Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
File:                     SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft (raw, json)
Hash identifier:          wWdALFRXBVLtPDxzgd/eZrn35BfitSSnEZP/+7TwW5Q=
Subject key identifier:   D1:97:E6:58:53:0D:DB:30:0D:47:1C:7D:4A:AC:F8:36:77:78:B0:31
Authority key identifier: 48:34:38:7E:BF:EC:DA:63:7A:76:E1:11:99:E1:CD:03:07:C2:F4:CA
Certificate issuer:       /CN=4834387ebfecda637a76e11199e1cd0307c2f4ca
Certificate serial:       019A71B8183C872506D498667584F65EF40A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
Manifest number:          10AF
Signing time:             Tue 11 Nov 2025 07:01:21 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:21 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:21 +0000
Files and hashes:         1: SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl (hash: TKXzbccLqrd2t/UBBP3RFCMmZdKqj3lWBppdVxzCs8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:18:3c:87:25:06:d4:98:66:75:84:f6:5e:f4:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4834387ebfecda637a76e11199e1cd0307c2f4ca
        Validity
            Not Before: Nov 11 07:01:21 2025 GMT
            Not After : Nov 12 07:01:21 2025 GMT
        Subject: CN=d197e658530ddb300d471c7d4aacf8367778b031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d6:9e:51:d6:f9:15:48:6d:5f:b0:13:57:08:
                    c2:76:a4:e0:16:e1:c2:da:c0:98:a9:2f:e9:73:50:
                    ca:62:97:49:ca:3f:80:ab:43:58:04:42:3c:2d:4e:
                    3d:fc:64:89:96:a4:bd:c5:b2:0c:4c:d3:67:cf:d1:
                    bd:83:87:a1:20:1e:17:7c:93:f0:b4:67:fb:17:e0:
                    de:cf:bc:ed:04:97:a4:ab:ff:51:b5:dd:e1:1b:d5:
                    3b:2b:8f:e7:bf:0e:8a:b0:81:f4:26:02:ba:30:a4:
                    e7:ad:45:a6:ec:17:aa:54:ad:96:7a:9b:ac:99:24:
                    82:3a:82:ba:73:ac:47:8d:2c:d8:55:80:97:e8:2e:
                    1b:f4:d0:8e:a7:63:44:e7:66:94:65:ec:4e:34:01:
                    49:98:e3:b8:f7:3c:80:a3:fc:4c:1c:d7:7f:e7:6f:
                    73:fe:2f:f9:de:0d:01:bb:1d:9a:26:a6:e1:d9:9c:
                    41:ae:6a:fe:43:55:d3:ab:49:fe:da:ca:12:5c:9e:
                    fa:9c:9f:af:18:da:b6:3e:25:ce:03:05:b9:88:02:
                    c5:81:11:82:af:c8:bd:b8:21:eb:9d:be:ab:f4:ec:
                    34:8f:c0:3d:a9:fe:73:cb:1b:ea:51:d8:77:47:ed:
                    b5:02:b9:a4:c1:2b:55:94:32:42:47:b6:9a:55:6a:
                    64:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:97:E6:58:53:0D:DB:30:0D:47:1C:7D:4A:AC:F8:36:77:78:B0:31
