Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.mft
File:                     D48Gw1SUYI2azOsHCkzRarlf9qY.mft (raw, json)
Hash identifier:          9YYZbsP7rivYLFCV3KF73BDnXrLTKvx+p9U/Ux9IOMk=
Subject key identifier:   DD:6E:26:43:AA:32:59:2C:0B:C7:A5:03:C1:B5:A0:A8:2D:67:30:4D
Authority key identifier: 0F:8F:06:C3:54:94:60:8D:9A:CC:EB:07:0A:4C:D1:6A:B9:5F:F6:A6
Certificate issuer:       /CN=0f8f06c35494608d9acceb070a4cd16ab95ff6a6
Certificate serial:       019A71EE62C0E1D14CECA8FE5FB6B3424884
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D48Gw1SUYI2azOsHCkzRarlf9qY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.mft
Manifest number:          0325
Signing time:             Tue 11 Nov 2025 08:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:39 +0000
Files and hashes:         1: D48Gw1SUYI2azOsHCkzRarlf9qY.crl (hash: 8k+fhYLALLcixQ2PPvlwO4poV3LIj1OmZS/xkm4f3E8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D48Gw1SUYI2azOsHCkzRarlf9qY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:62:c0:e1:d1:4c:ec:a8:fe:5f:b6:b3:42:48:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f8f06c35494608d9acceb070a4cd16ab95ff6a6
        Validity
            Not Before: Nov 11 08:00:39 2025 GMT
            Not After : Nov 12 08:00:39 2025 GMT
        Subject: CN=dd6e2643aa32592c0bc7a503c1b5a0a82d67304d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:98:04:b7:4c:20:1f:39:5a:d8:f1:cd:10:5f:
                    77:68:58:c5:23:67:8d:24:fc:2f:e1:66:12:b5:01:
                    9e:52:4b:e9:ec:28:6c:3f:c1:da:b9:63:b7:ed:4b:
                    d0:a2:04:c7:ba:44:c0:83:af:a6:57:15:2d:53:51:
                    99:e0:a4:76:20:49:68:f2:d1:ec:4e:f5:79:34:53:
                    7f:55:7d:2e:2b:b5:25:c5:18:ae:e2:e4:1d:2b:ab:
                    d8:4b:f6:e6:b1:5d:24:71:6e:af:f3:d1:95:7b:65:
                    de:f4:31:e5:c2:5b:d9:f1:0f:06:6d:91:83:b6:74:
                    91:10:5a:bb:08:54:98:a0:51:bf:7d:82:2f:24:20:
                    1c:f3:13:e2:0a:21:e0:82:b3:f5:0c:b0:ca:bf:7f:
                    20:ba:28:27:ee:e7:01:0e:b5:26:6c:1b:07:07:bd:
                    3d:ab:12:23:8d:08:c0:c5:ce:f3:75:95:d2:8a:f0:
                    6c:a7:a8:10:c2:87:a3:40:53:51:1b:59:ad:c2:91:
                    ac:4c:02:b8:1c:5e:63:de:8a:41:a1:ad:20:89:8e:
                    6c:21:ad:d9:1f:d3:e3:11:86:f6:cf:b5:14:65:3a:
                    49:9c:a8:e7:29:ee:b5:37:d7:6b:c3:b1:c3:f7:a8:
                    80:c6:6b:39:bb:af:3c:46:b7:aa:db:21:20:da:6c:
                    ba:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:6E:26:43:AA:32:59:2C:0B:C7:A5:03:C1:B5:A0:A8:2D:67:30:4D
            X509v3 Authority Key Identifier:
