Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft
File:                     VzBZUuVZXOl-QzVLLv3cewc72ck.mft (raw, json)
Hash identifier:          P/Un1vEvUJdkf0+HM+Vz1W8FYQO50osYc992PrEGrCM=
Subject key identifier:   D4:1C:C9:4B:84:BF:FF:3B:FD:9F:B7:E6:96:CE:3B:8B:43:C7:CB:D4
Authority key identifier: 57:30:59:52:E5:59:5C:E9:7E:43:35:4B:2E:FD:DC:7B:07:3B:D9:C9
Certificate issuer:       /CN=57305952e5595ce97e43354b2efddc7b073bd9c9
Certificate serial:       019A72CA93EA82D0C10CC1D30748C46F3A87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VzBZUuVZXOl-QzVLLv3cewc72ck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft
Manifest number:          39
Signing time:             Tue 11 Nov 2025 12:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 12:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 12:01:10 +0000
Files and hashes:         1: VzBZUuVZXOl-QzVLLv3cewc72ck.crl (hash: kDX/IXBLN6gDnPmSnvufYiupUIoK7qIcLuaUWlt9WF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VzBZUuVZXOl-QzVLLv3cewc72ck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:93:ea:82:d0:c1:0c:c1:d3:07:48:c4:6f:3a:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57305952e5595ce97e43354b2efddc7b073bd9c9
        Validity
            Not Before: Nov 11 12:01:10 2025 GMT
            Not After : Nov 12 12:01:10 2025 GMT
        Subject: CN=d41cc94b84bfff3bfd9fb7e696ce3b8b43c7cbd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:54:d4:4e:d5:cd:d7:f7:0e:88:90:c0:b4:c5:
                    97:e2:e8:c3:bf:09:10:0d:2c:6c:9c:58:aa:2b:84:
                    9c:b8:2f:78:8d:92:29:8d:73:e1:7f:f6:49:5d:fd:
                    24:70:08:c9:a8:98:4d:c8:d5:4c:37:47:c8:26:f2:
                    89:50:b2:38:0b:22:e9:64:89:37:e0:c2:5a:16:5e:
                    ac:33:49:0c:63:a6:af:18:04:23:59:e7:15:70:34:
                    85:25:60:84:d4:f4:f7:87:96:e6:41:19:9c:29:7e:
                    9f:8d:7a:93:30:97:d8:66:36:42:fd:e4:93:2b:c6:
                    e2:27:dc:2a:46:5f:3f:10:d0:9d:b3:9a:89:8a:2a:
                    fb:71:7a:aa:84:fa:4d:95:e2:93:5b:a1:52:e0:76:
                    53:c8:88:b0:9d:c4:4b:25:bf:93:cd:18:8a:27:f5:
                    c7:99:a9:0e:2a:14:b6:cb:dc:e9:65:15:1f:ed:ce:
                    bd:e4:cf:33:7c:be:de:94:8f:69:4f:9e:4c:08:46:
                    a5:d8:52:56:92:07:8a:62:03:ae:ca:a3:ef:6e:60:
                    0c:b9:1e:e2:67:fc:6a:5e:5d:98:27:94:22:78:e2:
                    d0:1b:5a:97:00:31:af:2f:82:3b:0e:8e:74:99:f2:
                    03:2e:37:f9:27:d5:a0:c2:e3:ba:4b:59:11:a0:e9:
                    aa:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:1C:C9:4B:84:BF:FF:3B:FD:9F:B7:E6:96:CE:3B:8B:43:C7:CB:D4
            X509v3 Authority Key Identifier:
