Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
File:                     udCVzONbOja-8QjvdipiGvRmJiE.mft (raw, json)
Hash identifier:          AjI4VonLaIKeIPe9ld84nOzPAkrf6Iz1bNLr8SJdm8I=
Subject key identifier:   77:43:1F:55:BB:5B:76:C3:8A:75:65:A4:A3:E7:EC:1D:41:13:55:08
Authority key identifier: B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21
Certificate issuer:       /CN=b9d095cce35b3a36bef108ef762a621af4662621
Certificate serial:       019A7149F7AACE45CA4EA4C626120AA29603
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
Manifest number:          0473
Signing time:             Tue 11 Nov 2025 05:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:04 +0000
Files and hashes:         1: udCVzONbOja-8QjvdipiGvRmJiE.crl (hash: doleE8uWIq8GncY5dk2UFcMYBLMcvJbPFFBxPvRmMWk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:f7:aa:ce:45:ca:4e:a4:c6:26:12:0a:a2:96:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d095cce35b3a36bef108ef762a621af4662621
        Validity
            Not Before: Nov 11 05:01:04 2025 GMT
            Not After : Nov 12 05:01:04 2025 GMT
        Subject: CN=77431f55bb5b76c38a7565a4a3e7ec1d41135508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b9:ed:bf:6f:df:bf:b2:16:cb:55:df:1f:e0:
                    c0:c7:aa:2a:14:68:95:f9:f7:6e:66:dc:71:40:65:
                    82:12:af:a5:ad:13:5b:88:d1:89:f2:5f:0e:4c:60:
                    80:20:01:db:c0:72:4b:b6:86:9d:a3:c8:c0:70:11:
                    36:7e:83:7c:0f:94:52:2e:29:54:29:e3:f6:9d:f9:
                    6e:6e:fc:15:9f:c2:d6:8e:27:ed:40:7b:b3:f5:c5:
                    4e:26:c6:af:04:16:5b:18:7e:d4:ec:ef:fa:77:68:
                    43:1c:f3:0e:23:b6:72:66:50:33:a3:86:ca:6b:ab:
                    96:c1:34:32:d3:38:82:5d:47:ac:86:db:36:ba:13:
                    fd:19:19:8f:6e:d3:58:ef:1b:ea:e3:2a:4f:5f:13:
                    95:cd:5f:a3:8e:b3:c5:8c:9a:7a:a5:cf:ad:de:bd:
                    ae:6b:29:bb:a0:33:35:db:66:63:2d:38:ee:dd:53:
                    39:32:58:e1:46:3a:2a:0f:f6:2e:be:f8:b6:f0:95:
                    2a:44:23:98:6b:37:12:fe:31:c0:cb:a0:97:98:de:
                    2f:0c:be:82:1d:6f:8e:6d:f2:a6:20:fd:9a:bf:1a:
                    d6:88:5f:46:ab:ab:35:f7:fe:f0:47:0a:82:04:de:
                    93:37:21:a5:88:18:af:ad:36:58:ca:db:7e:47:d2:
                    9d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:43:1F:55:BB:5B:76:C3:8A:75:65:A4:A3:E7:EC:1D:41:13:55:08
            X509v3 Authority Key Identifier:
                keyid:B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:28:5a:60:22:0e:de:1b:2f:16:1d:0f:13:79:0e:d0:f4:3b:
         35:20:d5:65:12:e1:6e:a8:fc:42:08:9a:57:99:9e:15:40:d4:
         92:4d:db:1d:de:c7:6a:6d:fe:95:dc:69:d1:25:bc:81:3a:08:
         e0:fe:4d:1a:ac:fd:3d:22:99:34:68:ab:1d:77:58:3e:5b:fe:
         ba:20:72:c0:b6:64:40:60:43:cf:7e:bd:2b:25:97:74:39:99:
         f9:1e:1b:50:f0:42:89:e2:e6:db:70:14:40:c4:a7:9f:ef:d5:
         9f:dd:c4:7d:59:e1:bb:5a:f9:a0:8a:b8:21:e7:d5:f5:73:ad:
         af:94:5c:73:51:99:3c:b6:fa:c3:44:00:c3:6e:c6:34:ed:ca:
         28:5e:38:54:5b:7e:88:ba:48:8c:43:35:f2:16:3f:7e:53:e6:
         fe:5b:9f:27:82:17:ba:49:15:19:8a:c3:2d:d4:36:29:ea:0d:
         96:ae:aa:e8:e8:d6:1d:6e:1b:8d:c6:1e:de:eb:05:b6:86:a9:
         07:fb:41:a3:29:9d:32:0e:7e:c5:90:64:6d:da:c3:5e:fc:7f:
         74:14:2d:93:40:5d:f9:54:57:ef:f8:b4:b1:a8:3f:2d:3a:8f:
         fa:2c:6f:0e:2f:a3:5c:f1:80:fd:57:52:f9:fd:2c:80:66:a7:
         a2:c9:89:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSfeqzkXKTqTGJhIKopYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDA5NWNjZTM1YjNhMzZiZWYxMDhlZjc2MmE2MjFhZjQ2
NjI2MjEwHhcNMjUxMTExMDUwMTA0WhcNMjUxMTEyMDUwMTA0WjAzMTEwLwYDVQQD
Eyg3NzQzMWY1NWJiNWI3NmMzOGE3NTY1YTRhM2U3ZWMxZDQxMTM1NTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Lntv2/fv7IWy1XfH+DAx6oqFGiV
+fduZtxxQGWCEq+lrRNbiNGJ8l8OTGCAIAHbwHJLtoado8jAcBE2foN8D5RSLilU
KeP2nflubvwVn8LWjiftQHuz9cVOJsavBBZbGH7U7O/6d2hDHPMOI7ZyZlAzo4bK
a6uWwTQy0ziCXUeshts2uhP9GRmPbtNY7xvq4ypPXxOVzV+jjrPFjJp6pc+t3r2u
aym7oDM122ZjLTju3VM5MljhRjoqD/Yuvvi28JUqRCOYazcS/jHAy6CXmN4vDL6C
HW+ObfKmIP2avxrWiF9Gq6s19/7wRwqCBN6TNyGliBivrTZYytt+R9Kd0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdDH1W7W3bDinVlpKPn7B1BE1UIMB8GA1UdIwQY
MBaAFLnQlczjWzo2vvEI73YqYhr0ZiYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUt
OGM3MGJjODQ3YmM1LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUtOGM3MGJjODQ3YmM1
LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGihaYCIO
3hsvFh0PE3kO0PQ7NSDVZRLhbqj8QgiaV5meFUDUkk3bHd7Ham3+ldxp0SW8gToI
4P5NGqz9PSKZNGirHXdYPlv+uiBywLZkQGBDz369KyWXdDmZ+R4bUPBCieLm23AU
QMSnn+/Vn93EfVnhu1r5oIq4IefV9XOtr5Rcc1GZPLb6w0QAw27GNO3KKF44VFt+
iLpIjEM18hY/flPm/lufJ4IXukkVGYrDLdQ2KeoNlq6q6OjWHW4bjcYe3usFtoap
B/tBoymdMg5+xZBkbdrDXvx/dBQtk0Bd+VRX7/i0sag/LTqP+ixvDi+jXPGA/VdS
+f0sgGanosmJqQ==
-----END CERTIFICATE-----