Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          ZpCwx5vK3eLV3pKxX7Yc6tdoV14ZnA20jmBMbbGqeYs=
Subject key identifier:   07:F1:84:BC:06:2C:32:22:C2:38:7E:73:23:E6:AE:F5:79:5B:51:BC
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       019A729346C24D58EB5B9C6E18305F4AEBBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          0446
Signing time:             Tue 11 Nov 2025 11:00:45 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:45 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:45 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: nSApAXm51pfkGVdw3oVkAh7z0m1SIrh3hhmz57vsJ2c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:46:c2:4d:58:eb:5b:9c:6e:18:30:5f:4a:eb:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Nov 11 11:00:45 2025 GMT
            Not After : Nov 12 11:00:45 2025 GMT
        Subject: CN=07f184bc062c3222c2387e7323e6aef5795b51bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:36:13:87:c8:d2:ab:02:ec:7b:f3:fa:f9:2d:
                    fc:25:4d:fb:54:fd:05:31:ec:ff:21:a5:d1:11:9d:
                    00:18:bf:26:c0:ad:f8:de:9d:e0:5a:e2:8b:7b:59:
                    7e:8d:cb:13:dd:c6:80:35:24:86:e4:1e:bf:78:04:
                    4c:9b:0f:cd:7a:5a:2e:e9:6a:0c:c2:c7:c5:37:67:
                    95:68:4e:4b:d6:6b:0f:be:eb:39:7f:bb:61:d2:93:
                    f7:0b:ab:e4:c4:dd:36:fb:e0:dc:43:92:b9:98:62:
                    c6:aa:03:8c:cf:09:f1:ef:a5:76:8f:b2:46:52:27:
                    c4:ac:1c:c0:e0:c9:ff:7b:4f:5c:c3:5b:51:53:a9:
                    a5:9e:95:3b:68:85:0d:9d:66:fb:da:ed:ec:5d:0b:
                    7d:f2:5e:39:47:82:94:0e:9c:04:be:b2:53:b2:07:
                    c2:5c:49:78:26:ec:f8:fe:12:de:22:35:d4:c5:b9:
                    e7:7f:be:57:f2:08:d1:7a:ff:89:8d:1a:99:70:dd:
                    21:34:cb:70:55:f2:ef:b7:84:bd:27:7f:5d:77:53:
                    00:41:d4:fb:c9:31:eb:88:5d:b0:ed:0f:d8:bb:2b:
                    49:3a:4b:18:95:91:a3:10:ba:c3:3a:a4:75:d5:a8:
                    e3:5c:88:b6:e8:dd:d0:24:10:8f:ab:1f:c1:2e:27:
                    0a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:F1:84:BC:06:2C:32:22:C2:38:7E:73:23:E6:AE:F5:79:5B:51:BC
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:7b:fc:bc:4e:7e:ca:16:cf:fa:c8:06:b3:9d:75:0a:26:4b:
         29:7d:25:87:19:b2:6e:32:55:c8:b0:68:83:39:14:2a:2e:93:
         ca:f6:86:f2:83:39:c4:dd:a9:81:c9:76:c4:b4:87:80:12:a9:
         a4:fe:ef:70:81:4b:5c:81:a4:41:a2:86:a8:16:b1:f4:af:3c:
         f6:84:d8:0d:6d:08:cc:b8:8c:6b:d6:79:0c:8b:7a:c4:3b:a9:
         aa:bb:e5:5f:f0:86:08:ed:1f:27:00:78:31:17:a1:7a:97:b0:
         47:38:2c:0f:f8:5c:f8:c4:4a:90:d8:5f:28:0d:88:fb:b3:58:
         d2:c2:cf:99:16:04:54:84:ce:86:14:e5:92:80:54:f9:1c:61:
         a4:76:be:7f:0a:25:7d:98:3a:aa:15:af:f2:bf:78:74:08:4e:
         46:db:32:f8:78:a4:90:ba:1f:17:c5:d5:9a:5c:61:d2:8b:0b:
         d3:5d:56:79:95:ba:e7:66:bd:43:6a:80:96:f8:08:a6:c6:17:
         73:2f:89:54:ee:9d:9e:5c:ab:6d:20:73:8f:a1:d9:18:3c:23:
         f2:17:9f:4b:9a:c1:1f:ec:55:12:2e:79:76:8e:5c:26:dd:1f:
         2d:ff:ad:e6:5a:cd:4c:1e:05:76:ba:d8:ab:6b:ff:38:f6:4a:
         24:fe:c6:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk0bCTVjrW5xuGDBfSuu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjUxMTExMTEwMDQ1WhcNMjUxMTEyMTEwMDQ1WjAzMTEwLwYDVQQD
EygwN2YxODRiYzA2MmMzMjIyYzIzODdlNzMyM2U2YWVmNTc5NWI1MWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujYTh8jSqwLse/P6+S38JU37VP0F
Mez/IaXREZ0AGL8mwK343p3gWuKLe1l+jcsT3caANSSG5B6/eARMmw/Nelou6WoM
wsfFN2eVaE5L1msPvus5f7th0pP3C6vkxN02++DcQ5K5mGLGqgOMzwnx76V2j7JG
UifErBzA4Mn/e09cw1tRU6mlnpU7aIUNnWb72u3sXQt98l45R4KUDpwEvrJTsgfC
XEl4Juz4/hLeIjXUxbnnf75X8gjRev+JjRqZcN0hNMtwVfLvt4S9J39dd1MAQdT7
yTHriF2w7Q/YuytJOksYlZGjELrDOqR11ajjXIi26N3QJBCPqx/BLicKUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfxhLwGLDIiwjh+cyPmrvV5W1G8MB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ3v8vE5+
yhbP+sgGs511CiZLKX0lhxmybjJVyLBogzkUKi6TyvaG8oM5xN2pgcl2xLSHgBKp
pP7vcIFLXIGkQaKGqBax9K889oTYDW0IzLiMa9Z5DIt6xDupqrvlX/CGCO0fJwB4
MRehepewRzgsD/hc+MRKkNhfKA2I+7NY0sLPmRYEVITOhhTlkoBU+RxhpHa+fwol
fZg6qhWv8r94dAhORtsy+HikkLofF8XVmlxh0osL011WeZW652a9Q2qAlvgIpsYX
cy+JVO6dnlyrbSBzj6HZGDwj8hefS5rBH+xVEi55do5cJt0fLf+t5lrNTB4FdrrY
q2v/OPZKJP7Ggw==
-----END CERTIFICATE-----