                keyid:57:30:59:52:E5:59:5C:E9:7E:43:35:4B:2E:FD:DC:7B:07:3B:D9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VzBZUuVZXOl-QzVLLv3cewc72ck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:88:e8:27:e6:f0:3c:a9:6b:3e:54:a1:0a:fe:2e:e0:8b:9b:
         73:89:86:39:62:4a:16:3d:0a:f2:bc:5a:54:39:41:b3:fd:8e:
         bc:e2:db:76:a1:39:1c:a2:42:d0:40:df:5c:51:4c:2a:bc:68:
         93:c8:b5:46:18:3f:5c:c8:f6:cc:bd:67:ae:19:30:d6:29:12:
         2a:25:c4:8b:10:ae:12:19:fa:79:f7:5e:fe:a6:a4:f2:5a:f1:
         a1:06:f2:7a:62:6c:47:26:3d:7c:4e:73:d3:b0:42:cf:e9:ab:
         06:08:d1:ff:b4:5c:28:ae:fe:a5:55:02:22:f5:f5:78:b7:3d:
         6e:4f:6f:25:e8:cc:7d:a2:0c:4c:de:00:2b:25:32:35:b4:cd:
         a0:bc:a7:98:0d:38:cd:64:ee:d3:43:65:3d:9f:1d:ba:44:79:
         48:4d:28:0a:a2:91:d6:27:cf:7c:6d:ff:53:7b:f7:1b:2b:cd:
         fe:21:ca:ed:67:1a:b8:e9:e9:a3:1a:c5:6f:98:3d:a2:14:90:
         46:f8:6c:df:bd:5d:20:d2:44:1d:00:de:5d:53:98:80:ab:cf:
         f1:c6:47:21:cc:50:3d:bd:fd:3b:2e:61:40:8f:0c:67:8b:21:
         75:00:06:3b:1e:43:ac:b9:d4:66:58:05:72:6b:fb:fe:4f:8b:
         ce:06:dd:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyypPqgtDBDMHTB0jEbzqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MzA1OTUyZTU1OTVjZTk3ZTQzMzU0YjJlZmRkYzdiMDcz
YmQ5YzkwHhcNMjUxMTExMTIwMTEwWhcNMjUxMTEyMTIwMTEwWjAzMTEwLwYDVQQD
EyhkNDFjYzk0Yjg0YmZmZjNiZmQ5ZmI3ZTY5NmNlM2I4YjQzYzdjYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulTUTtXN1/cOiJDAtMWX4ujDvwkQ
DSxsnFiqK4ScuC94jZIpjXPhf/ZJXf0kcAjJqJhNyNVMN0fIJvKJULI4CyLpZIk3
4MJaFl6sM0kMY6avGAQjWecVcDSFJWCE1PT3h5bmQRmcKX6fjXqTMJfYZjZC/eST
K8biJ9wqRl8/ENCds5qJiir7cXqqhPpNleKTW6FS4HZTyIiwncRLJb+TzRiKJ/XH
makOKhS2y9zpZRUf7c695M8zfL7elI9pT55MCEal2FJWkgeKYgOuyqPvbmAMuR7i
Z/xqXl2YJ5QieOLQG1qXADGvL4I7Do50mfIDLjf5J9WgwuO6S1kRoOmq8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQcyUuEv/87/Z+35pbOO4tDx8vUMB8GA1UdIwQY
MBaAFFcwWVLlWVzpfkM1Sy793HsHO9nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnpCWlV1VlpYT2wtUXpWTEx2M2Nld2M3MmNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iOTQ1YzAtNGUyOS00YTE1LWJkZjYt
MmYzYmUwNjI4NThkLzEvVnpCWlV1VlpYT2wtUXpWTEx2M2Nld2M3MmNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iOTQ1YzAtNGUyOS00YTE1LWJkZjYtMmYzYmUwNjI4NThk
LzEvVnpCWlV1VlpYT2wtUXpWTEx2M2Nld2M3MmNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUIjoJ+bw
PKlrPlShCv4u4Iubc4mGOWJKFj0K8rxaVDlBs/2OvOLbdqE5HKJC0EDfXFFMKrxo
k8i1Rhg/XMj2zL1nrhkw1ikSKiXEixCuEhn6efde/qak8lrxoQbyemJsRyY9fE5z
07BCz+mrBgjR/7RcKK7+pVUCIvX1eLc9bk9vJejMfaIMTN4AKyUyNbTNoLynmA04
zWTu00NlPZ8dukR5SE0oCqKR1ifPfG3/U3v3GyvN/iHK7WcauOnpoxrFb5g9ohSQ
Rvhs371dINJEHQDeXVOYgKvP8cZHIcxQPb39Oy5hQI8MZ4shdQAGOx5DrLnUZlgF
cmv7/k+LzgbdJA==
-----END CERTIFICATE-----