloWZGXMYRwk4LFLx
Dt+YyC06/8maSkaAI4ImoVLvsoqW/jshmLR8Q0ej13RdfM558jB+07B8lN2XmnXn
CpJmlw5IDFaQNCY1gAu6SKa/ODxTMw+9J3kIBMQx0k5i1bvSxIPS0UK4xTIOSOhR
pjdEr/5gg1yjdNRJ+QzAMYnHvKiVerYsRJiG2CEmh/q2UaN0TVnSFgV8Fq2wYH5Y
DJ8tgLQkm1eUXg==
-----END CERTIFICATE-----