Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
File:                     jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json)
Hash identifier:          VFatmUcWKjhSVufrmsroo+JhzJ/TL2N3faavwa7PYWg=
Subject key identifier:   EE:7B:F4:C5:52:E9:F5:43:C8:02:CD:46:2A:08:88:3E:91:03:BF:2A
Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2
Certificate issuer:       /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
Certificate serial:       019A71B8B99A92E21257CD7158F34E343A52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
Manifest number:          1233
Signing time:             Tue 11 Nov 2025 07:02:02 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:02 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:02 +0000
Files and hashes:         1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: IeBKCJeTf3eTbnCI+92ybHxgtO6EaUuqpEefL38lSO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:b9:9a:92:e2:12:57:cd:71:58:f3:4e:34:3a:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
        Validity
            Not Before: Nov 11 07:02:02 2025 GMT
            Not After : Nov 12 07:02:02 2025 GMT
        Subject: CN=ee7bf4c552e9f543c802cd462a08883e9103bf2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:0e:a9:b7:93:91:c5:9b:68:b8:ca:10:b8:85:
                    a6:c7:42:d6:70:d8:86:16:28:ff:ad:37:0f:07:a9:
                    03:e4:49:02:d9:69:3e:20:86:17:d7:ae:00:0d:5d:
                    b4:b0:16:1c:03:67:ce:73:3c:50:da:8c:09:5c:05:
                    0f:96:71:e8:39:df:4b:62:b4:0d:98:7e:48:68:1f:
                    99:40:d7:85:d8:4c:00:a0:31:68:fe:fc:1b:4e:12:
                    ea:52:88:94:2e:75:3d:78:bc:0e:dc:64:9e:6b:45:
                    55:44:27:d2:e9:84:a9:10:f9:de:2f:13:41:e6:8a:
                    a5:07:d7:0b:a5:b2:c1:e9:0a:a8:23:f3:4f:a2:d2:
                    b3:1f:55:3b:37:60:84:bd:54:64:f5:c2:b3:13:9e:
                    bd:87:29:f1:7d:1e:a7:46:37:19:96:77:4a:70:f4:
                    19:7c:ad:85:cc:a1:e8:30:93:04:b6:19:1d:aa:3a:
                    46:40:86:d2:f8:14:84:ea:e1:51:9a:fa:48:fd:29:
                    ac:1f:5b:91:36:15:e6:0f:9d:cb:e2:11:90:d7:2a:
                    29:ef:6b:ab:78:2a:97:bd:cb:0e:34:21:ae:8d:c5:
                    c6:d8:32:c8:d4:18:98:a8:05:72:1d:a1:21:af:a2:
                    ef:6e:76:66:19:05:bf:e9:c3:0b:09:2c:5c:89:fc:
                    3a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:7B:F4:C5:52:E9:F5:43:C8:02:CD:46:2A:08:88:3E:91:03:BF:2A
            X509v3 Authority Key Identifier:
                keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:4f:4b:2b:06:3a:96:ae:bb:59:c3:1c:b6:3c:87:a6:20:35:
         d1:55:37:20:e3:2a:e4:cc:37:b1:4b:b6:99:7c:08:e4:03:e9:
         ce:e2:3b:18:3a:15:67:f3:33:5f:24:1d:f6:e7:de:b2:19:e2:
         9f:bc:4a:56:73:26:65:1d:8c:25:79:53:37:fc:30:8a:c0:24:
         21:72:df:fb:11:5c:16:87:fa:81:63:d7:a4:e7:78:41:6b:eb:
         1b:6b:fe:36:29:77:d7:cc:03:b4:c1:1d:5c:3e:ac:19:e0:08:
         26:4f:2b:d8:26:b0:84:1a:3b:1c:17:a3:2a:c7:59:8b:96:13:
         b6:e2:2f:58:22:4d:99:a4:05:7c:f7:e5:19:7d:55:b7:37:85:
         64:38:ee:90:2a:41:a7:da:2c:8f:ae:48:96:13:af:9f:cd:1c:
         e0:70:6c:2b:c9:27:b8:61:bb:e0:4d:24:15:0f:68:84:c7:ab:
         00:39:eb:27:62:f6:52:d1:93:3a:0a:45:8c:3c:7b:ae:1e:f6:
         04:9e:63:5a:f8:5d:76:4a:f9:c9:f1:a8:59:2a:ea:be:38:ae:
         06:15:7e:8f:93:22:ad:d0:f9:3a:83:76:60:1e:62:ba:3b:96:
         cf:46:0d:b9:5f:13:fa:00:ca:35:61:c3:fa:e0:d5:50:99:74:
         7c:e0:39:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLmakuISV81xWPNONDpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy
MWY4ZTIwHhcNMjUxMTExMDcwMjAyWhcNMjUxMTEyMDcwMjAyWjAzMTEwLwYDVQQD
EyhlZTdiZjRjNTUyZTlmNTQzYzgwMmNkNDYyYTA4ODgzZTkxMDNiZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ6pt5ORxZtouMoQuIWmx0LWcNiG
Fij/rTcPB6kD5EkC2Wk+IIYX164ADV20sBYcA2fOczxQ2owJXAUPlnHoOd9LYrQN
mH5IaB+ZQNeF2EwAoDFo/vwbThLqUoiULnU9eLwO3GSea0VVRCfS6YSpEPneLxNB
5oqlB9cLpbLB6QqoI/NPotKzH1U7N2CEvVRk9cKzE569hynxfR6nRjcZlndKcPQZ
fK2FzKHoMJMEthkdqjpGQIbS+BSE6uFRmvpI/SmsH1uRNhXmD53L4hGQ1yop72ur
eCqXvcsONCGujcXG2DLI1BiYqAVyHaEhr6LvbnZmGQW/6cMLCSxcifw6WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO579MVS6fVDyALNRioIiD6RA78qMB8GA1UdIwQY
MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt
YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3
LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVE9LKwY6
lq67WcMctjyHpiA10VU3IOMq5Mw3sUu2mXwI5APpzuI7GDoVZ/MzXyQd9ufeshni
n7xKVnMmZR2MJXlTN/wwisAkIXLf+xFcFof6gWPXpOd4QWvrG2v+Nil318wDtMEd
XD6sGeAIJk8r2CawhBo7HBejKsdZi5YTtuIvWCJNmaQFfPflGX1VtzeFZDjukCpB
p9osj65IlhOvn80c4HBsK8knuGG74E0kFQ9ohMerADnrJ2L2UtGTOgpFjDx7rh72
BJ5jWvhddkr5yfGoWSrqvjiuBhV+j5MirdD5OoN2YB5iujuWz0YNuV8T+gDKNWHD
+uDVUJl0fOA55A==
-----END CERTIFICATE-----