                keyid:0F:8F:06:C3:54:94:60:8D:9A:CC:EB:07:0A:4C:D1:6A:B9:5F:F6:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D48Gw1SUYI2azOsHCkzRarlf9qY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:07:f5:d1:c0:fe:cd:0a:81:32:c1:f4:e7:f5:1d:d9:2c:43:
         6a:df:38:35:81:42:99:b3:c7:b6:09:c7:ce:7f:16:13:32:ec:
         65:ab:82:ed:ed:cb:e4:bb:15:69:f1:9b:64:3c:9e:37:0d:12:
         ea:15:8b:3f:8a:ce:ca:18:6d:28:24:67:1f:1a:0e:12:2f:00:
         9d:14:31:ab:cf:8f:34:c8:3f:0e:2c:5e:18:fa:67:de:df:a4:
         ae:cf:77:32:00:9b:72:fd:00:f5:f3:b4:f6:14:d1:03:60:c2:
         89:9b:1f:18:45:5f:4f:ec:f3:c7:ad:e6:c8:b3:73:1e:c4:86:
         0a:b8:56:f4:6d:21:27:0c:47:4b:3c:48:53:b4:e3:9d:c4:d9:
         9d:7a:f0:0f:a2:cd:23:70:6f:cf:99:1e:68:76:e7:fb:0a:95:
         4c:0b:12:e9:51:d9:e5:be:f0:2c:e5:38:24:bf:c2:bb:b5:2d:
         35:e9:69:db:30:1f:de:cc:a4:33:63:03:58:18:c3:68:67:5b:
         24:81:78:d3:ef:a0:1a:63:a0:02:0f:02:0f:20:89:5d:a5:ee:
         d1:f9:d5:32:d7:f8:61:01:49:49:99:c5:9c:aa:3c:6d:d5:e9:
         a6:84:a4:07:f9:d8:ff:a9:af:4b:70:d7:b3:61:32:76:37:48:
         94:80:de:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7mLA4dFM7Kj+X7azQkiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOGYwNmMzNTQ5NDYwOGQ5YWNjZWIwNzBhNGNkMTZhYjk1
ZmY2YTYwHhcNMjUxMTExMDgwMDM5WhcNMjUxMTEyMDgwMDM5WjAzMTEwLwYDVQQD
EyhkZDZlMjY0M2FhMzI1OTJjMGJjN2E1MDNjMWI1YTBhODJkNjczMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5gEt0wgHzla2PHNEF93aFjFI2eN
JPwv4WYStQGeUkvp7ChsP8HauWO37UvQogTHukTAg6+mVxUtU1GZ4KR2IElo8tHs
TvV5NFN/VX0uK7UlxRiu4uQdK6vYS/bmsV0kcW6v89GVe2Xe9DHlwlvZ8Q8GbZGD
tnSREFq7CFSYoFG/fYIvJCAc8xPiCiHggrP1DLDKv38guign7ucBDrUmbBsHB709
qxIjjQjAxc7zdZXSivBsp6gQwoejQFNRG1mtwpGsTAK4HF5j3opBoa0giY5sIa3Z
H9PjEYb2z7UUZTpJnKjnKe61N9drw7HD96iAxms5u688Rreq2yEg2my6FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1uJkOqMlksC8elA8G1oKgtZzBNMB8GA1UdIwQY
MBaAFA+PBsNUlGCNmszrBwpM0Wq5X/amMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDQ4R3cxU1VZSTJhek9zSENrelJhcmxmOXFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9iMDkyMTgtODllNy00ODU5LWIzMmMt
NjBlOWI3ZGM1NTBiLzEvRDQ4R3cxU1VZSTJhek9zSENrelJhcmxmOXFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9iMDkyMTgtODllNy00ODU5LWIzMmMtNjBlOWI3ZGM1NTBi
LzEvRDQ4R3cxU1VZSTJhek9zSENrelJhcmxmOXFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACAf10cD+
zQqBMsH05/Ud2SxDat84NYFCmbPHtgnHzn8WEzLsZauC7e3L5LsVafGbZDyeNw0S
6hWLP4rOyhhtKCRnHxoOEi8AnRQxq8+PNMg/DixeGPpn3t+krs93MgCbcv0A9fO0
9hTRA2DCiZsfGEVfT+zzx63myLNzHsSGCrhW9G0hJwxHSzxIU7TjncTZnXrwD6LN
I3Bvz5keaHbn+wqVTAsS6VHZ5b7wLOU4JL/Cu7UtNelp2zAf3sykM2MDWBjDaGdb
JIF40++gGmOgAg8CDyCJXaXu0fnVMtf4YQFJSZnFnKo8bdXppoSkB/nY/6mvS3DX
s2EydjdIlIDeCg==
-----END CERTIFICATE-----