Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
File:                     xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json)
Hash identifier:          yx9YENdvFzDv07gzR0qQTLuQSjkeKM48qe6MBCcugqA=
Subject key identifier:   8F:89:B4:F1:2E:B6:2E:E4:44:E6:93:0B:07:07:C9:2A:55:CB:3B:B3
Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
Certificate issuer:       /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Certificate serial:       019A72258482CCFCEDD4229317EBDD506753
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
Manifest number:          1490
Signing time:             Tue 11 Nov 2025 09:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:52 +0000
Files and hashes:         1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: JueeX1g1tOuTj3RmSmcP+us1EvjUYA7gpjQTXpzKsnk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:84:82:cc:fc:ed:d4:22:93:17:eb:dd:50:67:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
        Validity
            Not Before: Nov 11 09:00:52 2025 GMT
            Not After : Nov 12 09:00:52 2025 GMT
        Subject: CN=8f89b4f12eb62ee444e6930b0707c92a55cb3bb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a7:70:96:3d:b9:02:ec:c4:f8:ec:63:61:32:
                    4b:a5:b0:22:c0:5d:73:b6:c4:6b:2a:62:91:a3:f3:
                    9c:db:3b:40:9a:bf:32:8f:75:5d:6e:af:02:07:5e:
                    5f:8d:83:4c:35:68:c1:ec:15:13:ab:b6:38:ff:f7:
                    d6:92:07:d6:68:bc:5a:aa:36:33:17:f1:08:b8:ab:
                    24:94:da:19:8f:92:f4:6a:df:7e:92:62:c8:a5:a3:
                    4f:af:6f:89:3f:af:ec:3f:ce:18:1d:dd:73:62:d2:
                    49:e8:a5:c0:6c:3c:04:ac:db:5f:de:d6:6e:70:70:
                    94:13:35:16:a8:10:8d:9c:bd:bf:1a:1d:c0:63:63:
                    40:d3:df:dd:46:57:00:33:db:1e:40:99:74:51:8e:
                    79:41:b1:c7:51:9e:fe:6f:0a:89:3f:b7:19:b0:fe:
                    c6:b1:db:55:6e:06:7a:23:eb:fa:8f:1d:04:95:cf:
                    a5:f0:6d:0c:3f:26:75:96:2e:e5:cc:e8:62:2a:a3:
                    86:b2:2f:2d:f3:ca:8d:52:90:4b:35:40:c8:3c:4f:
                    38:ca:3f:e3:f1:91:62:b0:55:81:25:59:d7:2f:5b:
                    c0:70:88:28:2d:fa:f9:af:74:c6:69:17:72:26:1d:
                    fd:3d:3f:dd:13:be:d2:1a:a4:af:6e:1e:da:c2:45:
                    86:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:89:B4:F1:2E:B6:2E:E4:44:E6:93:0B:07:07:C9:2A:55:CB:3B:B3
            X509v3 Authority Key Identifier:
                keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:f0:d9:b8:1d:38:ec:65:85:9e:ff:1b:93:32:be:cb:0e:9b:
         7c:b7:06:79:0e:83:2f:ac:2f:ad:5f:7c:1d:70:8d:32:d3:74:
         b1:a6:c0:d6:27:a8:90:95:27:54:b8:6f:78:e8:3f:a0:aa:ce:
         7a:11:cf:17:a3:40:2b:c2:5d:9b:db:cc:ee:50:13:f6:eb:46:
         74:43:af:ca:b2:70:b5:25:f8:a9:e6:d1:df:8f:00:48:80:cb:
         f1:aa:e4:a0:62:2b:04:a8:70:cc:f4:20:52:01:b6:fe:53:60:
         c3:cb:50:09:e7:7e:f4:a3:f9:b2:46:8b:ad:ce:f1:83:d1:86:
         53:97:5c:44:e3:23:f1:6e:bc:96:a0:ad:d3:57:61:99:fa:11:
         6f:a2:c5:32:ab:0a:4d:dc:5c:3f:9f:78:aa:6a:f0:df:c2:6e:
         f8:ce:6c:77:45:5c:ad:8b:2a:59:b9:32:38:3c:29:35:bd:08:
         7d:30:47:38:e4:db:f8:34:6f:05:92:af:cf:33:53:4b:97:45:
         63:fe:0f:e0:b2:67:b0:1a:e6:54:18:2b:55:a9:d4:22:12:ac:
         4c:9c:4c:bf:e2:36:ca:e6:d3:81:f4:71:51:1c:01:11:cb:02:
         0a:a7:46:9a:39:fd:d5:9e:d2:74:8e:e9:e1:e9:b1:55:c6:ea:
         c5:67:2b:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYSCzPzt1CKTF+vdUGdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0
MGNiODIwHhcNMjUxMTExMDkwMDUyWhcNMjUxMTEyMDkwMDUyWjAzMTEwLwYDVQQD
Eyg4Zjg5YjRmMTJlYjYyZWU0NDRlNjkzMGIwNzA3YzkyYTU1Y2IzYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqdwlj25AuzE+OxjYTJLpbAiwF1z
tsRrKmKRo/Oc2ztAmr8yj3Vdbq8CB15fjYNMNWjB7BUTq7Y4//fWkgfWaLxaqjYz
F/EIuKsklNoZj5L0at9+kmLIpaNPr2+JP6/sP84YHd1zYtJJ6KXAbDwErNtf3tZu
cHCUEzUWqBCNnL2/Gh3AY2NA09/dRlcAM9seQJl0UY55QbHHUZ7+bwqJP7cZsP7G
sdtVbgZ6I+v6jx0Elc+l8G0MPyZ1li7lzOhiKqOGsi8t88qNUpBLNUDIPE84yj/j
8ZFisFWBJVnXL1vAcIgoLfr5r3TGaRdyJh39PT/dE77SGqSvbh7awkWGzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+JtPEuti7kROaTCwcHySpVyzuzMB8GA1UdIwQY
MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt
ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0
LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArfDZuB04
7GWFnv8bkzK+yw6bfLcGeQ6DL6wvrV98HXCNMtN0sabA1ieokJUnVLhveOg/oKrO
ehHPF6NAK8Jdm9vM7lAT9utGdEOvyrJwtSX4qebR348ASIDL8arkoGIrBKhwzPQg
UgG2/lNgw8tQCed+9KP5skaLrc7xg9GGU5dcROMj8W68lqCt01dhmfoRb6LFMqsK
TdxcP594qmrw38Ju+M5sd0VcrYsqWbkyODwpNb0IfTBHOOTb+DRvBZKvzzNTS5dF
Y/4P4LJnsBrmVBgrVanUIhKsTJxMv+I2yubTgfRxURwBEcsCCqdGmjn91Z7SdI7p
4emxVcbqxWcr/A==
-----END CERTIFICATE-----