Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          0X6rx9T2wnWz3G7D4ZTdlByLE2uvNAe85fChuZaAmdA=
Subject key identifier:   5C:FC:16:E8:DA:55:64:95:E0:EC:76:82:AD:14:42:F1:2E:D8:09:F6
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       019A71B82AAA959558EE8C26332DBABB08A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0AE4
Signing time:             Tue 11 Nov 2025 07:01:26 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:26 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:26 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: CnqbMLv6ICTqw48BC6BpiTbbk5T83w3t52TjP+0a7q4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:2a:aa:95:95:58:ee:8c:26:33:2d:ba:bb:08:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Nov 11 07:01:26 2025 GMT
            Not After : Nov 12 07:01:26 2025 GMT
        Subject: CN=5cfc16e8da556495e0ec7682ad1442f12ed809f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:46:7c:72:b6:5e:21:09:86:4a:94:66:b5:37:
                    5e:13:67:93:80:15:74:19:f3:7e:7d:a0:d0:90:b4:
                    66:f8:7e:f1:d8:a8:f5:28:63:c1:8c:ef:c9:07:5c:
                    eb:97:ce:13:b0:99:74:de:49:b9:c4:48:e6:dd:bb:
                    25:14:bb:c4:e0:f1:05:d9:2e:f8:73:2e:05:23:d3:
                    07:b8:3e:91:2d:f1:b4:04:4b:6d:b0:95:be:33:de:
                    bd:4b:2c:1b:c8:29:48:9d:af:6c:72:78:5b:e3:6f:
                    84:b4:66:e3:cc:42:ac:88:b4:8a:19:cb:f4:6e:cb:
                    8f:85:7a:ec:c2:3d:cc:56:ce:9d:d3:26:e3:02:a0:
                    32:75:08:9d:85:4f:3a:73:96:73:3c:49:3b:3c:5b:
                    6f:21:c9:46:4e:d5:d1:a2:df:80:d4:f7:b9:42:be:
                    20:89:b9:7d:f9:f1:41:a4:de:37:bb:7f:ff:13:9b:
                    20:ff:58:f2:c9:6c:de:b8:6f:a2:79:69:07:25:85:
                    32:1a:a4:c9:59:ac:8d:3b:0d:8c:30:61:1f:8a:9c:
                    ab:b4:60:ab:74:ff:22:73:0f:f2:25:6b:18:83:56:
                    a5:50:be:d3:29:8a:9a:27:cf:ee:67:1a:6e:2c:f7:
                    8f:5a:4c:9e:63:54:8b:46:1b:6b:01:0f:bf:1f:4f:
                    8a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:FC:16:E8:DA:55:64:95:E0:EC:76:82:AD:14:42:F1:2E:D8:09:F6
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:3f:b3:b3:11:2f:cd:d9:db:4b:43:89:97:83:3f:b0:3d:1b:
         21:21:0a:d2:d4:62:57:28:3e:2e:19:41:9f:f0:7d:5d:18:6a:
         a7:7b:9b:ec:3d:9d:d5:3e:3b:58:9e:a3:7a:3c:53:fb:9e:f5:
         f5:67:65:40:60:b8:e7:c2:93:98:50:4a:91:43:33:4b:87:42:
         38:48:a6:76:35:49:a8:20:e1:09:c0:54:1c:90:c8:fc:19:9c:
         d0:b5:4d:33:70:77:c1:68:3e:8d:37:59:22:6c:33:6a:b7:eb:
         08:b5:b8:da:35:77:b7:f2:b3:cc:07:12:29:a7:2b:43:5d:eb:
         bd:dc:7a:76:65:05:65:af:a3:e2:01:11:f4:b1:7e:96:00:49:
         fe:b1:2f:1a:9a:41:79:0b:ab:87:4f:85:28:dc:97:ad:ba:1b:
         7d:a9:9c:1c:a5:b6:db:9c:41:33:df:6a:c8:9d:68:aa:fe:85:
         73:34:2c:fa:e5:1d:e6:71:c6:9c:73:b2:a6:fc:c2:37:18:5b:
         2b:bf:a4:e3:f0:ee:c4:db:cb:cd:3e:15:6e:3c:49:e9:13:c7:
         e0:69:7d:f4:a1:f4:1f:6a:62:ab:45:88:52:b2:1f:7b:92:1f:
         38:2e:8b:d1:c4:b0:d0:9e:36:e2:ba:81:a5:23:56:ba:63:78:
         c0:49:c6:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuCqqlZVY7owmMy26uwigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjUxMTExMDcwMTI2WhcNMjUxMTEyMDcwMTI2WjAzMTEwLwYDVQQD
Eyg1Y2ZjMTZlOGRhNTU2NDk1ZTBlYzc2ODJhZDE0NDJmMTJlZDgwOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EZ8crZeIQmGSpRmtTdeE2eTgBV0
GfN+faDQkLRm+H7x2Kj1KGPBjO/JB1zrl84TsJl03km5xEjm3bslFLvE4PEF2S74
cy4FI9MHuD6RLfG0BEttsJW+M969SywbyClIna9scnhb42+EtGbjzEKsiLSKGcv0
bsuPhXrswj3MVs6d0ybjAqAydQidhU86c5ZzPEk7PFtvIclGTtXRot+A1Pe5Qr4g
ibl9+fFBpN43u3//E5sg/1jyyWzeuG+ieWkHJYUyGqTJWayNOw2MMGEfipyrtGCr
dP8icw/yJWsYg1alUL7TKYqaJ8/uZxpuLPePWkyeY1SLRhtrAQ+/H0+KDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFz8FujaVWSV4Ox2gq0UQvEu2An2MB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjD+zsxEv
zdnbS0OJl4M/sD0bISEK0tRiVyg+LhlBn/B9XRhqp3ub7D2d1T47WJ6jejxT+571
9WdlQGC458KTmFBKkUMzS4dCOEimdjVJqCDhCcBUHJDI/Bmc0LVNM3B3wWg+jTdZ
ImwzarfrCLW42jV3t/KzzAcSKacrQ13rvdx6dmUFZa+j4gER9LF+lgBJ/rEvGppB
eQurh0+FKNyXrbobfamcHKW225xBM99qyJ1oqv6FczQs+uUd5nHGnHOypvzCNxhb
K7+k4/DuxNvLzT4VbjxJ6RPH4Gl99KH0H2piq0WIUrIfe5IfOC6L0cSw0J424rqB
pSNWumN4wEnGJg==
-----END CERTIFICATE-----