Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
File:                     4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft (raw, json)
Hash identifier:          mzrfGRunhMz4HUw+qML9Tk0vxsqXqU4Hqb36a2ZhS3c=
Subject key identifier:   EC:52:A7:28:2E:A8:03:7F:A5:6D:C4:5F:3E:65:A5:85:70:66:B1:E7
Authority key identifier: E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C
Certificate issuer:       /CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
Certificate serial:       019A71EEC167975E4328486393295AF2777B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
Manifest number:          0B20
Signing time:             Tue 11 Nov 2025 08:01:03 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:03 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:03 +0000
Files and hashes:         1: 4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl (hash: QVmDLxvDpfp3s9S9F8frgvHFnjY5lnrcW7xOS1K0UjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:c1:67:97:5e:43:28:48:63:93:29:5a:f2:77:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
        Validity
            Not Before: Nov 11 08:01:03 2025 GMT
            Not After : Nov 12 08:01:03 2025 GMT
        Subject: CN=ec52a7282ea8037fa56dc45f3e65a5857066b1e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:a7:2c:84:ae:d5:28:5b:e2:0a:d4:cb:52:f0:
                    79:0d:02:f3:1e:27:68:86:f9:31:94:c1:76:f6:f8:
                    c0:76:c4:90:50:39:47:2e:e0:a8:66:bf:14:bf:93:
                    fe:f2:d9:34:11:6d:ff:fe:18:fc:93:4b:66:33:ba:
                    5d:1b:47:fe:c7:7a:ef:00:e8:2c:17:3d:3c:94:0e:
                    1d:4b:02:6f:86:21:f3:cf:a8:1b:39:51:bf:a4:89:
                    bf:81:ec:29:26:88:ef:f8:75:fa:25:6e:87:ab:31:
                    e1:4e:bf:fc:4c:82:ba:68:19:bd:d6:ec:78:e1:db:
                    82:88:49:1d:1f:30:02:01:b4:64:36:11:a8:23:d5:
                    9d:ee:5e:28:d9:f1:02:82:d2:70:75:6e:24:0a:79:
                    a8:ce:4c:ca:2d:94:93:08:0d:15:ac:1b:f7:75:51:
                    b9:e7:9b:f0:b2:04:42:b4:8c:c4:eb:fa:b8:2e:60:
                    88:ac:d8:4b:e3:a5:03:4d:0a:d7:8a:56:a4:8d:f7:
                    01:76:df:1c:d0:1e:bc:61:48:0a:f1:f3:31:93:06:
                    1f:3b:23:43:2d:83:df:f0:86:38:f6:4f:35:f5:20:
                    6b:1f:21:55:00:d6:c9:08:ec:7d:8c:21:2e:73:8f:
                    85:fa:06:ea:93:27:68:6f:15:4d:41:6a:da:c5:05:
                    d5:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:52:A7:28:2E:A8:03:7F:A5:6D:C4:5F:3E:65:A5:85:70:66:B1:E7
            X509v3 Authority Key Identifier:
                keyid:E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:12:6a:35:5a:36:52:31:3b:07:d3:37:c9:9c:14:2e:fa:41:
         08:f6:de:67:ef:0a:bb:8b:34:27:ec:2e:dd:80:2a:cc:9b:08:
         a4:0c:2a:5c:10:83:b2:d1:74:a8:72:71:17:d5:a4:8e:e2:1e:
         30:2a:c0:45:7d:75:d4:50:af:13:30:e2:ac:d9:14:ab:b9:a8:
         a2:a3:c5:8c:9a:0b:82:d4:8d:aa:63:1f:0d:57:62:88:50:a5:
         43:ff:25:53:b4:ef:9e:f5:80:2f:4f:f4:3d:c8:c1:2f:55:8f:
         9d:8e:3c:92:1c:9e:af:6d:1d:44:cb:63:70:a2:7b:a6:2b:6b:
         2e:48:cd:12:2f:f6:02:4a:94:33:aa:c9:55:18:8f:5a:8f:b4:
         a2:39:0c:c0:c3:69:c2:b3:a7:d8:5d:e9:79:8e:c0:97:59:99:
         0d:a9:e3:ac:ca:9d:7f:b4:5c:ff:dc:3d:11:fa:50:6d:0e:04:
         42:41:df:4e:39:a6:20:3a:a2:f8:9d:2e:bd:a9:1e:d9:af:d4:
         1c:bb:0b:dc:24:34:8f:e2:58:12:44:e8:f3:11:57:03:f8:23:
         61:d8:8d:95:75:d8:b3:64:72:2e:46:37:4a:13:2c:07:44:06:
         83:80:89:2f:8d:e4:df:a1:cf:75:5b:ae:21:ab:11:ad:cd:95:
         28:7a:39:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7sFnl15DKEhjkyla8nd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMGE2ZjJlNjMzZmNmM2FkZWY4NzI1Y2M1YmUwZWE3OTE1
ZGQ0MGMwHhcNMjUxMTExMDgwMTAzWhcNMjUxMTEyMDgwMTAzWjAzMTEwLwYDVQQD
EyhlYzUyYTcyODJlYTgwMzdmYTU2ZGM0NWYzZTY1YTU4NTcwNjZiMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KcshK7VKFviCtTLUvB5DQLzHido
hvkxlMF29vjAdsSQUDlHLuCoZr8Uv5P+8tk0EW3//hj8k0tmM7pdG0f+x3rvAOgs
Fz08lA4dSwJvhiHzz6gbOVG/pIm/gewpJojv+HX6JW6HqzHhTr/8TIK6aBm91ux4
4duCiEkdHzACAbRkNhGoI9Wd7l4o2fECgtJwdW4kCnmozkzKLZSTCA0VrBv3dVG5
55vwsgRCtIzE6/q4LmCIrNhL46UDTQrXilakjfcBdt8c0B68YUgK8fMxkwYfOyND
LYPf8IY49k819SBrHyFVANbJCOx9jCEuc4+F+gbqkydobxVNQWraxQXVswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxSpyguqAN/pW3EXz5lpYVwZrHnMB8GA1UdIwQY
MBaAFOAKby5jP8863vhyXMW+DqeRXdQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUt
ZDA5NmYxZTI1ZTk3LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUtZDA5NmYxZTI1ZTk3
LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRJqNVo2
UjE7B9M3yZwULvpBCPbeZ+8Ku4s0J+wu3YAqzJsIpAwqXBCDstF0qHJxF9WkjuIe
MCrARX111FCvEzDirNkUq7mooqPFjJoLgtSNqmMfDVdiiFClQ/8lU7TvnvWAL0/0
PcjBL1WPnY48khyer20dRMtjcKJ7pitrLkjNEi/2AkqUM6rJVRiPWo+0ojkMwMNp
wrOn2F3peY7Al1mZDanjrMqdf7Rc/9w9EfpQbQ4EQkHfTjmmIDqi+J0uvake2a/U
HLsL3CQ0j+JYEkTo8xFXA/gjYdiNlXXYs2RyLkY3ShMsB0QGg4CJL43k36HPdVuu
IasRrc2VKHo5Xg==
-----END CERTIFICATE-----