Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
File:                     RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft (raw, json)
Hash identifier:          fdUzema57JtrQG2eUJam/zuTC5Fn3qlef2qSkVfOf6U=
Subject key identifier:   58:2D:83:99:6D:3E:BC:88:BF:22:46:DC:EA:C5:E4:AA:B1:30:D9:39
Authority key identifier: 44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83
Certificate issuer:       /CN=44b14b1b3069f50c6e25c8a24afc61711d598583
Certificate serial:       019A71EEC548F0E127E114D576A22B00277C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
Manifest number:          01DE
Signing time:             Tue 11 Nov 2025 08:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:04 +0000
Files and hashes:         1: RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl (hash: ifCZtD/xg972AM3cN84P03AWhzBo+0Jz0fhzAN+WesU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:c5:48:f0:e1:27:e1:14:d5:76:a2:2b:00:27:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b14b1b3069f50c6e25c8a24afc61711d598583
        Validity
            Not Before: Nov 11 08:01:04 2025 GMT
            Not After : Nov 12 08:01:04 2025 GMT
        Subject: CN=582d83996d3ebc88bf2246dceac5e4aab130d939
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:a3:0f:5b:e8:c5:8b:c1:92:b1:b2:0b:d7:16:
                    e3:a4:32:84:bf:54:e5:fa:ea:93:13:a1:80:d7:ab:
                    89:53:4f:c0:78:3c:ff:0b:f3:10:0a:54:e4:b6:95:
                    df:29:b3:7b:d8:3a:1e:a1:60:dd:8c:59:b5:fe:99:
                    a9:77:0e:c1:c1:78:7e:03:46:39:e9:ad:ee:06:fa:
                    2c:8d:35:59:4a:ba:0c:67:fe:2b:31:18:7d:0e:6b:
                    7c:ce:bb:2a:0c:02:0b:5f:6d:5e:c5:17:a6:4a:a0:
                    fa:70:67:80:2f:c6:95:c4:e7:9b:ec:ff:d2:f4:ca:
                    ea:d1:d4:7c:62:a6:fb:43:57:80:d5:7e:a1:75:95:
                    a6:c7:9c:28:f4:13:a6:33:4e:f0:d6:19:57:c7:70:
                    d3:23:80:e7:09:f7:a8:53:6e:66:77:f8:aa:4b:4f:
                    63:2b:c9:97:c2:ab:83:9b:e9:52:dc:c6:a1:38:0c:
                    a3:86:dd:33:9b:b8:85:fe:df:cf:3d:e1:9e:94:41:
                    dd:b4:ba:98:e4:06:66:cc:dc:b6:c7:5e:c6:96:50:
                    84:16:f3:b0:48:b4:f1:f3:2e:1e:a0:ec:fb:90:34:
                    77:a9:eb:8a:a2:c3:c9:36:2d:fc:fd:89:0d:a5:3e:
                    a7:ec:02:81:4b:2a:ba:50:3f:a7:cc:80:e7:71:e9:
                    41:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:2D:83:99:6D:3E:BC:88:BF:22:46:DC:EA:C5:E4:AA:B1:30:D9:39
            X509v3 Authority Key Identifier:
                keyid:44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:6d:09:e7:65:8f:15:3b:31:cc:3a:2e:c2:74:e3:73:66:7c:
         8e:b1:f5:a6:47:60:f3:c9:d6:21:b1:d2:87:c4:11:3b:f6:d6:
         78:23:f2:3b:60:ad:af:7c:bf:f5:b2:3f:cc:f8:be:41:94:af:
         65:2d:9b:5e:e9:b3:24:21:84:cf:4e:5e:ec:fe:0c:86:eb:f5:
         ec:ae:75:28:4c:19:6c:70:ba:75:9e:13:85:d5:7a:5a:35:54:
         d6:ad:16:ea:b6:0a:b5:e1:1c:f9:48:17:40:4e:91:e1:03:91:
         45:f9:fe:74:99:30:b6:55:43:83:2f:fc:d5:07:6e:db:d7:46:
         4d:c3:5e:a9:ae:e7:30:d0:c3:f1:e9:6e:ec:73:f6:d3:d8:a9:
         42:20:f3:3b:b1:af:1b:0d:9e:0b:54:fe:fa:d8:d0:b5:b0:01:
         0b:66:86:6a:c7:12:d1:99:72:cd:91:bf:b1:d0:70:1e:dd:62:
         d0:21:55:b8:e2:4b:ac:cc:2f:16:b5:9c:9e:70:46:b3:bb:51:
         fd:5e:58:ef:f5:54:0b:ec:6c:dc:ef:98:f5:c3:47:cc:c4:74:
         ce:7b:6e:78:b5:df:a3:b4:46:fb:96:a7:6f:c3:0e:59:90:ac:
         ab:38:f9:cb:b6:5d:13:53:63:db:92:3f:b3:68:c4:06:e1:ec:
         d4:ab:8e:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7sVI8OEn4RTVdqIrACd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjE0YjFiMzA2OWY1MGM2ZTI1YzhhMjRhZmM2MTcxMWQ1
OTg1ODMwHhcNMjUxMTExMDgwMTA0WhcNMjUxMTEyMDgwMTA0WjAzMTEwLwYDVQQD
Eyg1ODJkODM5OTZkM2ViYzg4YmYyMjQ2ZGNlYWM1ZTRhYWIxMzBkOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qMPW+jFi8GSsbIL1xbjpDKEv1Tl
+uqTE6GA16uJU0/AeDz/C/MQClTktpXfKbN72DoeoWDdjFm1/pmpdw7BwXh+A0Y5
6a3uBvosjTVZSroMZ/4rMRh9Dmt8zrsqDAILX21exRemSqD6cGeAL8aVxOeb7P/S
9Mrq0dR8Yqb7Q1eA1X6hdZWmx5wo9BOmM07w1hlXx3DTI4DnCfeoU25md/iqS09j
K8mXwquDm+lS3MahOAyjht0zm7iF/t/PPeGelEHdtLqY5AZmzNy2x17GllCEFvOw
SLTx8y4eoOz7kDR3qeuKosPJNi38/YkNpT6n7AKBSyq6UD+nzIDncelBtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgtg5ltPryIvyJG3OrF5KqxMNk5MB8GA1UdIwQY
MBaAFESxSxswafUMbiXIokr8YXEdWYWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYt
YWNkNDM0NTZhZDkyLzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYtYWNkNDM0NTZhZDky
LzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf20J52WP
FTsxzDouwnTjc2Z8jrH1pkdg88nWIbHSh8QRO/bWeCPyO2Ctr3y/9bI/zPi+QZSv
ZS2bXumzJCGEz05e7P4Mhuv17K51KEwZbHC6dZ4ThdV6WjVU1q0W6rYKteEc+UgX
QE6R4QORRfn+dJkwtlVDgy/81Qdu29dGTcNeqa7nMNDD8elu7HP209ipQiDzO7Gv
Gw2eC1T++tjQtbABC2aGascS0ZlyzZG/sdBwHt1i0CFVuOJLrMwvFrWcnnBGs7tR
/V5Y7/VUC+xs3O+Y9cNHzMR0zntueLXfo7RG+5anb8MOWZCsqzj5y7ZdE1Nj25I/
s2jEBuHs1KuO2A==
-----END CERTIFICATE-----