Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
File:                     JAy7mUeWHigo2EdLysoem5FVZWA.mft (raw, json)
Hash identifier:          h0D9zgAoDuKPr31/nd5Ki1b5iCVAQI+wIYUW1nWHH54=
Subject key identifier:   D1:C3:6E:14:A5:80:2D:FC:28:26:C5:B8:43:30:6D:C9:B8:9E:59:05
Authority key identifier: 24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60
Certificate issuer:       /CN=240cbb9947961e2828d8474bcaca1e9b91556560
Certificate serial:       019A72CA27A0211C0B9714675D99D086DD6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
Manifest number:          145B
Signing time:             Tue 11 Nov 2025 12:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 12:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 12:00:42 +0000
Files and hashes:         1: JAy7mUeWHigo2EdLysoem5FVZWA.crl (hash: GMjGbdlYM1eZMs146ys6dmSPh9aO/Y4hUUWhelk0uzU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:27:a0:21:1c:0b:97:14:67:5d:99:d0:86:dd:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=240cbb9947961e2828d8474bcaca1e9b91556560
        Validity
            Not Before: Nov 11 12:00:42 2025 GMT
            Not After : Nov 12 12:00:42 2025 GMT
        Subject: CN=d1c36e14a5802dfc2826c5b843306dc9b89e5905
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:1b:5c:7c:c3:9a:5f:f5:46:83:32:36:64:05:
                    3a:1a:96:83:88:33:76:45:fc:07:b2:78:e7:5c:73:
                    b1:22:58:24:aa:44:cb:55:4a:8c:86:7d:b0:a7:41:
                    2e:ba:4b:dd:10:66:3d:59:a3:38:0a:aa:13:7d:99:
                    93:fb:ab:89:a6:3c:31:70:a9:92:43:e5:07:ae:c9:
                    c3:cb:2f:32:39:63:39:59:69:63:f8:11:56:4c:a0:
                    c0:92:51:b3:c4:d6:a9:77:be:80:b8:dc:ef:73:bc:
                    4f:90:cc:cd:b5:29:bd:31:84:ba:f6:cd:21:36:3f:
                    9a:31:93:7e:b9:6c:a7:29:e4:48:9a:c5:05:f6:23:
                    9c:2d:7b:67:90:d8:b3:1f:94:14:55:af:4f:81:82:
                    1f:c0:17:f7:1c:86:00:87:63:fe:b7:a1:2e:8a:07:
                    18:ba:f1:1d:5b:80:e2:1b:58:1c:3e:64:91:5d:b4:
                    f6:69:f4:02:9f:c4:63:90:8c:e6:04:43:8e:4b:4f:
                    fc:8f:1b:17:ba:5b:4a:81:e2:22:2d:62:c6:8a:f9:
                    83:4a:c1:1b:66:52:ba:7c:a8:77:3e:39:cf:de:2d:
                    32:35:dc:8e:e6:94:b3:53:47:04:a7:e9:bd:2f:9b:
                    6c:b5:b4:6c:82:fb:9e:2b:b5:a3:b9:36:36:25:ea:
                    07:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:C3:6E:14:A5:80:2D:FC:28:26:C5:B8:43:30:6D:C9:B8:9E:59:05
            X509v3 Authority Key Identifier:
                keyid:24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:ae:10:e3:5f:d7:e7:a6:75:9f:8c:c9:62:dc:4c:69:4d:f1:
         89:32:72:83:cc:60:e9:76:ea:08:2c:7a:da:f3:5b:05:aa:1d:
         b9:16:16:d4:ea:b8:1d:a9:5c:7c:8b:e3:68:8a:a2:52:3a:43:
         a9:d4:f5:a1:4e:41:93:d5:a0:00:20:59:4a:8f:23:dc:14:9c:
         74:5f:33:fa:e2:32:db:e0:0b:48:e0:8e:0e:84:b7:5f:a8:78:
         0d:6a:fa:7d:ed:93:9f:75:f2:6c:5a:cd:8a:b8:46:8b:8c:ef:
         23:77:cf:23:c3:be:a7:ef:26:29:c8:7b:00:8b:5c:a5:77:28:
         a7:fc:f8:1e:55:c8:b3:8a:85:7e:f9:3d:f8:ee:f9:fa:a9:3a:
         31:5d:09:d9:a7:5c:30:b6:72:ed:8b:e3:6d:75:41:88:1a:55:
         e3:e0:c8:03:db:9e:95:d7:55:6e:5b:de:31:7a:06:ca:67:8a:
         44:ee:73:2c:8e:ee:4f:ee:99:dc:c2:83:1f:a3:3f:80:ca:a2:
         fe:7a:93:80:47:95:e0:a1:d2:7f:15:0a:09:ed:b8:c0:cf:04:
         fe:14:51:85:fc:2d:cd:ab:2b:6f:00:27:ad:7b:37:55:41:17:
         6d:85:42:6b:2b:fb:ad:e4:17:01:77:4d:fd:59:9b:27:de:be:
         50:34:7f:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyiegIRwLlxRnXZnQht1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MGNiYjk5NDc5NjFlMjgyOGQ4NDc0YmNhY2ExZTliOTE1
NTY1NjAwHhcNMjUxMTExMTIwMDQyWhcNMjUxMTEyMTIwMDQyWjAzMTEwLwYDVQQD
EyhkMWMzNmUxNGE1ODAyZGZjMjgyNmM1Yjg0MzMwNmRjOWI4OWU1OTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhtcfMOaX/VGgzI2ZAU6GpaDiDN2
RfwHsnjnXHOxIlgkqkTLVUqMhn2wp0EuukvdEGY9WaM4CqoTfZmT+6uJpjwxcKmS
Q+UHrsnDyy8yOWM5WWlj+BFWTKDAklGzxNapd76AuNzvc7xPkMzNtSm9MYS69s0h
Nj+aMZN+uWynKeRImsUF9iOcLXtnkNizH5QUVa9PgYIfwBf3HIYAh2P+t6EuigcY
uvEdW4DiG1gcPmSRXbT2afQCn8RjkIzmBEOOS0/8jxsXultKgeIiLWLGivmDSsEb
ZlK6fKh3PjnP3i0yNdyO5pSzU0cEp+m9L5tstbRsgvueK7WjuTY2JeoHbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHDbhSlgC38KCbFuEMwbcm4nlkFMB8GA1UdIwQY
MBaAFCQMu5lHlh4oKNhHS8rKHpuRVWVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMt
ZmZiMDI4ZjBhMDJmLzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMtZmZiMDI4ZjBhMDJm
LzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIq4Q41/X
56Z1n4zJYtxMaU3xiTJyg8xg6XbqCCx62vNbBaoduRYW1Oq4HalcfIvjaIqiUjpD
qdT1oU5Bk9WgACBZSo8j3BScdF8z+uIy2+ALSOCODoS3X6h4DWr6fe2Tn3XybFrN
irhGi4zvI3fPI8O+p+8mKch7AItcpXcop/z4HlXIs4qFfvk9+O75+qk6MV0J2adc
MLZy7YvjbXVBiBpV4+DIA9uelddVblveMXoGymeKRO5zLI7uT+6Z3MKDH6M/gMqi
/nqTgEeV4KHSfxUKCe24wM8E/hRRhfwtzasrbwAnrXs3VUEXbYVCayv7reQXAXdN
/VmbJ96+UDR/VA==
-----END CERTIFICATE-----