            X509v3 Authority Key Identifier:
                keyid:48:34:38:7E:BF:EC:DA:63:7A:76:E1:11:99:E1:CD:03:07:C2:F4:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:6d:56:5c:d5:34:c6:ba:71:35:7b:c0:d9:ab:21:47:e2:78:
         a6:43:53:e2:6b:d2:30:0d:33:31:69:db:6d:83:9c:83:c6:8d:
         a8:c8:e8:df:fb:3b:1f:ed:94:1d:42:bc:01:c1:7e:53:ad:bc:
         89:10:5a:cf:da:84:59:a9:3d:d4:d2:4e:c6:10:85:ba:99:62:
         d3:d3:a4:a0:eb:5d:c8:0d:92:28:9a:a0:8a:bf:cd:ef:90:06:
         2a:72:de:12:b1:ed:86:0d:55:79:df:34:83:a4:61:79:6d:0f:
         73:a5:0b:9a:73:3b:5d:82:f5:00:a5:9c:4b:e2:24:c3:3a:0f:
         2a:85:38:40:3e:b2:4e:9f:58:97:85:b5:fb:a1:a3:7d:97:54:
         2f:7d:5a:bb:28:c6:96:7b:40:42:b3:e1:c1:0d:dc:b8:57:c8:
         9a:6a:a3:24:e7:06:e2:d9:f7:e4:3c:53:6a:46:1a:65:3e:56:
         0d:c6:77:33:28:81:8a:19:a7:2a:f8:fa:af:be:e9:0c:b7:9d:
         8f:ac:0d:ae:bb:61:83:a8:0e:af:11:73:e5:10:f4:06:47:d3:
         4e:cb:37:c2:69:9f:f3:4a:dc:44:4a:e3:5a:63:cc:10:c8:dd:
         49:e1:ff:99:73:9f:bf:61:36:41:5d:41:e5:6b:7d:30:28:2b:
         2c:56:f5:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBg8hyUG1JhmdYT2XvQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MzQzODdlYmZlY2RhNjM3YTc2ZTExMTk5ZTFjZDAzMDdj
MmY0Y2EwHhcNMjUxMTExMDcwMTIxWhcNMjUxMTEyMDcwMTIxWjAzMTEwLwYDVQQD
EyhkMTk3ZTY1ODUzMGRkYjMwMGQ0NzFjN2Q0YWFjZjgzNjc3NzhiMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9aeUdb5FUhtX7ATVwjCdqTgFuHC
2sCYqS/pc1DKYpdJyj+Aq0NYBEI8LU49/GSJlqS9xbIMTNNnz9G9g4ehIB4XfJPw
tGf7F+Dez7ztBJekq/9Rtd3hG9U7K4/nvw6KsIH0JgK6MKTnrUWm7BeqVK2Wepus
mSSCOoK6c6xHjSzYVYCX6C4b9NCOp2NE52aUZexONAFJmOO49zyAo/xMHNd/529z
/i/53g0Bux2aJqbh2ZxBrmr+Q1XTq0n+2soSXJ76nJ+vGNq2PiXOAwW5iALFgRGC
r8i9uCHrnb6r9Ow0j8A9qf5zyxvqUdh3R+21ArmkwStVlDJCR7aaVWpkDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGX5lhTDdswDUccfUqs+DZ3eLAxMB8GA1UdIwQY
MBaAFEg0OH6/7NpjenbhEZnhzQMHwvTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85ZWU2YzgtZjNlMi00ZmFlLTk5OGEt
NTkxYTJhNDE5NGNkLzEvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85ZWU2YzgtZjNlMi00ZmFlLTk5OGEtNTkxYTJhNDE5NGNk
LzEvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFm1WXNU0
xrpxNXvA2ashR+J4pkNT4mvSMA0zMWnbbYOcg8aNqMjo3/s7H+2UHUK8AcF+U628
iRBaz9qEWak91NJOxhCFupli09OkoOtdyA2SKJqgir/N75AGKnLeErHthg1Ved80
g6RheW0Pc6ULmnM7XYL1AKWcS+IkwzoPKoU4QD6yTp9Yl4W1+6GjfZdUL31auyjG
lntAQrPhwQ3cuFfImmqjJOcG4tn35DxTakYaZT5WDcZ3MyiBihmnKvj6r77pDLed
j6wNrrthg6gOrxFz5RD0BkfTTss3wmmf80rcRErjWmPMEMjdSeH/mXOfv2E2QV1B
5Wt9MCgrLFb1Ew==
-----END CERTIFICATE-----