Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
File:                     M1lkDZyLY0Pghqr4vosw6MMdK40.mft (raw, json)
Hash identifier:          MGr6AfBXWyzhpvReLDTefERMImYk3CH4LGqziRTcZUU=
Subject key identifier:   ED:72:BB:B7:CD:2E:DE:A8:35:65:91:63:F0:1A:6A:03:7D:E3:70:8E
Authority key identifier: 33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D
Certificate issuer:       /CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
Certificate serial:       019A71B8E2FB30D7AB46E847357B66706B50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
Manifest number:          04A6
Signing time:             Tue 11 Nov 2025 07:02:13 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:13 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:13 +0000
Files and hashes:         1: M1lkDZyLY0Pghqr4vosw6MMdK40.crl (hash: Q6cb/Ho6kFIFsOdmHjLdMtKncXOV+o8XJG7fyo+iXho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:e2:fb:30:d7:ab:46:e8:47:35:7b:66:70:6b:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
        Validity
            Not Before: Nov 11 07:02:13 2025 GMT
            Not After : Nov 12 07:02:13 2025 GMT
        Subject: CN=ed72bbb7cd2edea835659163f01a6a037de3708e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:28:9e:17:82:65:b2:d5:19:6e:49:cb:0d:8e:
                    4f:69:00:8c:cd:4f:2c:d0:2e:33:09:81:f9:0b:53:
                    8b:b9:4c:0f:c9:e3:cf:3b:99:d5:69:43:a2:ee:a0:
                    3f:fd:8c:70:d8:9d:09:4d:45:6b:a6:a8:49:f1:71:
                    e3:a8:07:9e:9f:fa:84:03:4c:f2:be:c5:3e:9f:c9:
                    08:77:2b:0f:10:5a:db:e9:be:4a:f2:7e:fd:05:18:
                    67:e8:8b:98:d2:62:d4:55:6b:cd:d7:03:05:ad:a0:
                    4a:64:cb:55:61:53:d5:8d:d9:d9:8a:ed:00:60:ef:
                    dd:80:18:c0:eb:a4:fc:ba:ee:d1:b0:52:b7:7b:6c:
                    72:6f:8a:9e:8f:42:92:b2:d1:c3:e9:d6:f4:a3:1a:
                    e7:92:d2:02:be:b6:66:1d:79:a2:82:c1:c4:b0:14:
                    b8:e4:3f:19:85:08:83:80:36:40:ee:86:ee:aa:a7:
                    b1:df:03:3b:37:b4:ac:be:9f:69:f5:b3:71:00:3f:
                    49:ba:c2:59:d4:a9:0c:b1:33:87:da:df:5a:c2:bf:
                    03:e6:e8:c6:93:02:92:3c:a2:c9:c4:bf:a8:17:05:
                    db:af:e9:7d:d8:fc:d8:87:08:d4:7c:54:3e:e2:ac:
                    5b:ed:61:6f:7a:b7:b6:29:51:28:79:d7:f0:88:90:
                    66:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:72:BB:B7:CD:2E:DE:A8:35:65:91:63:F0:1A:6A:03:7D:E3:70:8E
            X509v3 Authority Key Identifier:
                keyid:33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:b4:0c:bb:89:05:00:76:b5:95:1a:01:3b:03:2a:2f:da:52:
         8c:4b:f0:13:a7:57:e4:41:75:d7:4a:d1:fe:ba:76:4a:21:db:
         b8:42:65:8f:f8:b7:3e:50:d7:1d:42:72:03:85:46:e7:da:94:
         e1:f9:01:4c:40:76:bb:ff:83:69:20:aa:ef:76:1a:8e:06:67:
         d7:3f:54:03:3c:8c:90:0f:3b:76:06:31:31:27:07:22:77:c4:
         a8:ec:bd:cc:8a:6e:03:d1:45:f4:44:87:4c:82:08:ff:38:7f:
         ba:67:3b:a1:85:31:e2:f3:33:53:3c:7d:43:2f:0e:95:f8:85:
         b8:5d:a6:cf:0e:96:14:71:e5:fc:de:49:c8:70:67:d6:25:58:
         76:1f:f4:2a:19:3e:bb:8f:9d:33:dc:ee:d2:66:91:f1:13:ae:
         48:b8:f7:13:2d:49:9b:5f:96:1e:e1:2c:17:dd:ca:7e:30:3b:
         02:d1:0c:bb:be:2b:39:0a:9d:1b:f0:e0:59:e1:da:77:48:c9:
         0b:fd:1c:fc:a1:93:04:58:a0:b9:38:5e:2d:0f:cb:2f:05:14:
         94:12:36:c9:84:96:a0:a3:5a:96:01:3c:30:4c:1b:05:ec:e8:
         6d:0f:b9:a0:4e:7e:c9:f2:d2:3f:27:96:cc:e8:80:49:09:67:
         fe:87:25:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOL7MNerRuhHNXtmcGtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTk2NDBkOWM4YjYzNDNlMDg2YWFmOGJlOGIzMGU4YzMx
ZDJiOGQwHhcNMjUxMTExMDcwMjEzWhcNMjUxMTEyMDcwMjEzWjAzMTEwLwYDVQQD
EyhlZDcyYmJiN2NkMmVkZWE4MzU2NTkxNjNmMDFhNmEwMzdkZTM3MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCieF4JlstUZbknLDY5PaQCMzU8s
0C4zCYH5C1OLuUwPyePPO5nVaUOi7qA//Yxw2J0JTUVrpqhJ8XHjqAeen/qEA0zy
vsU+n8kIdysPEFrb6b5K8n79BRhn6IuY0mLUVWvN1wMFraBKZMtVYVPVjdnZiu0A
YO/dgBjA66T8uu7RsFK3e2xyb4qej0KSstHD6db0oxrnktICvrZmHXmigsHEsBS4
5D8ZhQiDgDZA7obuqqex3wM7N7Ssvp9p9bNxAD9JusJZ1KkMsTOH2t9awr8D5ujG
kwKSPKLJxL+oFwXbr+l92PzYhwjUfFQ+4qxb7WFvere2KVEoedfwiJBmEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1yu7fNLt6oNWWRY/AaagN943COMB8GA1UdIwQY
MBaAFDNZZA2ci2ND4Iaq+L6LMOjDHSuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQt
YmRkYzMxNDNiMzEzLzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQtYmRkYzMxNDNiMzEz
LzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp7QMu4kF
AHa1lRoBOwMqL9pSjEvwE6dX5EF110rR/rp2SiHbuEJlj/i3PlDXHUJyA4VG59qU
4fkBTEB2u/+DaSCq73YajgZn1z9UAzyMkA87dgYxMScHInfEqOy9zIpuA9FF9ESH
TIII/zh/umc7oYUx4vMzUzx9Qy8OlfiFuF2mzw6WFHHl/N5JyHBn1iVYdh/0Khk+
u4+dM9zu0maR8ROuSLj3Ey1Jm1+WHuEsF93KfjA7AtEMu74rOQqdG/DgWeHad0jJ
C/0c/KGTBFiguTheLQ/LLwUUlBI2yYSWoKNalgE8MEwbBezobQ+5oE5+yfLSPyeW
zOiASQln/ocl4Q==
-----END CERTIFICATE-----