Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
File:                     6MSDt1wtsc-f9OlMeg_fDbAADwA.mft (raw, json)
Hash identifier:          5m8C2qb5DRYHrHuaRPMSj7HaDVLuFt4xPsWFUjV+OqA=
Subject key identifier:   26:49:FD:7A:4D:DA:A6:53:BC:C2:79:18:84:7A:F4:19:B9:24:7A:1A
Authority key identifier: E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00
Certificate issuer:       /CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
Certificate serial:       019A725CBE1FEFE601326C3669D531E52F90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
Manifest number:          125B
Signing time:             Tue 11 Nov 2025 10:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:11 +0000
Files and hashes:         1: 6MSDt1wtsc-f9OlMeg_fDbAADwA.crl (hash: 7Wvo059AM3WG4psUw2j2dsoyFdgH5Q9nB5MnzLgSzHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:be:1f:ef:e6:01:32:6c:36:69:d5:31:e5:2f:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
        Validity
            Not Before: Nov 11 10:01:11 2025 GMT
            Not After : Nov 12 10:01:11 2025 GMT
        Subject: CN=2649fd7a4ddaa653bcc27918847af419b9247a1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:28:e4:47:69:3e:62:20:d3:80:fb:36:9c:15:
                    ed:5b:b5:0e:f1:68:77:63:94:96:b9:21:db:f4:12:
                    6b:5a:66:0e:31:b5:83:ca:84:50:d1:3e:da:d2:59:
                    a9:47:09:94:cb:f2:69:42:a4:dd:08:58:dd:87:09:
                    0a:a8:e1:28:c0:50:32:72:c8:72:5e:37:f7:6b:dd:
                    ee:55:90:46:03:d6:4d:21:15:75:5f:1d:ae:84:84:
                    dc:c6:99:ba:d2:d1:d3:53:f4:72:97:09:34:9f:6e:
                    f4:12:21:ee:f9:05:03:60:cb:d8:33:8e:25:f0:f1:
                    18:3b:11:0a:a4:29:01:49:fc:a7:eb:4c:42:e1:9d:
                    10:fd:cd:9a:70:d6:d4:5d:94:ce:a9:d8:ce:5f:1a:
                    95:93:52:d4:2d:3d:46:7a:d0:53:1e:6c:60:c9:96:
                    c7:6d:77:ea:c1:67:6b:e1:cd:93:e9:b9:1b:4f:22:
                    e4:4e:14:73:5a:d4:9a:c8:f0:63:e7:04:50:df:9d:
                    3f:91:29:3a:a8:0d:d5:99:b4:a3:59:83:9a:83:06:
                    5a:16:79:ca:00:fb:86:02:0a:56:68:48:fd:d1:e3:
                    5d:f5:6d:ec:f4:1a:f0:42:22:fa:55:04:1e:64:71:
                    17:2f:57:8c:95:b7:20:38:b2:06:16:63:fe:d6:32:
                    06:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:49:FD:7A:4D:DA:A6:53:BC:C2:79:18:84:7A:F4:19:B9:24:7A:1A
            X509v3 Authority Key Identifier:
                keyid:E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:eb:b4:99:a8:8f:62:5a:b5:e6:cd:a6:36:2d:fc:6e:29:43:
         b3:1d:94:0f:50:6d:b1:c6:c8:2a:d8:15:0d:21:15:c9:6e:63:
         c2:d5:0c:da:82:0d:f5:d0:44:f7:07:5b:97:01:a0:24:fe:7a:
         ec:7b:ae:c0:a1:fc:03:cd:0d:0a:52:c4:01:61:e1:74:68:9e:
         3a:c7:d2:08:a9:94:b4:eb:1c:f4:80:32:72:bb:e8:c2:dd:2e:
         21:ec:77:c0:b8:71:21:f6:d8:da:57:92:42:b2:ad:a0:42:b6:
         df:a7:2a:f8:c9:37:7e:ac:ed:75:b1:81:d2:db:e2:2c:40:30:
         49:c9:da:b0:66:ef:39:0f:4e:89:72:48:5c:14:22:51:65:81:
         94:ab:d9:b8:83:70:a3:13:b2:8d:39:b9:05:db:da:9d:08:93:
         d5:19:e6:82:f7:a8:54:b4:f4:3d:cd:d6:47:11:2a:b4:8a:81:
         1c:88:64:0f:51:ba:f0:4e:18:37:e5:6b:e4:c7:4d:ff:ef:5c:
         32:de:49:6c:6d:4a:1f:d0:d1:b5:0d:d7:4d:43:6f:48:45:ca:
         7d:94:6b:22:c8:bd:33:6d:d3:85:13:3e:dc:d5:73:6e:c2:90:
         60:6b:8f:64:54:18:c2:0b:c7:96:39:5a:65:94:bb:1f:93:0b:
         b8:df:39:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXL4f7+YBMmw2adUx5S+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YzQ4M2I3NWMyZGIxY2Y5ZmY0ZTk0YzdhMGZkZjBkYjAw
MDBmMDAwHhcNMjUxMTExMTAwMTExWhcNMjUxMTEyMTAwMTExWjAzMTEwLwYDVQQD
EygyNjQ5ZmQ3YTRkZGFhNjUzYmNjMjc5MTg4NDdhZjQxOWI5MjQ3YTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SjkR2k+YiDTgPs2nBXtW7UO8Wh3
Y5SWuSHb9BJrWmYOMbWDyoRQ0T7a0lmpRwmUy/JpQqTdCFjdhwkKqOEowFAycshy
Xjf3a93uVZBGA9ZNIRV1Xx2uhITcxpm60tHTU/Rylwk0n270EiHu+QUDYMvYM44l
8PEYOxEKpCkBSfyn60xC4Z0Q/c2acNbUXZTOqdjOXxqVk1LULT1GetBTHmxgyZbH
bXfqwWdr4c2T6bkbTyLkThRzWtSayPBj5wRQ350/kSk6qA3VmbSjWYOagwZaFnnK
APuGAgpWaEj90eNd9W3s9BrwQiL6VQQeZHEXL1eMlbcgOLIGFmP+1jIGAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZJ/XpN2qZTvMJ5GIR69Bm5JHoaMB8GA1UdIwQY
MBaAFOjEg7dcLbHPn/TpTHoP3w2wAA8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTIt
ZWIzNWJmYTA2NWFkLzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTItZWIzNWJmYTA2NWFk
LzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAauu0maiP
Ylq15s2mNi38bilDsx2UD1BtscbIKtgVDSEVyW5jwtUM2oIN9dBE9wdblwGgJP56
7HuuwKH8A80NClLEAWHhdGieOsfSCKmUtOsc9IAycrvowt0uIex3wLhxIfbY2leS
QrKtoEK236cq+Mk3fqztdbGB0tviLEAwScnasGbvOQ9OiXJIXBQiUWWBlKvZuINw
oxOyjTm5BdvanQiT1RnmgveoVLT0Pc3WRxEqtIqBHIhkD1G68E4YN+Vr5MdN/+9c
Mt5JbG1KH9DRtQ3XTUNvSEXKfZRrIsi9M23ThRM+3NVzbsKQYGuPZFQYwgvHljla
ZZS7H5MLuN850A==
-----END CERTIFICATE-----