Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
File:                     8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft (raw, json)
Hash identifier:          TImqxq35/cK/4OB3Wq2wdsuLvDtkD4erxJaFWtSWQEA=
Subject key identifier:   33:5A:E2:AB:79:2B:20:F9:BD:58:7A:DB:33:A3:3E:EF:B0:D3:F6:2B
Authority key identifier: F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7
Certificate issuer:       /CN=f08a2cec7101f21773defc5916c08b01c18590e7
Certificate serial:       019A7180823A6DE4104E8CD5C6D60BF14664
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
Manifest number:          3B
Signing time:             Tue 11 Nov 2025 06:00:38 +0000
Manifest this update:     Tue 11 Nov 2025 06:00:38 +0000
Manifest next update:     Wed 12 Nov 2025 06:00:38 +0000
Files and hashes:         1: 8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl (hash: +EbZCsKUWpwA/GedCg21TtP0JqQSAK4VUmj7P97uKwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:80:82:3a:6d:e4:10:4e:8c:d5:c6:d6:0b:f1:46:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f08a2cec7101f21773defc5916c08b01c18590e7
        Validity
            Not Before: Nov 11 06:00:38 2025 GMT
            Not After : Nov 12 06:00:38 2025 GMT
        Subject: CN=335ae2ab792b20f9bd587adb33a33eefb0d3f62b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:da:66:c8:2a:56:0b:a0:f8:75:46:52:5b:4d:
                    2d:65:28:f7:b1:50:87:ba:f9:0a:03:3f:fb:ab:f2:
                    dc:45:93:e7:bf:62:ac:ba:f8:db:48:97:ed:f9:a2:
                    8e:e3:e1:1b:f4:a7:2b:10:85:0a:ce:c3:72:15:dd:
                    d0:a1:34:2a:3e:37:df:4a:0f:74:86:ea:e8:5b:fc:
                    43:fa:46:b3:a3:ae:b2:98:7f:6d:78:7d:b8:22:50:
                    4f:81:2f:07:da:51:1d:1e:9e:33:c7:1b:5a:a2:10:
                    fd:3d:f8:15:8a:36:e7:99:5f:78:b3:16:1e:42:3c:
                    d8:39:cd:f9:19:94:83:9c:d8:73:a3:8b:bc:44:53:
                    3d:be:50:fb:21:68:d1:3f:6c:f5:ea:75:d9:83:c6:
                    88:b9:c0:4b:5d:07:d3:d8:4f:d3:57:c7:22:a2:5a:
                    e6:d5:aa:47:ec:45:e4:96:87:e0:25:95:09:87:1e:
                    94:2c:d6:04:d5:88:79:7f:15:ec:06:95:90:7e:c3:
                    5b:05:2d:3b:06:df:57:94:b3:89:8d:6f:d3:8b:9a:
                    88:fc:e2:50:6b:35:d2:92:83:cd:e8:ef:60:d4:56:
                    2a:6a:4b:53:3e:cf:bb:9d:cf:cb:f6:df:87:d2:28:
                    c8:91:e9:f2:6d:5d:5e:1f:8a:6f:99:9c:e5:05:5c:
                    35:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:5A:E2:AB:79:2B:20:F9:BD:58:7A:DB:33:A3:3E:EF:B0:D3:F6:2B
            X509v3 Authority Key Identifier:
                keyid:F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:c2:25:4a:60:b7:77:b0:d5:e9:a4:8b:21:54:32:23:e6:0a:
         a9:39:12:a0:e8:b5:3b:0f:2f:63:5d:04:3c:8e:dc:0b:6d:3e:
         b9:de:85:3d:4b:e1:5f:ee:6b:11:e9:5d:b0:de:8d:37:07:cd:
         72:28:c3:4b:ea:58:48:cd:db:07:e0:25:32:26:fd:fb:64:ec:
         30:dd:63:4a:45:0c:c1:9f:ab:c2:84:a5:a7:d3:50:06:17:a4:
         88:c6:cc:62:5a:fa:0b:37:cf:04:d7:ed:75:1d:6d:b9:71:85:
         08:0e:65:68:57:dc:14:47:2c:37:15:6c:7e:ed:27:08:e3:16:
         38:39:a4:8a:36:54:74:40:c8:a5:42:70:74:d4:0e:8e:73:eb:
         07:52:30:2e:4e:4a:0b:7e:a7:11:20:1b:d4:c0:0c:a0:c3:14:
         2e:09:28:fe:15:9f:e1:cd:4c:a3:00:71:28:e5:aa:42:6e:35:
         0f:e6:bd:b7:f5:ae:df:13:de:6d:63:03:24:f4:4d:f7:82:4e:
         00:5c:dc:b3:30:f6:c5:0e:e4:08:06:f8:79:65:c7:65:e6:78:
         c5:57:de:93:82:9a:34:49:73:dc:d7:25:f4:66:07:c7:9d:59:
         ec:40:3a:65:9d:3d:dd:02:c2:0c:d2:bd:0d:ef:5b:cd:9c:0b:
         4d:3b:da:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgII6beQQTozVxtYL8UZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwOGEyY2VjNzEwMWYyMTc3M2RlZmM1OTE2YzA4YjAxYzE4
NTkwZTcwHhcNMjUxMTExMDYwMDM4WhcNMjUxMTEyMDYwMDM4WjAzMTEwLwYDVQQD
EygzMzVhZTJhYjc5MmIyMGY5YmQ1ODdhZGIzM2EzM2VlZmIwZDNmNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNpmyCpWC6D4dUZSW00tZSj3sVCH
uvkKAz/7q/LcRZPnv2KsuvjbSJft+aKO4+Eb9KcrEIUKzsNyFd3QoTQqPjffSg90
huroW/xD+kazo66ymH9teH24IlBPgS8H2lEdHp4zxxtaohD9PfgVijbnmV94sxYe
QjzYOc35GZSDnNhzo4u8RFM9vlD7IWjRP2z16nXZg8aIucBLXQfT2E/TV8ciolrm
1apH7EXklofgJZUJhx6ULNYE1Yh5fxXsBpWQfsNbBS07Bt9XlLOJjW/Ti5qI/OJQ
azXSkoPN6O9g1FYqaktTPs+7nc/L9t+H0ijIkenybV1eH4pvmZzlBVw18QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNa4qt5KyD5vVh62zOjPu+w0/YrMB8GA1UdIwQY
MBaAFPCKLOxxAfIXc978WRbAiwHBhZDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTct
NjViNjQwOGJkZmZlLzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTctNjViNjQwOGJkZmZl
LzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAisIlSmC3
d7DV6aSLIVQyI+YKqTkSoOi1Ow8vY10EPI7cC20+ud6FPUvhX+5rEeldsN6NNwfN
cijDS+pYSM3bB+AlMib9+2TsMN1jSkUMwZ+rwoSlp9NQBhekiMbMYlr6CzfPBNft
dR1tuXGFCA5laFfcFEcsNxVsfu0nCOMWODmkijZUdEDIpUJwdNQOjnPrB1IwLk5K
C36nESAb1MAMoMMULgko/hWf4c1MowBxKOWqQm41D+a9t/Wu3xPebWMDJPRN94JO
AFzcszD2xQ7kCAb4eWXHZeZ4xVfek4KaNElz3Ncl9GYHx51Z7EA6ZZ093QLCDNK9
De9bzZwLTTvafQ==
-----END CERTIFICATE-----