Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          ePUY658qe85Ss2MQQdta3qYLxNP+ERN82RkFVUk9oLs=
Subject key identifier:   66:49:03:E9:BA:0C:97:75:31:E8:E2:96:EE:6C:80:0C:EF:30:5A:AA
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       019A7225B1E692CCE3B4040129ECA1DDDA42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          04E6
Signing time:             Tue 11 Nov 2025 09:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:04 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: oiYtNm0DBZ252MN/y78X+2fm/zfyUmzr/WPHMg21/mo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:b1:e6:92:cc:e3:b4:04:01:29:ec:a1:dd:da:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: Nov 11 09:01:04 2025 GMT
            Not After : Nov 12 09:01:04 2025 GMT
        Subject: CN=664903e9ba0c977531e8e296ee6c800cef305aaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ce:93:51:29:08:07:cc:b1:1b:b2:34:4a:92:
                    6e:dd:9c:3d:6b:22:be:74:7d:de:a1:27:48:0d:a4:
                    33:67:19:5c:59:03:c7:be:1a:97:9b:da:30:b9:c0:
                    2a:5d:90:fc:97:6e:ff:d3:3a:69:92:d3:22:92:3f:
                    bf:e2:de:84:5b:bd:c1:44:1a:15:b7:ec:ed:b3:f1:
                    dc:36:63:15:3c:86:2e:85:8e:b7:b6:88:24:85:a5:
                    23:e2:a6:f5:e4:96:3b:ae:b5:d0:03:1d:89:1a:7d:
                    8a:45:85:76:6a:09:fd:95:1c:e5:78:9e:9c:6b:f6:
                    dd:6b:3c:90:a5:aa:e7:ec:2f:c9:cb:c0:76:de:b9:
                    e8:36:84:48:07:b3:6a:b4:3f:75:82:b1:8a:45:7d:
                    fe:4b:27:37:59:be:32:2c:3d:d8:a0:86:a7:7a:3b:
                    d0:50:1d:d3:da:81:d0:d6:71:52:00:66:a0:ce:47:
                    c9:fe:af:de:01:32:60:0d:2e:a1:42:fd:b9:2b:9e:
                    41:df:09:2d:91:4a:30:73:b9:ec:cc:b5:73:b9:23:
                    3e:be:59:ba:92:69:12:4c:a8:f4:07:3d:60:95:62:
                    9c:e0:f7:01:3b:97:48:a5:f6:b5:cb:75:1a:bf:de:
                    c3:47:65:06:9c:7c:9f:c6:9e:b9:dd:21:3f:fc:38:
                    69:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:49:03:E9:BA:0C:97:75:31:E8:E2:96:EE:6C:80:0C:EF:30:5A:AA
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:de:d4:ea:ad:1f:6d:21:1c:e3:45:c9:69:57:ea:e8:f8:e8:
         a7:cc:47:0e:82:0b:43:8e:fe:e6:d3:dd:7c:83:8a:98:d0:7c:
         3e:9d:7c:9b:e9:ec:04:39:6b:b2:70:09:91:10:67:be:69:8e:
         83:aa:55:a4:45:8d:e5:a4:c7:42:bc:b3:ce:a4:71:0d:dd:b1:
         5d:43:16:7e:d8:a1:a4:98:ab:79:6c:a9:0a:89:a8:69:fe:35:
         c9:89:d4:c3:84:eb:ba:18:a0:00:bf:52:5c:5a:2e:11:30:ee:
         1e:41:9e:0c:b3:a2:dd:d6:de:d3:5d:d7:b1:da:30:c3:21:ee:
         23:3a:03:fe:f5:d5:d3:7b:f8:59:f3:bf:8d:0e:1e:fe:b1:2d:
         17:fd:96:e4:c1:31:17:43:7c:31:33:b1:0f:52:e8:1b:3b:69:
         dc:6a:9c:d0:d0:bd:7d:a4:c3:1c:c3:f4:8e:6c:ec:5d:92:14:
         4c:d8:34:9c:ec:76:04:b6:e6:9b:30:d6:70:be:39:cc:a1:6c:
         47:64:f1:8f:03:67:8f:1a:1b:5b:be:3c:7f:6c:28:b9:0f:db:
         0f:12:98:c6:7d:31:d5:41:3f:84:47:bc:a4:e7:ba:5c:29:fc:
         a8:00:3a:a3:05:b0:50:a6:e6:0d:c6:19:9d:ef:fe:13:43:f2:
         ca:12:35:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJbHmkszjtAQBKeyh3dpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjUxMTExMDkwMTA0WhcNMjUxMTEyMDkwMTA0WjAzMTEwLwYDVQQD
Eyg2NjQ5MDNlOWJhMGM5Nzc1MzFlOGUyOTZlZTZjODAwY2VmMzA1YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc6TUSkIB8yxG7I0SpJu3Zw9ayK+
dH3eoSdIDaQzZxlcWQPHvhqXm9owucAqXZD8l27/0zppktMikj+/4t6EW73BRBoV
t+zts/HcNmMVPIYuhY63togkhaUj4qb15JY7rrXQAx2JGn2KRYV2agn9lRzleJ6c
a/bdazyQparn7C/Jy8B23rnoNoRIB7NqtD91grGKRX3+Syc3Wb4yLD3YoIanejvQ
UB3T2oHQ1nFSAGagzkfJ/q/eATJgDS6hQv25K55B3wktkUowc7nszLVzuSM+vlm6
kmkSTKj0Bz1glWKc4PcBO5dIpfa1y3Uav97DR2UGnHyfxp653SE//DhprQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZJA+m6DJd1Mejilu5sgAzvMFqqMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcN7U6q0f
bSEc40XJaVfq6Pjop8xHDoILQ47+5tPdfIOKmNB8Pp18m+nsBDlrsnAJkRBnvmmO
g6pVpEWN5aTHQryzzqRxDd2xXUMWftihpJireWypComoaf41yYnUw4TruhigAL9S
XFouETDuHkGeDLOi3dbe013XsdowwyHuIzoD/vXV03v4WfO/jQ4e/rEtF/2W5MEx
F0N8MTOxD1LoGztp3Gqc0NC9faTDHMP0jmzsXZIUTNg0nOx2BLbmmzDWcL45zKFs
R2TxjwNnjxobW748f2wouQ/bDxKYxn0x1UE/hEe8pOe6XCn8qAA6owWwUKbmDcYZ
ne/+E0PyyhI1LA==
-----END CERTIFICATE-----